$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa File: 3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa (raw, json) Hash identifier: 0a/QtObQ7lMU35WBFSp0v1vFkMlOf5t4jmrMD03jcfM= Subject key identifier: 50:7A:B9:07:DB:10:8C:F5:55:63:42:91:89:97:60:7F:20:52:97:A6 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 44AE4702B6D5C93E24409D4F8E2E563B6FF42BC5 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa Signing time: Wed 23 Apr 2025 00:00:14 +0000 ROA not before: Wed 23 Apr 2025 00:00:14 +0000 ROA not after: Wed 28 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.136.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:ae:47:02:b6:d5:c9:3e:24:40:9d:4f:8e:2e:56:3b:6f:f4:2b:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Apr 23 00:00:14 2025 GMT Not After : May 28 23:59:59 2025 GMT Subject: serialNumber=022a85cdc4956ebce0c0efa40261e2537838b1843253a2405abc436c3df9ce1d, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:0d:95:5c:72:43:2f:3d:ad:b8:5b:7c:36:d5: 4a:00:e4:6a:3c:76:f5:51:29:1c:aa:59:8e:d7:38: bc:81:50:ba:2c:83:fc:1b:f0:21:09:d4:ce:e8:0c: 0a:14:6a:1a:73:b5:9e:80:fa:7c:74:a5:6e:66:94: c3:43:90:ca:68:fa:99:c2:c8:6e:a5:56:38:ce:a6: 06:65:60:62:16:c9:6b:28:4a:22:1d:c7:f2:49:8d: 76:93:b0:fe:61:ab:cf:22:b8:94:92:45:91:9b:4f: 9f:ca:10:ed:35:e1:fd:5d:2b:97:aa:e7:d8:bc:ca: 85:2c:f6:77:db:dc:df:dc:de:ae:97:44:1a:7c:92: 0f:bb:7f:62:7e:f8:f4:d0:0a:b1:5f:9b:8c:bc:3b: 56:cd:b9:de:ad:6d:6d:c8:98:25:b8:1f:c8:e5:1f: 84:79:20:02:b3:74:2c:eb:a3:49:ab:07:64:cb:05: 5e:ee:ed:bc:f8:c6:d2:33:4d:0c:34:b3:ca:be:78: 7e:15:ba:5a:95:6a:a8:1b:e7:ea:6f:f9:cb:19:57: 76:87:07:35:17:d7:53:22:14:c5:66:ca:11:66:d1: d4:ec:64:72:5b:71:d3:47:12:be:c2:f2:01:e9:3d: 50:5c:96:b2:c4:52:4a:ac:bf:0f:bf:e8:24:47:83: 6e:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:7A:B9:07:DB:10:8C:F5:55:63:42:91:89:97:60:7F:20:52:97:A6 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.136.0/21 Signature Algorithm: sha256WithRSAEncryption dd:23:82:89:7a:f3:55:d3:5b:f3:94:3a:ee:8b:2d:9b:1b:65: 6b:4b:06:c4:f2:f3:48:0b:1f:ea:8a:2b:85:17:30:a1:ca:bc: 43:d4:15:a8:14:0c:6e:11:bb:9b:47:64:48:3d:88:2b:03:44: 1a:17:5e:64:3e:fb:3d:b6:ae:01:c3:fa:4d:1e:7b:95:e5:5e: a7:2a:45:4a:3f:ea:6d:e7:6d:8e:41:d9:c2:24:15:10:96:24: a5:2a:85:ce:2b:e2:e8:53:54:a6:fd:73:21:83:f8:ca:aa:d8: 11:e5:15:1a:23:a8:85:63:57:91:d2:e4:77:aa:8d:f5:2e:ae: 2b:a5:dc:0b:d4:e4:38:15:04:83:03:ea:d3:c4:f1:73:df:93: 51:34:f8:ef:f4:d4:fc:7f:8b:b8:ed:9f:0a:0c:80:ea:af:9b: a5:1b:05:35:7a:3d:eb:ac:3d:43:1e:81:94:82:cd:aa:7b:ad: 74:fd:32:52:f7:4d:77:df:f2:03:97:ac:a3:68:b1:e6:53:95: 26:4b:c3:dc:53:17:74:b3:ef:c6:86:87:e0:ef:8b:a3:0d:4f: 95:03:e2:a9:75:7f:39:1a:c6:30:40:4b:f1:40:f4:de:eb:3e: ac:f3:1a:4b:fa:f0:d6:1f:f2:a1:e3:22:ec:97:56:b2:d9:15: 52:df:eb:b4 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIURK5HArbVyT4kQJ1Pji5WO2/0K8UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDQyMzAwMDAxNFoX DTI1MDUyODIzNTk1OVowejFJMEcGA1UEBRNAMDIyYTg1Y2RjNDk1NmViY2UwYzBl ZmE0MDI2MWUyNTM3ODM4YjE4NDMyNTNhMjQwNWFiYzQzNmMzZGY5Y2UxZDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqg2VXHJDLz2tuFt8NtVKAORqPHb1 USkcqlmO1zi8gVC6LIP8G/AhCdTO6AwKFGoac7WegPp8dKVuZpTDQ5DKaPqZwshu pVY4zqYGZWBiFslrKEoiHcfySY12k7D+YavPIriUkkWRm0+fyhDtNeH9XSuXqufY vMqFLPZ329zf3N6ul0QafJIPu39ifvj00AqxX5uMvDtWzbnerW1tyJgluB/I5R+E eSACs3Qs66NJqwdkywVe7u28+MbSM00MNLPKvnh+FbpalWqoG+fqb/nLGVd2hwc1 F9dTIhTFZsoRZtHU7GRyW3HTRxK+wvIB6T1QXJayxFJKrL8Pv+gkR4Nu7QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFFB6uQfbEIz1VWNCkYmXYH8gUpemMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzNiODU1N2MwLWQ1ZWUtNGY5ZC04MGFjLWU0MWEzN2ZmZmYyNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDrymIMA0GCSqGSIb3DQEBCwUAA4IBAQDdI4KJevNV01vzlDruiy2b G2VrSwbE8vNICx/qiiuFFzChyrxD1BWoFAxuEbubR2RIPYgrA0QaF15kPvs9tq4B w/pNHnuV5V6nKkVKP+pt522OQdnCJBUQliSlKoXOK+LoU1Sm/XMhg/jKqtgR5RUa I6iFY1eR0uR3qo31Lq4rpdwL1OQ4FQSDA+rTxPFz35NRNPjv9NT8f4u47Z8KDIDq r5ulGwU1ej3rrD1DHoGUgs2qe610/TJS90133/IDl6yjaLHmU5UmS8PcUxd0s+/G hofg74ujDU+VA+KpdX85GsYwQEvxQPTe6z6s8xpL+vDWH/Kh4yLsl1ay2RVS3+u0 -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:53 2025 by rpki-client on console.sobornost.net