$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/43fd8687-12d4-49b5-9958-8536ce8160b4.roa File: 43fd8687-12d4-49b5-9958-8536ce8160b4.roa (raw, json) Hash identifier: keUk1WbV7IfOmOAAqHmdgaCVRxpC6mUeLuZ0oKKmj+o= Subject key identifier: B3:B1:19:AE:DB:6F:BE:16:42:D4:AB:14:E1:00:8A:8C:1E:C0:7D:0C Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 483A69D31CCA8E068056C72C3CF0B311FAAF90CF Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/43fd8687-12d4-49b5-9958-8536ce8160b4.roa Signing time: Wed 23 Apr 2025 00:00:17 +0000 ROA not before: Wed 23 Apr 2025 00:00:17 +0000 ROA not after: Wed 28 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.160.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:3a:69:d3:1c:ca:8e:06:80:56:c7:2c:3c:f0:b3:11:fa:af:90:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Apr 23 00:00:17 2025 GMT Not After : May 28 23:59:59 2025 GMT Subject: serialNumber=cad9d5072bc330836e322613ffeb26d958ff6a9c6d59d66bbeac3d7c373aa840, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:de:6c:b9:8e:8d:6d:14:41:d3:6c:53:fe:11: 9b:72:75:bc:20:e0:6b:e5:7f:c2:fb:cc:1f:5c:5c: ea:91:4e:a9:fb:72:0e:01:c7:a8:51:8a:bd:49:b1: 66:36:04:4c:02:df:6f:54:ec:fd:5a:ef:38:af:27: 68:5f:1b:ae:46:65:1f:cf:40:3f:3c:4a:5c:21:c8: c2:b0:69:4b:eb:d9:3d:6a:d4:54:94:a7:2c:03:f9: c8:3b:75:71:99:a4:ad:29:9b:e2:c6:43:16:14:f0: a3:20:03:22:50:bf:b6:95:ec:7e:ff:b1:e0:1e:de: a5:79:f8:82:b1:a0:f9:e0:bb:14:dc:b0:9c:5a:62: 51:a9:fc:1e:d9:30:73:da:c1:94:fd:72:e9:eb:82: 3a:57:41:5b:06:8a:13:94:2c:2d:64:8c:1f:b4:90: 20:7d:49:52:27:4a:51:03:a5:27:63:05:24:e1:c8: cf:c6:c0:63:77:93:3d:6f:ad:54:6b:8b:20:d7:f2: 58:58:e2:db:0d:2e:7c:4c:0d:d1:7c:8b:8c:40:69: 11:d9:f2:66:03:7c:2a:cd:23:e4:72:4d:be:98:7c: 78:86:28:d4:54:ad:b4:58:2b:87:95:18:d1:49:b7: 43:38:c0:e6:4a:08:d8:77:1c:55:ea:8c:ac:41:f3: 29:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:B1:19:AE:DB:6F:BE:16:42:D4:AB:14:E1:00:8A:8C:1E:C0:7D:0C X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/43fd8687-12d4-49b5-9958-8536ce8160b4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.160.0/19 Signature Algorithm: sha256WithRSAEncryption 6d:ca:98:04:8a:f0:4d:f2:93:3e:e0:5b:07:cd:dc:6c:6a:cb: 70:08:29:2f:6a:c7:bb:2c:9e:26:29:a4:15:f6:cf:a9:99:2c: 47:f3:4a:b6:a0:d1:eb:9f:20:32:a3:33:69:9d:74:d2:47:92: 7a:1b:ec:3f:3b:38:43:c8:a2:9d:49:50:22:83:95:30:59:c9: 8d:4f:df:75:48:9f:cf:c5:e9:e2:da:27:ad:83:95:7d:a8:e3: 68:2c:a5:ec:af:15:a3:b2:64:33:7e:bd:78:7b:40:e1:cd:d1: 65:89:fc:d5:93:c8:f7:f3:fc:33:4a:35:db:68:62:9b:2a:dd: 73:18:db:9f:6a:da:d4:33:58:5c:59:3c:1c:70:ce:39:91:f3: 15:e1:2a:da:eb:2e:fb:f5:57:6f:db:16:53:8c:62:4d:7d:cd: a1:b9:4a:4d:4f:a3:f0:62:d3:a3:56:45:4f:a1:f9:d1:e5:6e: f2:ac:fe:9b:32:7c:e2:5c:0a:a2:5b:ea:40:7f:b7:4f:7c:d5: 75:38:ad:72:8f:38:ff:56:36:64:b0:ae:4b:4b:33:87:94:64: e8:19:3e:b3:8e:37:02:6d:8b:5d:9b:99:cd:05:76:bf:4d:09: 9a:55:ee:e7:27:e8:b2:36:ff:d6:f3:be:74:ce:4e:3d:b4:00: ad:46:3d:6c -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUSDpp0xzKjgaAVscsPPCzEfqvkM8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDQyMzAwMDAxN1oX DTI1MDUyODIzNTk1OVowejFJMEcGA1UEBRNAY2FkOWQ1MDcyYmMzMzA4MzZlMzIy NjEzZmZlYjI2ZDk1OGZmNmE5YzZkNTlkNjZiYmVhYzNkN2MzNzNhYTg0MDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtd5suY6NbRRB02xT/hGbcnW8IOBr 5X/C+8wfXFzqkU6p+3IOAceoUYq9SbFmNgRMAt9vVOz9Wu84rydoXxuuRmUfz0A/ PEpcIcjCsGlL69k9atRUlKcsA/nIO3VxmaStKZvixkMWFPCjIAMiUL+2lex+/7Hg Ht6lefiCsaD54LsU3LCcWmJRqfwe2TBz2sGU/XLp64I6V0FbBooTlCwtZIwftJAg fUlSJ0pRA6UnYwUk4cjPxsBjd5M9b61Ua4sg1/JYWOLbDS58TA3RfIuMQGkR2fJm A3wqzSPkck2+mHx4hijUVK20WCuHlRjRSbdDOMDmSgjYdxxV6oysQfMpFQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFLOxGa7bb74WQtSrFOEAiowewH0MMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzQzZmQ4Njg3LTEyZDQtNDliNS05OTU4LTg1MzZjZTgxNjBiNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQFrymgMA0GCSqGSIb3DQEBCwUAA4IBAQBtypgEivBN8pM+4FsHzdxs astwCCkvase7LJ4mKaQV9s+pmSxH80q2oNHrnyAyozNpnXTSR5J6G+w/OzhDyKKd SVAig5UwWcmNT991SJ/Pxeni2ietg5V9qONoLKXsrxWjsmQzfr14e0DhzdFlifzV k8j38/wzSjXbaGKbKt1zGNufatrUM1hcWTwccM45kfMV4Sra6y779Vdv2xZTjGJN fc2huUpNT6PwYtOjVkVPofnR5W7yrP6bMnziXAqiW+pAf7dPfNV1OK1yjzj/VjZk sK5LSzOHlGToGT6zjjcCbYtdm5nNBXa/TQmaVe7nJ+iyNv/W8750zk49tACtRj1s -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:53 2025 by rpki-client on console.sobornost.net