$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f37abb36-5149-4944-8faa-1e2f0ea2950e.roa File: f37abb36-5149-4944-8faa-1e2f0ea2950e.roa (raw, json) Hash identifier: vX/aQPj9KlT92EfUAnl+Aig/L5XouIOldhXyyIVQMZE= Subject key identifier: BC:FE:72:8B:84:A9:2A:C8:CA:1E:B6:48:C1:FC:62:C4:06:03:8E:A5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 214ABD91E15C403390E7F3567ED08B019A0ED438 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f37abb36-5149-4944-8faa-1e2f0ea2950e.roa Signing time: Mon 21 Apr 2025 15:10:15 +0000 ROA not before: Mon 21 Apr 2025 15:10:15 +0000 ROA not after: Mon 26 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:c800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:4a:bd:91:e1:5c:40:33:90:e7:f3:56:7e:d0:8b:01:9a:0e:d4:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 21 15:10:15 2025 GMT Not After : May 26 23:59:59 2025 GMT Subject: serialNumber=49202b05f5baf0b5077b5c94bf5cb7568c62cb0596dd559ee84500218a6bdb9c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:64:f5:cb:ce:2e:13:a6:6d:d4:9b:25:ed:f7: ff:05:a3:f0:aa:8b:11:57:e9:ac:21:a4:1d:ce:97: 92:d3:99:af:a7:ac:cf:5f:db:bb:12:d2:0e:e5:ef: f2:ef:80:fc:be:99:80:05:65:87:75:77:b4:77:58: 4f:14:28:55:c1:5b:d3:9a:ad:d6:89:66:9b:6e:15: c1:57:a8:16:1d:d6:13:93:b6:9a:7d:52:06:17:05: c7:58:ac:74:96:26:d0:b2:62:c0:1b:b5:d9:9d:a0: e3:d2:e8:cb:39:b0:41:ca:37:37:4c:e5:9d:84:f1: 1a:b1:c5:6d:fa:fe:d3:33:0b:67:f0:a7:6f:e8:d1: 22:b2:2c:fe:f4:b9:97:65:73:35:e5:53:b0:6e:ce: c8:1a:8a:1c:36:ec:3f:02:ff:96:fe:c6:23:be:21: 2d:2b:d9:69:c4:c1:9b:a1:d8:b0:70:8a:43:63:04: 3d:7d:cf:99:ad:78:c8:be:e5:6f:db:75:c4:ee:6a: 85:20:e8:f9:1c:cb:09:25:d8:7a:d0:e5:f8:a1:2f: 35:b6:73:1b:bc:67:78:5b:73:ef:08:94:85:12:24: 2f:d8:fe:a5:a8:ee:3b:b3:b2:eb:4d:90:03:11:72: 6b:67:79:ed:b4:74:40:f0:54:ff:bd:a0:3a:38:67: bb:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:FE:72:8B:84:A9:2A:C8:CA:1E:B6:48:C1:FC:62:C4:06:03:8E:A5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f37abb36-5149-4944-8faa-1e2f0ea2950e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:c800::/40 Signature Algorithm: sha256WithRSAEncryption 5c:ef:ce:ba:82:7e:2b:bf:52:04:6f:6c:f7:a2:78:17:75:9f: 20:0a:6e:63:4c:e1:3d:6e:b8:3f:af:71:61:d4:41:3f:0a:d7: 26:99:64:be:bd:5c:53:20:59:2f:70:42:77:af:c7:4b:8f:ec: 50:9d:3a:26:22:2e:e7:10:85:61:2a:fd:f0:0b:d9:e7:17:a6: dc:31:aa:41:c4:f0:d1:e8:36:5b:fd:83:04:81:9c:06:1a:16: 50:48:20:b6:f5:0a:c5:46:23:43:76:a6:b6:fa:76:23:97:4a: f0:0f:ed:75:a9:c8:c0:1e:a4:6f:48:8d:bc:79:fb:96:a9:7e: db:56:c3:0b:f7:a1:67:06:a9:b4:66:4e:fb:b7:00:1b:61:60: 51:28:5c:08:aa:ad:a2:12:78:70:10:4b:2e:20:8a:3d:85:d7: 49:70:5b:03:62:8c:03:30:9f:64:6e:65:62:78:ac:ba:bb:3a: 70:9c:8a:7c:60:a7:b1:76:b6:22:07:aa:e0:aa:1b:51:db:dc: 59:3d:df:11:8e:cc:bc:87:00:3e:3a:a9:be:19:51:48:51:b8: af:2d:40:25:62:cc:37:99:44:63:b0:0a:aa:75:02:44:0f:a9: 3e:8f:66:ab:4f:aa:a5:1e:1d:fb:cf:6e:bc:88:31:06:46:37: 93:3a:bf:75 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIUq9keFcQDOQ5/NWftCLAZoO1DgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQyMTE1MTAxNVoX DTI1MDUyNjIzNTk1OVowejFJMEcGA1UEBRNANDkyMDJiMDVmNWJhZjBiNTA3N2I1 Yzk0YmY1Y2I3NTY4YzYyY2IwNTk2ZGQ1NTllZTg0NTAwMjE4YTZiZGI5YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2T1y84uE6Zt1Jsl7ff/BaPwqosR V+msIaQdzpeS05mvp6zPX9u7EtIO5e/y74D8vpmABWWHdXe0d1hPFChVwVvTmq3W iWabbhXBV6gWHdYTk7aafVIGFwXHWKx0libQsmLAG7XZnaDj0ujLObBByjc3TOWd hPEascVt+v7TMwtn8Kdv6NEisiz+9LmXZXM15VOwbs7IGoocNuw/Av+W/sYjviEt K9lpxMGbodiwcIpDYwQ9fc+ZrXjIvuVv23XE7mqFIOj5HMsJJdh60OX4oS81tnMb vGd4W3PvCJSFEiQv2P6lqO47s7LrTZADEXJrZ3nttHRA8FT/vaA6OGe7VwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLz+couEqSrIyh62SMH8YsQGA46lMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YzN2FiYjM2LTUxNDktNDk0NC04ZmFhLTFlMmYwZWEyOTUwZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYcgwDQYJKoZIhvcNAQELBQADggEBAFzvzrqCfiu/UgRvbPei eBd1nyAKbmNM4T1uuD+vcWHUQT8K1yaZZL69XFMgWS9wQnevx0uP7FCdOiYiLucQ hWEq/fAL2ecXptwxqkHE8NHoNlv9gwSBnAYaFlBIILb1CsVGI0N2prb6diOXSvAP 7XWpyMAepG9Ijbx5+5apfttWwwv3oWcGqbRmTvu3ABthYFEoXAiqraISeHAQSy4g ij2F10lwWwNijAMwn2RuZWJ4rLq7OnCcinxgp7F2tiIHquCqG1Hb3Fk93xGOzLyH AD46qb4ZUUhRuK8tQCVizDeZRGOwCqp1AkQPqT6PZqtPqqUeHfvPbryIMQZGN5M6 v3U= -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:53 2025 by rpki-client on console.sobornost.net