$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa File: 22d6913e-5f3d-4f99-9a60-48579f471838.roa (raw, json) Hash identifier: db3CyR59Niih+WGgIJIhmfB81vUULob+ee+Zp6CPc5w= Subject key identifier: 81:EB:81:0C:48:C5:04:8C:8A:A1:F0:C4:92:77:52:F5:AB:8E:B3:60 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 546816AE98E117C522A60FD482FAB5038B09CF32 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa Signing time: Mon 31 Mar 2025 15:00:07 +0000 ROA not before: Mon 31 Mar 2025 15:00:07 +0000 ROA not after: Mon 05 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500:2000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:68:16:ae:98:e1:17:c5:22:a6:0f:d4:82:fa:b5:03:8b:09:cf:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Mar 31 15:00:07 2025 GMT Not After : May 5 23:59:59 2025 GMT Subject: serialNumber=d894068d49d32fbb1d8ad7bdddf62a3af6b401deda8be8b3bfa31dbb139eac76, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:0c:6e:e5:2f:ac:58:a0:9f:bb:12:76:30:34: ae:4c:aa:3d:d8:3b:de:6c:5f:91:fb:24:cf:03:ce: a1:05:4d:62:76:89:cd:18:f4:02:76:8e:98:b8:ea: 9b:e1:d6:4f:66:76:ee:66:ba:d7:aa:b8:7a:79:dc: 32:b9:e7:ec:0d:64:70:38:a1:9d:24:d1:6d:70:ff: 39:de:7e:1c:08:5c:da:73:31:22:d7:97:d9:43:12: 78:c5:19:f5:1a:b0:9b:f6:1d:a4:b6:66:88:1c:d0: 78:58:ba:d2:5f:af:fa:98:1c:3f:21:9b:e0:df:a4: a9:f0:a7:af:11:b3:c9:98:a4:c9:58:02:48:8d:02: cd:25:2a:b0:5f:96:88:58:b4:cf:ec:0e:95:06:2f: c5:a1:e5:aa:b7:35:6d:5a:23:12:a6:86:70:e9:de: ed:64:e7:09:e6:d1:74:c7:8f:a0:14:5d:1d:77:8b: a2:e2:7d:37:15:15:ac:e8:cb:4b:c0:66:ec:8b:36: 14:e1:81:db:91:9c:d2:b1:6c:99:21:86:4a:53:01: 5d:9b:c8:52:85:42:1d:22:02:78:bb:d1:aa:55:12: 98:93:08:25:32:5a:c4:84:86:e0:89:a0:10:3e:79: 84:c8:be:a5:65:84:ab:f3:8c:93:41:79:98:ee:8b: ce:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:EB:81:0C:48:C5:04:8C:8A:A1:F0:C4:92:77:52:F5:AB:8E:B3:60 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22d6913e-5f3d-4f99-9a60-48579f471838.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500:2000::/36 Signature Algorithm: sha256WithRSAEncryption 66:2f:6d:f7:16:cd:9b:1a:12:04:52:8b:23:01:54:01:92:57: 1a:a6:77:aa:14:c8:4b:2a:8e:cd:28:71:08:94:8a:bb:f9:f0: 64:d0:ec:7c:aa:44:3f:d8:dd:5b:5c:f3:9b:06:f0:48:11:57: 59:e5:4e:07:89:06:74:b9:4e:e2:46:69:92:c2:94:92:6f:52: 28:b8:ec:83:f3:21:ab:cf:e5:80:4f:05:7b:b3:ab:5a:7c:af: 19:fb:58:10:08:62:5e:cb:34:13:83:61:b4:ac:59:bb:09:c1: 06:37:0e:d3:69:16:41:84:f1:ed:eb:26:26:7b:e2:d2:dd:24: 62:ef:57:b1:e2:8d:3a:cc:7d:a7:a2:e5:f6:e7:e9:81:10:59: 8f:04:07:c0:e0:9c:64:25:92:e4:97:c0:fe:73:1b:bd:c1:3d: 2c:d2:06:4c:4e:e0:da:a3:da:b6:7a:71:20:91:f7:25:41:a5: 04:7c:2a:79:e2:fd:f2:43:76:de:75:70:d7:63:b8:a8:50:25: cd:23:dc:87:74:1f:f6:9f:82:e1:e6:f8:c2:65:ca:86:7e:ec: 8d:64:08:03:b8:06:f4:2c:06:e5:a5:fa:df:a4:10:ed:d8:01: 3d:0c:78:5c:3d:01:af:a3:3e:2e:7b:5d:bf:0e:6b:b4:7c:99: 95:e8:81:7a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVGgWrpjhF8Uipg/Ugvq1A4sJzzIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDMzMTE1MDAwN1oX DTI1MDUwNTIzNTk1OVowejFJMEcGA1UEBRNAZDg5NDA2OGQ0OWQzMmZiYjFkOGFk N2JkZGRmNjJhM2FmNmI0MDFkZWRhOGJlOGIzYmZhMzFkYmIxMzllYWM3NjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgxu5S+sWKCfuxJ2MDSuTKo92Dve bF+R+yTPA86hBU1idonNGPQCdo6YuOqb4dZPZnbuZrrXqrh6edwyuefsDWRwOKGd JNFtcP853n4cCFzaczEi15fZQxJ4xRn1GrCb9h2ktmaIHNB4WLrSX6/6mBw/IZvg 36Sp8KevEbPJmKTJWAJIjQLNJSqwX5aIWLTP7A6VBi/FoeWqtzVtWiMSpoZw6d7t ZOcJ5tF0x4+gFF0dd4ui4n03FRWs6MtLwGbsizYU4YHbkZzSsWyZIYZKUwFdm8hS hUIdIgJ4u9GqVRKYkwglMlrEhIbgiaAQPnmEyL6lZYSr84yTQXmY7ovO+QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIHrgQxIxQSMiqHwxJJ3UvWrjrNgMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzIyZDY5MTNlLTVmM2QtNGY5OS05YTYwLTQ4NTc5ZjQ3MTgzOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJABlACAwDQYJKoZIhvcNAQELBQADggEBAGYvbfcWzZsaEgRSiyMB VAGSVxqmd6oUyEsqjs0ocQiUirv58GTQ7HyqRD/Y3Vtc85sG8EgRV1nlTgeJBnS5 TuJGaZLClJJvUii47IPzIavP5YBPBXuzq1p8rxn7WBAIYl7LNBODYbSsWbsJwQY3 DtNpFkGE8e3rJiZ74tLdJGLvV7HijTrMfaei5fbn6YEQWY8EB8DgnGQlkuSXwP5z G73BPSzSBkxO4Nqj2rZ6cSCR9yVBpQR8Knni/fJDdt51cNdjuKhQJc0j3Id0H/af guHm+MJlyoZ+7I1kCAO4BvQsBuWl+t+kEO3YAT0MeFw9Aa+jPi57Xb8Oa7R8mZXo gXo= -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:53 2025 by rpki-client on console.sobornost.net