$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ba0659ea-8ed9-4a7e-84c3-131d4d5ba252.roa File: ba0659ea-8ed9-4a7e-84c3-131d4d5ba252.roa (raw, json) Hash identifier: pGX4sevipBWrJlLTxnhYzKr0jmcjSw7mRlFBYlrBbNE= Subject key identifier: 0C:04:58:FD:55:97:0A:E7:06:F3:81:E6:7A:9F:3B:85:D8:30:BC:C3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6AABAF1429A0C1B67602C8DFBCFBB51D1505B695 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ba0659ea-8ed9-4a7e-84c3-131d4d5ba252.roa Signing time: Mon 21 Apr 2025 16:20:55 +0000 ROA not before: Mon 21 Apr 2025 16:20:55 +0000 ROA not after: Mon 26 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:ab:af:14:29:a0:c1:b6:76:02:c8:df:bc:fb:b5:1d:15:05:b6:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 21 16:20:55 2025 GMT Not After : May 26 23:59:59 2025 GMT Subject: serialNumber=8e6ab9c11e5fa810af6e32fbdc22c30fcbf8b0620eea8523b56a62d47f298305, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:dd:44:d3:fb:ec:b5:3b:90:c4:43:d2:ff:16: ac:0c:49:f4:6c:1d:a4:11:54:13:1d:bb:34:4d:a0: 1e:f0:42:0c:c5:b9:45:24:95:bb:ca:1d:97:44:ee: 8c:3a:b2:af:ba:b7:21:a0:aa:30:00:05:ab:cb:60: 8a:5b:e7:a7:f7:ef:81:05:bd:21:5d:e4:c6:32:f7: 33:4b:05:85:f8:f9:10:df:81:51:a7:37:f2:b1:b4: aa:e3:a5:c4:76:90:05:28:d6:29:0b:4f:34:14:39: 6c:d7:5c:ab:28:47:cb:5a:19:f7:78:30:c8:86:42: 18:36:bc:ce:8b:4a:35:a4:a7:10:7f:55:8a:1f:38: 06:8c:e2:c7:34:f3:44:06:28:87:06:4a:b3:38:0f: 66:1a:80:c9:5a:d7:f6:bc:1b:98:f5:5e:0a:70:ae: 23:34:16:68:f7:b5:36:68:1e:cb:d8:c5:aa:bf:85: 45:8c:98:52:21:71:c1:b0:23:14:0d:e1:09:23:b8: 62:e2:21:e7:d5:f1:3b:67:42:e0:e3:80:22:3a:d7: 5d:82:9c:3d:0e:e5:b0:5b:00:08:75:fb:29:03:29: 8e:0e:c8:8a:90:5b:b1:39:b8:1f:4e:77:85:2f:86: 8c:7f:97:ba:e3:3b:b4:21:c9:4d:1b:23:d1:c3:a8: 01:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:04:58:FD:55:97:0A:E7:06:F3:81:E6:7A:9F:3B:85:D8:30:BC:C3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ba0659ea-8ed9-4a7e-84c3-131d4d5ba252.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:4000::/40 Signature Algorithm: sha256WithRSAEncryption 38:89:d6:43:0f:39:f9:a4:3b:dc:80:82:83:15:9d:f5:76:cd: b0:22:ff:ad:7e:a7:25:81:e1:62:9b:7a:ba:df:71:08:ab:e1: ba:3c:67:31:1c:65:78:38:e2:34:3c:7d:ed:cc:a3:53:35:82: 5c:a5:8e:81:71:e9:f3:2b:1a:07:e4:c5:b0:7f:96:e8:e6:35: ce:65:45:aa:c0:1a:e8:50:b6:36:9f:d2:fb:de:29:5a:33:5a: e0:a8:90:65:e4:3a:47:ad:54:b2:58:68:77:c6:46:ab:3d:b0: a4:62:8a:ee:9f:a0:08:da:79:c4:22:e5:c4:c1:f2:4f:e9:92: a6:c5:37:fd:49:11:70:56:f3:8c:93:87:0e:47:e4:b6:40:52: d3:2c:f9:a0:b9:48:91:6d:fe:a1:4d:d7:fe:f5:11:38:1f:da: 54:29:71:c7:97:ab:c3:f8:9a:32:d5:cb:b1:ee:c2:cb:13:81: 83:fb:18:34:fd:1d:e7:92:98:ab:ac:ce:46:e1:ee:19:ca:a8: 35:ec:a3:d9:df:6f:b7:3b:67:91:4c:6d:cb:16:87:37:bc:d7: e8:48:00:38:30:15:d6:bb:60:29:be:73:4e:23:a0:f5:83:40: 07:dc:e8:53:3d:77:1f:7e:b5:b4:3e:7c:1d:c1:6d:20:8a:09: e9:12:a4:1f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUaquvFCmgwbZ2AsjfvPu1HRUFtpUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQyMTE2MjA1NVoX DTI1MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAOGU2YWI5YzExZTVmYTgxMGFmNmUz MmZiZGMyMmMzMGZjYmY4YjA2MjBlZWE4NTIzYjU2YTYyZDQ3ZjI5ODMwNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo91E0/vstTuQxEPS/xasDEn0bB2k EVQTHbs0TaAe8EIMxblFJJW7yh2XRO6MOrKvurchoKowAAWry2CKW+en9++BBb0h XeTGMvczSwWF+PkQ34FRpzfysbSq46XEdpAFKNYpC080FDls11yrKEfLWhn3eDDI hkIYNrzOi0o1pKcQf1WKHzgGjOLHNPNEBiiHBkqzOA9mGoDJWtf2vBuY9V4KcK4j NBZo97U2aB7L2MWqv4VFjJhSIXHBsCMUDeEJI7hi4iHn1fE7Z0Lg44AiOtddgpw9 DuWwWwAIdfspAymODsiKkFuxObgfTneFL4aMf5e64zu0IclNGyPRw6gBIQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAwEWP1VlwrnBvOB5nqfO4XYMLzDMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JhMDY1OWVhLThlZDktNGE3ZS04NGMzLTEzMWQ0ZDViYTI1Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/kAwDQYJKoZIhvcNAQELBQADggEBADiJ1kMPOfmkO9yAgoMV nfV2zbAi/61+pyWB4WKberrfcQir4bo8ZzEcZXg44jQ8fe3Mo1M1glyljoFx6fMr GgfkxbB/lujmNc5lRarAGuhQtjaf0vveKVozWuCokGXkOketVLJYaHfGRqs9sKRi iu6foAjaecQi5cTB8k/pkqbFN/1JEXBW84yThw5H5LZAUtMs+aC5SJFt/qFN1/71 ETgf2lQpcceXq8P4mjLVy7HuwssTgYP7GDT9HeeSmKuszkbh7hnKqDXso9nfb7c7 Z5FMbcsWhze81+hIADgwFda7YCm+c04joPWDQAfc6FM9dx9+tbQ+fB3BbSCKCekS pB8= -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:50 2025 by rpki-client on console.sobornost.net