$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb6fb749-738a-45f9-8df3-b428dffee98a.roa File: fb6fb749-738a-45f9-8df3-b428dffee98a.roa (raw, json) Hash identifier: oNrzeWI5DFzHwmyNY2877WjIt6BC1MqEv+A1TJB3Ikc= Subject key identifier: 1A:D7:C0:2E:D9:29:91:71:4B:01:30:12:9E:56:25:27:D0:7A:00:3B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6C0113094BC67D561D367FEE7411C76C8BE6DD33 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb6fb749-738a-45f9-8df3-b428dffee98a.roa Signing time: Fri 18 Apr 2025 00:20:07 +0000 ROA not before: Fri 18 Apr 2025 00:20:07 +0000 ROA not after: Fri 23 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:a080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:01:13:09:4b:c6:7d:56:1d:36:7f:ee:74:11:c7:6c:8b:e6:dd:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 18 00:20:07 2025 GMT Not After : May 23 23:59:59 2025 GMT Subject: serialNumber=acb2ed21fed97bea6edf02e6711d39b5f20a7d226d7154588bd54c2786e433e5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:2f:75:02:40:26:80:c1:18:99:a3:25:02:d5: d7:94:f6:e9:fb:84:2b:34:05:41:6b:59:a1:fe:e4: ce:25:10:d7:b8:cd:cc:99:03:7e:d9:7c:0b:bc:92: ac:e1:5e:f9:dc:9c:09:3c:81:22:02:d6:81:59:27: 00:62:43:41:c5:aa:d9:25:f8:30:16:37:30:18:3d: b9:73:5b:6b:f5:58:3c:bc:f3:fc:1e:87:d8:1c:61: a9:a5:92:07:be:cc:d1:6f:bc:8a:71:76:bf:7d:c8: 0d:eb:08:5b:68:77:ed:aa:2f:c4:2d:19:45:82:10: c1:6f:5c:c5:10:be:5c:6c:b0:27:e0:97:69:97:b7: d9:6a:a3:30:55:a7:0c:9e:20:71:7c:92:e3:87:dd: 03:74:43:a0:68:8b:b0:8b:61:c3:ef:58:39:c6:fe: 22:08:4f:af:ef:70:a5:2c:02:06:6e:e0:aa:62:f3: d2:ba:ea:eb:f7:cb:f6:05:2e:61:82:c2:b1:96:3b: 72:fe:11:f9:b7:36:59:fd:17:18:5c:24:92:92:7d: 08:76:92:05:fa:ad:93:ad:a0:b7:2f:cb:c2:eb:48: 7a:a5:c9:e5:ab:02:b3:c2:90:c0:59:92:be:00:15: c3:5c:bb:1c:15:c3:6c:de:44:65:69:77:25:5c:e0: 0c:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:D7:C0:2E:D9:29:91:71:4B:01:30:12:9E:56:25:27:D0:7A:00:3B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb6fb749-738a-45f9-8df3-b428dffee98a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:a080::/48 Signature Algorithm: sha256WithRSAEncryption 04:24:37:67:02:48:02:a1:7f:ec:ae:bc:49:7a:09:34:7f:66: 08:12:77:dc:df:12:f5:25:67:c3:2a:52:2f:57:ba:86:4a:94: 24:ec:fe:a3:7c:df:3a:d6:d5:75:e9:b1:3d:c4:e6:b9:3e:38: 62:55:5a:f9:b3:ab:c2:20:24:52:4a:1d:b5:e8:7a:69:ba:f0: 1b:83:15:f1:3c:66:88:3e:d5:ac:af:78:15:98:a9:8b:dd:29: 22:f1:f7:51:96:c0:d6:6d:4e:56:4e:c8:91:74:31:26:db:45: de:18:cb:eb:fa:9a:5e:ba:59:4d:15:99:eb:60:5d:f7:cb:a6: 41:2c:99:aa:2f:eb:3a:65:39:50:60:9d:f0:27:dd:64:4b:60: a4:79:3f:53:1b:23:bd:b6:4f:8e:39:0f:10:00:bb:29:96:3f: f8:f6:ea:71:46:af:52:f2:c5:d5:51:32:72:9f:bb:0d:18:aa: 0a:4a:fb:75:74:69:14:ba:04:9f:7f:65:d9:88:16:f0:b5:97: 11:f8:1b:8e:ad:df:b2:e7:01:c4:5c:f2:81:d1:71:50:eb:25: 9d:4c:8d:e5:0d:3e:32:9b:ca:a2:14:0a:47:e1:9c:f9:b3:51: 1a:6b:84:c0:8a:19:6d:22:f1:e4:c5:68:c1:1a:d3:a8:b8:b7: 01:69:d9:f8 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUbAETCUvGfVYdNn/udBHHbIvm3TMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQxODAwMjAwN1oX DTI1MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAYWNiMmVkMjFmZWQ5N2JlYTZlZGYw MmU2NzExZDM5YjVmMjBhN2QyMjZkNzE1NDU4OGJkNTRjMjc4NmU0MzNlNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmi91AkAmgMEYmaMlAtXXlPbp+4Qr NAVBa1mh/uTOJRDXuM3MmQN+2XwLvJKs4V753JwJPIEiAtaBWScAYkNBxarZJfgw FjcwGD25c1tr9Vg8vPP8HofYHGGppZIHvszRb7yKcXa/fcgN6whbaHftqi/ELRlF ghDBb1zFEL5cbLAn4Jdpl7fZaqMwVacMniBxfJLjh90DdEOgaIuwi2HD71g5xv4i CE+v73ClLAIGbuCqYvPSuurr98v2BS5hgsKxljty/hH5tzZZ/RcYXCSSkn0IdpIF +q2TraC3L8vC60h6pcnlqwKzwpDAWZK+ABXDXLscFcNs3kRlaXclXOAMMQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBrXwC7ZKZFxSwEwEp5WJSfQegA7MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZiNmZiNzQ5LTczOGEtNDVmOS04ZGYzLWI0MjhkZmZlZTk4YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaOKCAMA0GCSqGSIb3DQEBCwUAA4IBAQAEJDdnAkgCoX/srrxJ egk0f2YIEnfc3xL1JWfDKlIvV7qGSpQk7P6jfN861tV16bE9xOa5PjhiVVr5s6vC ICRSSh216HppuvAbgxXxPGaIPtWsr3gVmKmL3Ski8fdRlsDWbU5WTsiRdDEm20Xe GMvr+ppeullNFZnrYF33y6ZBLJmqL+s6ZTlQYJ3wJ91kS2CkeT9TGyO9tk+OOQ8Q ALsplj/49upxRq9S8sXVUTJyn7sNGKoKSvt1dGkUugSff2XZiBbwtZcR+BuOrd+y 5wHEXPKB0XFQ6yWdTI3lDT4ym8qiFApH4Zz5s1Eaa4TAihltIvHkxWjBGtOouLcB adn4 -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:53 2025 by rpki-client on console.sobornost.net