$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa File: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (raw, json) Hash identifier: DZ4V1VY2NPdlYAhqmNqpWfZSU78K7H5shN4WYYovjY0= Subject key identifier: 8E:08:E5:4D:34:DE:5A:CC:9C:3B:31:53:6D:EC:AA:B1:88:97:43:20 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 56C49062ADC7A7930C7AFAD39F9DA5BB6C87D91C Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa Signing time: Sat 05 Apr 2025 00:00:05 +0000 ROA not before: Sat 05 Apr 2025 00:00:05 +0000 ROA not after: Sat 10 May 2025 23:59:59 +0000 asID: 7224 IP address blocks: 43.224.76.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Apr 2025 00:00:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:c4:90:62:ad:c7:a7:93:0c:7a:fa:d3:9f:9d:a5:bb:6c:87:d9:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Apr 5 00:00:05 2025 GMT Not After : May 10 23:59:59 2025 GMT Subject: serialNumber=88ec8380e9099dcd31c46340b14737bbc39f197c8178c8e447d528ac1e5990c4, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:f8:ed:59:a5:d6:93:d2:7f:1c:94:9b:6c:c5: 36:78:59:db:59:3e:d9:32:5e:47:1d:85:c2:96:4f: c4:09:e1:3e:0e:15:6f:f2:4b:56:0e:26:7f:fd:ed: e7:11:2d:1e:cf:e4:33:80:b1:ed:b5:ab:c0:a5:e4: 5c:c7:52:0c:ec:30:ba:11:b2:b2:21:7b:e6:28:e0: 73:2c:0a:9f:7e:5d:5b:fa:eb:e9:73:64:84:d0:d9: 9c:b1:d9:16:71:ef:1b:1d:2c:d0:4e:d0:c1:c9:0a: 74:e2:30:d2:25:2c:37:b9:ac:4f:97:93:2d:15:c6: d6:a4:81:cb:c2:0c:d0:5f:5e:88:d6:e9:f4:72:76: a6:e6:2b:16:65:cc:b7:ac:c4:39:f9:b7:50:07:46: 2a:6b:71:af:2a:77:d1:a8:72:56:c0:7d:8c:cc:c6: f9:0b:a3:27:6b:c4:2e:4e:ec:68:84:44:56:41:94: 05:47:7c:db:25:6f:5f:93:e6:0d:49:63:15:18:fc: 4c:9c:06:54:83:a0:fd:e8:b7:86:f6:d3:78:db:e1: 74:a8:98:c7:09:4d:57:b5:5b:fb:d0:05:0c:3d:ab: 83:98:cd:cd:0a:dc:50:25:0c:4c:1b:de:b5:a7:40: a7:51:b2:5f:1d:c0:7d:2f:e0:5b:93:93:93:ec:80: 82:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:08:E5:4D:34:DE:5A:CC:9C:3B:31:53:6D:EC:AA:B1:88:97:43:20 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.76.0/22 Signature Algorithm: sha256WithRSAEncryption 6f:9c:c7:bc:86:9a:f4:50:bd:9c:7a:f1:4d:7e:88:49:3d:39: c2:bb:5d:99:62:de:bc:46:28:08:1f:52:cb:71:0d:d1:32:e1: 18:84:44:32:6a:f9:4a:20:97:67:d3:35:89:d1:3d:c8:5d:65: 0b:07:91:53:9f:5e:12:c9:be:f8:a1:84:f5:a0:71:41:08:08: 52:4c:17:1d:a3:51:57:d6:ea:3e:ad:37:ef:a9:50:50:04:e9: 7b:0f:32:fe:24:01:34:46:b0:fb:ad:f7:28:9f:ec:0d:06:af: 27:30:f1:43:ce:66:51:35:41:dd:ad:cf:8c:19:9c:be:2b:cb: 9f:4a:e4:47:5d:e3:0c:7e:91:f3:2a:97:f6:f8:5a:9a:37:19: 7c:58:89:7f:ca:a6:d2:8e:e8:3d:e9:71:7e:7d:29:5b:b6:c3: ba:64:37:e7:f2:99:96:ab:92:60:8b:c9:de:02:7c:4a:65:05: ca:d1:c3:5f:17:14:df:61:30:24:11:ee:d5:37:5e:96:95:54: e1:24:7d:5c:e2:16:33:e9:c1:c3:b5:fd:6e:27:39:8f:9a:ed: 62:0b:f4:30:94:f2:89:ed:cc:ec:dc:2d:35:fd:7e:b6:e2:16: 77:e3:53:dd:63:60:63:82:73:44:91:40:ac:a4:dc:13:dd:1a: cd:4d:1a:ca -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUVsSQYq3Hp5MMevrTn52lu2yH2RwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI1MDQwNTAwMDAwNVoX DTI1MDUxMDIzNTk1OVowejFJMEcGA1UEBRNAODhlYzgzODBlOTA5OWRjZDMxYzQ2 MzQwYjE0NzM3YmJjMzlmMTk3YzgxNzhjOGU0NDdkNTI4YWMxZTU5OTBjNDEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/jtWaXWk9J/HJSbbMU2eFnbWT7Z Ml5HHYXClk/ECeE+DhVv8ktWDiZ//e3nES0ez+QzgLHttavApeRcx1IM7DC6EbKy IXvmKOBzLAqffl1b+uvpc2SE0NmcsdkWce8bHSzQTtDByQp04jDSJSw3uaxPl5Mt FcbWpIHLwgzQX16I1un0cnam5isWZcy3rMQ5+bdQB0Yqa3GvKnfRqHJWwH2MzMb5 C6Mna8QuTuxohERWQZQFR3zbJW9fk+YNSWMVGPxMnAZUg6D96LeG9tN42+F0qJjH CU1XtVv70AUMPauDmM3NCtxQJQxMG961p0CnUbJfHcB9L+Bbk5OT7ICCDQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFI4I5U003lrMnDsxU23sqrGIl0MgMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzQ5MTE5NzM0LTlkYmMtNGJkNC05OGJlLTU3ZTRjZTA3ODkyOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+BMMA0GCSqGSIb3DQEBCwUAA4IBAQBvnMe8hpr0UL2cevFNfohJ PTnCu12ZYt68RigIH1LLcQ3RMuEYhEQyavlKIJdn0zWJ0T3IXWULB5FTn14Syb74 oYT1oHFBCAhSTBcdo1FX1uo+rTfvqVBQBOl7DzL+JAE0RrD7rfcon+wNBq8nMPFD zmZRNUHdrc+MGZy+K8ufSuRHXeMMfpHzKpf2+FqaNxl8WIl/yqbSjug96XF+fSlb tsO6ZDfn8pmWq5Jgi8neAnxKZQXK0cNfFxTfYTAkEe7VN16WlVThJH1c4hYz6cHD tf1uJzmPmu1iC/QwlPKJ7czs3C01/X624hZ341PdY2BjgnNEkUCspNwT3RrNTRrK -----END CERTIFICATE-----Generated at Fri Apr 25 03:47:34 2025 by rpki-client on console.sobornost.net