$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bffbf7d3-f229-458a-8400-7dc848730d21.roa File: bffbf7d3-f229-458a-8400-7dc848730d21.roa (raw, json) Hash identifier: 2iO/VethPn0x4VdXtVcGM3NgG2bEJ6MJ2G5PK0/j/g4= Subject key identifier: 3D:94:8E:74:00:08:F2:4A:EF:14:43:A4:DB:66:33:23:8A:14:93:30 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 553086136A12ADA87047FD09454201B4BC70FA8D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bffbf7d3-f229-458a-8400-7dc848730d21.roa Signing time: Fri 18 Apr 2025 00:00:55 +0000 ROA not before: Fri 18 Apr 2025 00:00:55 +0000 ROA not after: Fri 23 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:c080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:30:86:13:6a:12:ad:a8:70:47:fd:09:45:42:01:b4:bc:70:fa:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 18 00:00:55 2025 GMT Not After : May 23 23:59:59 2025 GMT Subject: serialNumber=33e52f18d76af643ce2b10551f4779caf9aa2d5572734cf6e34ea89c1e49ca0d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:19:64:a9:ef:90:e3:4d:d9:d2:27:5b:12:00: bc:43:a9:54:ad:31:eb:e0:ac:77:0a:10:35:bd:3d: 6e:46:b5:7d:46:cb:0c:4b:ef:c8:ed:ca:bf:59:c9: 1a:1c:c3:87:61:a5:ca:dd:58:01:b4:85:a9:dc:56: 50:4b:39:78:5c:5c:62:18:15:2b:f5:96:67:bf:9a: 3f:d5:3b:33:ec:20:be:22:f1:f1:04:12:b7:cd:a2: 74:82:aa:e7:69:2c:91:e4:40:76:5f:60:b7:cb:c5: 99:fd:63:c7:d6:1e:0e:e7:65:8d:6b:a2:53:bd:05: e2:54:18:65:d6:90:3d:7f:d4:6f:25:ac:12:92:ea: 00:84:03:de:96:44:f9:eb:e5:36:6f:73:12:4f:77: 10:6c:9b:d1:9a:6e:c3:93:0d:ff:f6:b2:15:c8:84: 28:eb:e4:6e:a6:1b:d7:77:ae:0e:7a:c0:f1:6e:73: 82:5f:ee:78:b0:fa:9a:cb:4a:61:cc:61:1c:43:c0: c3:3c:23:42:9b:55:df:28:bc:11:b6:c6:b5:cb:fa: b6:88:db:5c:d4:c9:cf:80:e7:42:b7:40:91:28:fc: 7f:e2:7d:6a:81:04:a7:58:31:ba:41:13:da:f2:05: d2:28:bc:5e:95:b9:ec:13:08:02:f2:ee:e5:f9:39: 2e:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:94:8E:74:00:08:F2:4A:EF:14:43:A4:DB:66:33:23:8A:14:93:30 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bffbf7d3-f229-458a-8400-7dc848730d21.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:c080::/48 Signature Algorithm: sha256WithRSAEncryption b6:1f:9e:01:30:ed:2c:92:33:8b:c0:b4:ad:90:7e:04:b9:db: a2:7b:b9:5c:4d:00:28:c7:5f:dc:d3:23:22:d5:75:35:43:66: 5c:81:3b:c1:67:31:66:dd:82:99:6c:25:50:34:50:ab:5f:f6: 98:27:7d:2b:ba:00:5c:dc:64:7e:3b:ae:7e:32:69:d0:18:ea: bc:8c:69:dd:72:59:92:54:b5:57:4f:7e:1b:c3:ed:5b:1e:aa: 90:12:74:f9:ae:ae:df:00:43:99:92:64:d7:c9:73:e3:00:d3: 86:94:f0:d7:1e:2a:c5:d5:ea:43:a5:14:3d:5c:1a:41:b1:d9: 61:f7:8f:51:cf:6f:93:8a:45:f3:c4:43:bf:2c:0a:05:3f:ae: 8f:b0:86:9a:86:7b:78:9d:03:92:29:50:98:3d:9c:6f:0c:10: c4:83:a9:03:1b:43:0c:22:7c:ea:c8:97:1c:ae:ac:50:62:9a: eb:cc:84:08:3f:c1:fe:c0:19:8c:28:f2:64:c6:1d:da:e1:d4: de:f4:b8:b3:10:1e:e1:13:ff:b5:ab:01:9c:48:73:cc:70:5c: f3:95:e1:6b:d8:a8:31:a2:53:51:35:c2:5d:7e:8c:31:98:95: cb:ee:3c:13:53:f1:41:5e:01:e7:88:f2:c0:c8:e2:51:e1:24: 8e:c6:cb:5b -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUVTCGE2oSrahwR/0JRUIBtLxw+o0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQxODAwMDA1NVoX DTI1MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAMzNlNTJmMThkNzZhZjY0M2NlMmIx MDU1MWY0Nzc5Y2FmOWFhMmQ1NTcyNzM0Y2Y2ZTM0ZWE4OWMxZTQ5Y2EwZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRlkqe+Q403Z0idbEgC8Q6lUrTHr 4Kx3ChA1vT1uRrV9RssMS+/I7cq/WckaHMOHYaXK3VgBtIWp3FZQSzl4XFxiGBUr 9ZZnv5o/1Tsz7CC+IvHxBBK3zaJ0gqrnaSyR5EB2X2C3y8WZ/WPH1h4O52WNa6JT vQXiVBhl1pA9f9RvJawSkuoAhAPelkT56+U2b3MST3cQbJvRmm7Dkw3/9rIVyIQo 6+RuphvXd64OesDxbnOCX+54sPqay0phzGEcQ8DDPCNCm1XfKLwRtsa1y/q2iNtc 1MnPgOdCt0CRKPx/4n1qgQSnWDG6QRPa8gXSKLxelbnsEwgC8u7l+TkuYQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFD2UjnQACPJK7xRDpNtmMyOKFJMwMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JmZmJmN2QzLWYyMjktNDU4YS04NDAwLTdkYzg0ODczMGQyMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8sCAMA0GCSqGSIb3DQEBCwUAA4IBAQC2H54BMO0skjOLwLSt kH4Euduie7lcTQAox1/c0yMi1XU1Q2ZcgTvBZzFm3YKZbCVQNFCrX/aYJ30rugBc 3GR+O65+MmnQGOq8jGndclmSVLVXT34bw+1bHqqQEnT5rq7fAEOZkmTXyXPjANOG lPDXHirF1epDpRQ9XBpBsdlh949Rz2+TikXzxEO/LAoFP66PsIaahnt4nQOSKVCY PZxvDBDEg6kDG0MMInzqyJccrqxQYprrzIQIP8H+wBmMKPJkxh3a4dTe9LizEB7h E/+1qwGcSHPMcFzzleFr2KgxolNRNcJdfowxmJXL7jwTU/FBXgHniPLAyOJR4SSO xstb -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:50 2025 by rpki-client on console.sobornost.net