$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffd89ff2-4de6-4517-88fc-12345cabb969.roa File: ffd89ff2-4de6-4517-88fc-12345cabb969.roa (raw, json) Hash identifier: rZS2em+w506in1eQ627S2BID1JvPZ2jjH2FS0Q++Q40= Subject key identifier: 79:13:43:03:98:DB:6D:82:E9:52:A3:8A:30:63:B1:C4:0E:FC:C0:FD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2A27DAF51EC3E8A38E069747A66F7886F2914C29 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffd89ff2-4de6-4517-88fc-12345cabb969.roa Signing time: Mon 21 Apr 2025 17:00:17 +0000 ROA not before: Mon 21 Apr 2025 17:00:17 +0000 ROA not after: Mon 26 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da15::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:27:da:f5:1e:c3:e8:a3:8e:06:97:47:a6:6f:78:86:f2:91:4c:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 21 17:00:17 2025 GMT Not After : May 26 23:59:59 2025 GMT Subject: serialNumber=d62740f909d96b5dfa2fca75041fd4a19d9c471ab9366c5e2f81630be12cbd39, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:1b:c8:68:f1:33:b5:6a:44:bb:87:bf:11:74: 67:de:db:e4:78:33:dc:e8:10:e6:f4:f9:55:ab:40: 0b:6e:92:d3:59:b6:78:99:f5:a9:d2:07:49:f9:9f: 24:29:40:a7:a6:81:4c:8d:22:1b:71:f0:19:cf:69: 4a:70:fd:93:e0:36:69:e7:97:4e:ff:ee:b6:27:9e: 0a:b1:dd:c7:06:b9:60:51:61:41:5f:1b:d8:23:23: e1:27:be:3c:36:59:50:50:22:95:7f:9f:0c:d8:4c: 42:80:a0:69:a0:63:20:47:cb:c3:61:4f:ef:42:f6: 14:c9:c0:16:b8:5f:42:1f:ad:4a:11:d9:47:76:2e: 7c:99:54:d3:ec:54:92:90:ce:af:dd:ed:7b:78:8e: 1d:99:05:ee:89:6e:9e:a5:6c:f6:a5:f2:1b:ea:c2: 0a:c0:34:3f:78:7c:c9:b0:6f:69:c6:c4:de:6d:94: ce:ab:8f:13:12:30:95:d1:b5:a7:19:e7:9e:11:4e: d8:ce:e7:e0:d5:d7:a8:0e:2b:5c:11:9d:0c:50:6a: 80:c9:26:83:ef:3e:55:f8:2f:8a:dc:c3:80:c0:c3: e2:8e:62:af:d5:22:98:35:b6:52:86:3f:90:20:67: ec:47:c6:cf:89:a3:2b:e9:f3:a2:74:96:ff:36:f9: 7b:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:13:43:03:98:DB:6D:82:E9:52:A3:8A:30:63:B1:C4:0E:FC:C0:FD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffd89ff2-4de6-4517-88fc-12345cabb969.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da15::/36 Signature Algorithm: sha256WithRSAEncryption 6a:b0:1b:81:2d:ab:94:ca:bb:60:57:0f:5b:24:be:f6:f0:cc: d7:cf:6d:48:bb:07:f6:b6:eb:28:1e:cb:c2:92:da:fe:c3:a5: 51:5e:a1:7e:56:11:5e:41:2c:38:18:b2:b4:8d:89:14:d9:5e: 72:6d:9a:39:bd:5f:0f:36:27:e0:7e:8d:38:bd:97:38:1d:a1: c7:29:7d:e4:2e:25:2b:51:ce:a8:f0:90:08:af:78:a6:8a:26: 18:cb:93:76:9e:17:7b:bf:95:78:71:99:66:34:77:b9:0b:c8: 6c:aa:87:fe:a5:c5:e2:c0:5a:c5:cf:50:53:b1:9b:49:54:bc: ea:f8:43:ba:21:7d:bf:82:88:f1:08:db:6e:cd:90:4c:b3:0a: 98:04:06:da:91:c3:69:7b:90:68:64:6f:45:b5:a9:2d:14:87: 1c:b4:f9:7a:b4:f7:1a:ce:20:a6:38:ab:e1:1b:4a:78:02:f3: ed:65:41:74:8e:8e:86:43:1a:62:b2:21:ca:c8:7a:79:2b:5e: da:dd:1d:1e:f4:ac:4d:10:37:8c:00:9f:94:6b:25:4a:1f:d9: c4:68:cb:ea:1b:05:d8:ee:7d:ed:11:c7:b0:e7:c9:aa:e9:0c: 94:6a:18:23:b4:9d:f4:45:55:ed:30:cd:b9:d9:9d:9d:35:90: c3:36:0b:02 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUKifa9R7D6KOOBpdHpm94hvKRTCkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQyMTE3MDAxN1oX DTI1MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAZDYyNzQwZjkwOWQ5NmI1ZGZhMmZj YTc1MDQxZmQ0YTE5ZDljNDcxYWI5MzY2YzVlMmY4MTYzMGJlMTJjYmQzOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhvIaPEztWpEu4e/EXRn3tvkeDPc 6BDm9PlVq0ALbpLTWbZ4mfWp0gdJ+Z8kKUCnpoFMjSIbcfAZz2lKcP2T4DZp55dO /+62J54Ksd3HBrlgUWFBXxvYIyPhJ748NllQUCKVf58M2ExCgKBpoGMgR8vDYU/v QvYUycAWuF9CH61KEdlHdi58mVTT7FSSkM6v3e17eI4dmQXuiW6epWz2pfIb6sIK wDQ/eHzJsG9pxsTebZTOq48TEjCV0bWnGeeeEU7Yzufg1deoDitcEZ0MUGqAySaD 7z5V+C+K3MOAwMPijmKv1SKYNbZShj+QIGfsR8bPiaMr6fOidJb/Nvl7bwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHkTQwOY222C6VKjijBjscQO/MD9MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZmZDg5ZmYyLTRkZTYtNDUxNy04OGZjLTEyMzQ1Y2FiYjk2OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaFQAwDQYJKoZIhvcNAQELBQADggEBAGqwG4Etq5TKu2BXD1sk vvbwzNfPbUi7B/a26ygey8KS2v7DpVFeoX5WEV5BLDgYsrSNiRTZXnJtmjm9Xw82 J+B+jTi9lzgdoccpfeQuJStRzqjwkAiveKaKJhjLk3aeF3u/lXhxmWY0d7kLyGyq h/6lxeLAWsXPUFOxm0lUvOr4Q7ohfb+CiPEI227NkEyzCpgEBtqRw2l7kGhkb0W1 qS0Uhxy0+Xq09xrOIKY4q+EbSngC8+1lQXSOjoZDGmKyIcrIenkrXtrdHR70rE0Q N4wAn5RrJUof2cRoy+obBdjufe0Rx7DnyarpDJRqGCO0nfRFVe0wzbnZnZ01kMM2 CwI= -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:53 2025 by rpki-client on console.sobornost.net