$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d50e303a-6697-4780-b749-2eb970425fe8.roa File: d50e303a-6697-4780-b749-2eb970425fe8.roa (raw, json) Hash identifier: H47qEbxpirusYdgpex/dvZcvZjyx5+kccPfrHT910+Y= Subject key identifier: 53:3A:CA:8C:7C:79:11:6D:9A:50:A2:48:B5:FC:9B:DE:C2:C8:6D:CD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 67D7F811D7621F7A1C9E679131E70E86A1C691BC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d50e303a-6697-4780-b749-2eb970425fe8.roa Signing time: Tue 15 Apr 2025 00:00:48 +0000 ROA not before: Tue 15 Apr 2025 00:00:48 +0000 ROA not after: Tue 20 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:7000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:d7:f8:11:d7:62:1f:7a:1c:9e:67:91:31:e7:0e:86:a1:c6:91:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 15 00:00:48 2025 GMT Not After : May 20 23:59:59 2025 GMT Subject: serialNumber=1fc28e48e484f6977c786b453855dcedc2ad132a213a4d6d36914276e56b82bc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:eb:f2:56:df:07:20:04:1a:21:11:37:cf:55: 64:22:9d:1f:89:bf:82:31:b6:f7:f2:cb:c9:b7:1b: d4:3e:d1:cb:b7:1a:22:7a:8e:e6:e7:af:73:91:d3: fc:ae:7e:1a:76:aa:30:ea:b4:f6:c4:f5:30:e8:4d: c4:45:df:cf:df:71:fa:10:83:d8:b3:12:55:7b:76: 51:da:2b:14:2c:ca:80:39:77:92:23:f3:dd:42:14: 37:c3:46:13:e5:64:60:d4:34:cf:3f:e1:82:79:a6: 07:6c:1a:c8:c2:e8:ab:6b:41:24:84:70:29:3b:2e: 0a:31:c3:5e:d9:fb:87:3f:26:d5:f8:f4:59:cb:6f: dc:e0:f9:bc:48:ef:1d:3d:f9:1d:c5:fd:49:6d:de: 72:3f:b8:d2:71:cf:fa:20:af:ed:81:5b:72:5f:91: 83:fe:21:b9:28:65:23:99:1c:85:a7:5a:42:46:4a: 5e:33:22:c5:17:f7:f2:f6:71:7d:c2:ec:4e:98:2e: d5:84:ee:4c:0c:3c:4e:ef:2f:e8:49:da:66:1b:77: 71:33:1d:da:f7:67:19:12:af:c4:a5:3a:96:ec:9d: 13:ba:d2:aa:03:64:ba:54:9c:07:6d:e0:4d:b4:69: 40:f9:2e:94:5b:72:84:19:1b:53:bc:d7:bc:f8:70: 80:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:3A:CA:8C:7C:79:11:6D:9A:50:A2:48:B5:FC:9B:DE:C2:C8:6D:CD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d50e303a-6697-4780-b749-2eb970425fe8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:7000::/40 Signature Algorithm: sha256WithRSAEncryption 1b:9c:ac:83:ed:51:2f:26:84:50:f3:47:c7:fc:44:4b:1b:25: 11:33:fd:a1:02:6b:8d:39:bf:ac:a7:0a:f7:79:57:23:f8:f7: 13:61:99:5d:2b:fb:c4:75:4b:43:54:fe:43:9c:05:d8:88:dd: e5:6a:48:12:59:18:36:2d:35:13:26:87:c5:60:2a:97:95:ba: 94:38:9a:b8:bc:a0:e5:f7:2b:35:f9:fa:18:f3:f0:45:5f:d2: 7c:40:7f:97:8f:39:24:b5:56:8d:0f:31:d1:79:fd:c4:a8:bc: ac:7c:69:83:da:56:50:fa:de:1a:64:6b:92:d1:41:66:5a:d2: 9e:8f:b2:3e:c2:b4:cc:83:5d:a8:b3:77:7e:3c:3a:bf:70:c9: 1a:46:af:0d:4e:b6:45:c4:3b:e4:37:aa:43:97:6b:bd:ca:53: 59:0a:a0:57:14:27:b9:40:bc:ec:55:94:ab:db:dc:34:4a:67: 21:31:28:46:8e:33:27:fd:e8:61:bc:a0:71:33:44:d0:65:80: 08:ce:52:b7:7c:a3:9b:9c:55:0e:0d:3f:63:70:92:b5:f8:8c: 1c:1d:cd:26:c6:cc:db:8c:1c:c4:27:1a:e9:c9:8a:ca:a1:7b: 88:fa:a0:1c:0a:db:48:07:93:78:6d:08:4f:82:21:eb:f8:b0: ef:bc:a6:89 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZ9f4EddiH3ocnmeRMecOhqHGkbwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQxNTAwMDA0OFoX DTI1MDUyMDIzNTk1OVowejFJMEcGA1UEBRNAMWZjMjhlNDhlNDg0ZjY5NzdjNzg2 YjQ1Mzg1NWRjZWRjMmFkMTMyYTIxM2E0ZDZkMzY5MTQyNzZlNTZiODJiYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApevyVt8HIAQaIRE3z1VkIp0fib+C Mbb38svJtxvUPtHLtxoieo7m569zkdP8rn4adqow6rT2xPUw6E3ERd/P33H6EIPY sxJVe3ZR2isULMqAOXeSI/PdQhQ3w0YT5WRg1DTPP+GCeaYHbBrIwuira0EkhHAp Oy4KMcNe2fuHPybV+PRZy2/c4Pm8SO8dPfkdxf1Jbd5yP7jScc/6IK/tgVtyX5GD /iG5KGUjmRyFp1pCRkpeMyLFF/fy9nF9wuxOmC7VhO5MDDxO7y/oSdpmG3dxMx3a 92cZEq/EpTqW7J0TutKqA2S6VJwHbeBNtGlA+S6UW3KEGRtTvNe8+HCAKwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFM6yox8eRFtmlCiSLX8m97CyG3NMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q1MGUzMDNhLTY2OTctNDc4MC1iNzQ5LTJlYjk3MDQyNWZlOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9nAwDQYJKoZIhvcNAQELBQADggEBABucrIPtUS8mhFDzR8f8 REsbJREz/aECa405v6ynCvd5VyP49xNhmV0r+8R1S0NU/kOcBdiI3eVqSBJZGDYt NRMmh8VgKpeVupQ4mri8oOX3KzX5+hjz8EVf0nxAf5ePOSS1Vo0PMdF5/cSovKx8 aYPaVlD63hpka5LRQWZa0p6Psj7CtMyDXaizd348Or9wyRpGrw1OtkXEO+Q3qkOX a73KU1kKoFcUJ7lAvOxVlKvb3DRKZyExKEaOMyf96GG8oHEzRNBlgAjOUrd8o5uc VQ4NP2NwkrX4jBwdzSbGzNuMHMQnGunJisqhe4j6oBwK20gHk3htCE+CIev4sO+8 pok= -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:51 2025 by rpki-client on console.sobornost.net