$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa File: 882a767c-0faf-4e71-a224-ecec47d98fcb.roa (raw, json) Hash identifier: kLNXjxAyfbQ0GhE78l1WrCPVEjuYmXCCBVnY4GfrWQQ= Subject key identifier: CE:59:EC:DF:7C:C2:C6:90:18:FD:AF:48:A5:8E:CC:88:64:B4:5E:76 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 5F53FEA0DC7E9DDC3059A47D241F36A61D0211D8 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa Signing time: Wed 23 Apr 2025 00:00:05 +0000 ROA not before: Wed 23 Apr 2025 00:00:05 +0000 ROA not after: Wed 28 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 122.248.224.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:53:fe:a0:dc:7e:9d:dc:30:59:a4:7d:24:1f:36:a6:1d:02:11:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Apr 23 00:00:05 2025 GMT Not After : May 28 23:59:59 2025 GMT Subject: serialNumber=1f6307980258940290b079099f811f017d7e6b1ed8c39e4fba845961bb5aff17, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:84:2a:6f:fc:78:39:fb:12:c9:fb:87:4d:e2:ad: 3d:4b:60:fa:36:18:85:55:0a:6f:e2:7c:74:35:87: ab:71:96:83:d2:04:58:70:d7:45:82:ff:4c:cd:fd: 23:3c:16:15:96:c6:5b:c0:aa:80:9b:c7:ed:fc:3e: 86:34:7f:a7:22:af:fd:15:83:36:08:d0:9d:98:14: 80:af:67:e9:24:17:d7:fa:7b:7c:6b:1b:01:68:74: 09:62:50:e1:fd:9e:0a:55:10:51:1d:ce:bc:9d:a0: 1f:8a:5d:b3:df:32:ba:e5:d3:e1:34:7f:84:c5:26: d6:c5:28:8e:c2:b8:ff:ee:39:62:f6:3c:96:f3:ff: 6d:ab:15:bf:26:51:1c:f6:79:94:ec:52:a5:aa:fb: 0a:f8:27:43:0a:d7:a8:de:19:37:96:bf:e0:71:f0: 87:3d:c9:3f:71:f9:9d:93:5e:7b:4b:8f:02:6f:8a: 5e:31:27:77:e1:24:39:64:d7:76:51:dd:a1:84:bb: d6:d2:53:b4:bc:7c:07:50:73:cb:12:1e:c4:a5:67: 5e:62:a3:86:17:da:10:b0:eb:7e:95:83:e9:30:72: 4a:e6:45:43:7f:ab:ee:92:4f:ad:e2:c6:b3:99:23: 39:42:23:79:6e:18:13:05:d4:94:2c:c3:ba:5f:34: 71:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:59:EC:DF:7C:C2:C6:90:18:FD:AF:48:A5:8E:CC:88:64:B4:5E:76 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.248.224.0/21 Signature Algorithm: sha256WithRSAEncryption 9b:83:fd:65:2a:fc:0e:ed:73:7d:d4:c9:3a:0b:f7:7a:d2:7f: 1e:88:d8:2e:2a:d2:85:d6:47:ea:c7:f3:c9:e6:0b:46:b3:91: a0:34:61:d9:66:5f:0f:96:2c:9f:3e:cd:4a:9d:c5:b1:bb:8f: e5:5c:05:69:53:5b:80:d2:94:b1:67:fa:92:3f:2f:4e:78:86: 87:a8:34:ae:9a:f6:c8:bc:ca:54:17:66:86:d2:df:b2:b3:a5: a4:41:d2:5d:4c:1f:bd:ed:7c:88:9e:02:43:6c:9f:fc:93:46: 73:00:c2:f0:0d:61:7f:ea:c5:af:e7:55:be:57:9e:6b:0d:c1: 60:be:33:e0:e1:62:73:35:0e:47:8a:d8:2d:f0:d5:97:23:07: e7:87:5e:6d:67:8b:6e:a1:52:78:64:7b:9a:44:d9:0e:b9:45: 94:a8:db:da:a4:55:1f:b9:0c:07:1a:69:b9:7e:41:52:7a:ff: 75:48:9d:12:51:cd:ce:8b:e7:f6:2e:a2:ff:40:ad:d3:a6:d4: ac:35:16:30:94:07:f0:5f:cf:30:31:3d:d4:2f:74:51:5e:45: 86:b4:3d:4d:aa:f6:23:6a:fa:a9:20:84:5e:cc:cd:7e:5c:47: ae:d8:b6:6e:6d:7c:8b:db:6e:15:ef:a3:1a:7a:6b:fa:a0:f1: d2:ae:88:7d -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUX1P+oNx+ndwwWaR9JB82ph0CEdgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDQyMzAwMDAwNVoX DTI1MDUyODIzNTk1OVowejFJMEcGA1UEBRNAMWY2MzA3OTgwMjU4OTQwMjkwYjA3 OTA5OWY4MTFmMDE3ZDdlNmIxZWQ4YzM5ZTRmYmE4NDU5NjFiYjVhZmYxNzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCpv/Hg5+xLJ+4dN4q09S2D6NhiF VQpv4nx0NYercZaD0gRYcNdFgv9Mzf0jPBYVlsZbwKqAm8ft/D6GNH+nIq/9FYM2 CNCdmBSAr2fpJBfX+nt8axsBaHQJYlDh/Z4KVRBRHc68naAfil2z3zK65dPhNH+E xSbWxSiOwrj/7jli9jyW8/9tqxW/JlEc9nmU7FKlqvsK+CdDCteo3hk3lr/gcfCH Pck/cfmdk157S48Cb4peMSd34SQ5ZNd2Ud2hhLvW0lO0vHwHUHPLEh7EpWdeYqOG F9oQsOt+lYPpMHJK5kVDf6vukk+t4sazmSM5QiN5bhgTBdSULMO6XzRxdwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFM5Z7N98wsaQGP2vSKWOzIhktF52MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 Lzg4MmE3NjdjLTBmYWYtNGU3MS1hMjI0LWVjZWM0N2Q5OGZjYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDevjgMA0GCSqGSIb3DQEBCwUAA4IBAQCbg/1lKvwO7XN91Mk6C/d6 0n8eiNguKtKF1kfqx/PJ5gtGs5GgNGHZZl8PliyfPs1KncWxu4/lXAVpU1uA0pSx Z/qSPy9OeIaHqDSumvbIvMpUF2aG0t+ys6WkQdJdTB+97XyIngJDbJ/8k0ZzAMLw DWF/6sWv51W+V55rDcFgvjPg4WJzNQ5Hitgt8NWXIwfnh15tZ4tuoVJ4ZHuaRNkO uUWUqNvapFUfuQwHGmm5fkFSev91SJ0SUc3Oi+f2LqL/QK3TptSsNRYwlAfwX88w MT3UL3RRXkWGtD1NqvYjavqpIIRezM1+XEeu2LZubXyL224V76Maemv6oPHSroh9 -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:53 2025 by rpki-client on console.sobornost.net