$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa File: cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa (raw, json) Hash identifier: zecatdykaa27g7mXIDSTfQuArxAd5lMSxye/9QTs+fI= Subject key identifier: FB:F9:83:D1:7D:70:E5:F5:BD:5C:B1:23:31:D8:41:D2:4C:41:BB:A0 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 5ABEE4B98FD01897D36509C3D3ABA8D1AD1C119F Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa Signing time: Fri 18 Apr 2025 00:00:00 +0000 ROA not before: Fri 18 Apr 2025 00:00:00 +0000 ROA not after: Fri 23 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.250.192.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:be:e4:b9:8f:d0:18:97:d3:65:09:c3:d3:ab:a8:d1:ad:1c:11:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Apr 18 00:00:00 2025 GMT Not After : May 23 23:59:59 2025 GMT Subject: serialNumber=90fb14be9e1d065857f031c1966bb6e0559c8aa01cfda074ac6371ffdd4d5405, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:d2:97:e2:18:58:8c:bb:d1:84:f9:5d:a4:24: 9f:0f:d2:64:70:a0:6b:c1:db:2c:fe:b5:95:8f:bf: 49:6e:79:65:5f:dc:45:7f:72:6c:a8:05:1b:71:27: 15:77:ae:9d:c9:30:50:49:ed:22:ef:e5:5d:3d:b1: 54:87:43:15:3b:d4:f5:0d:d4:7c:f4:20:63:88:54: d8:a1:62:a8:81:e8:6a:1d:11:51:c5:e1:1b:e8:b3: 42:69:2d:0b:37:1c:e7:13:a0:8b:8d:b3:d3:53:e5: 85:7e:f4:a9:40:e4:f7:ee:dc:64:15:4f:8e:bd:5c: 6e:53:72:44:14:41:ed:32:20:b8:4b:9e:6e:16:5e: 7f:61:24:36:69:19:db:df:ff:78:05:cd:c0:88:9a: 69:98:ef:17:75:4e:f2:8b:37:da:ed:fb:13:c0:3f: c3:c4:77:25:df:77:d5:7f:0b:01:57:37:86:39:8d: 8f:1e:f3:1b:bf:5d:d7:1e:0c:ea:ba:6f:c8:36:99: 13:8e:08:b2:64:3b:ac:4c:dc:1a:97:c3:bb:5d:94: 03:5c:5d:22:3a:c0:15:bc:c3:7e:7c:9d:8c:5e:dc: 3f:fc:d0:11:2d:9a:d7:cf:91:eb:2c:1b:27:de:af: c7:9b:c8:59:8e:6a:67:e6:e4:61:39:5f:c9:94:0c: 81:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:F9:83:D1:7D:70:E5:F5:BD:5C:B1:23:31:D8:41:D2:4C:41:BB:A0 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.192.0/22 Signature Algorithm: sha256WithRSAEncryption 18:bb:bc:d7:51:e2:a3:9f:b4:2b:6a:cc:43:b0:0e:64:4c:b3: af:6a:2c:b2:b6:c8:c2:3c:6f:19:89:06:af:a7:6d:c2:af:b7: aa:be:d3:e2:88:e4:71:45:af:9b:b7:77:22:fb:75:c2:0b:8d: 26:2c:46:97:eb:cb:7b:05:cf:3f:ed:a8:a9:dc:b2:e9:83:c7: 9c:c1:78:b8:f6:db:41:03:90:cf:6f:0e:e2:26:4a:ef:78:e5: 2c:e2:fd:a3:a0:b9:4c:63:86:c8:e3:c9:2a:6d:3a:cb:d8:eb: 7d:76:dc:5f:aa:4c:b4:28:61:71:88:06:40:da:08:bb:df:86: 5a:55:db:c3:de:74:db:66:56:af:cd:0a:a3:9a:cd:30:86:e3: 9a:1c:ae:e2:a9:17:e2:de:49:fb:30:4c:0b:f4:2e:23:70:7e: 38:63:3a:5d:8f:96:dd:4b:4d:7b:7d:0e:c1:67:be:09:16:df: 24:2a:a5:0f:d8:98:75:8b:52:35:89:bb:9c:b7:a5:2f:ec:23: 7d:1d:ee:86:cf:9d:c0:06:97:ef:97:15:c4:b1:31:b8:93:49: 5e:db:ff:35:84:0c:26:68:79:f2:bf:d8:96:8d:27:14:1d:26: 14:41:fc:9c:cb:95:ec:4b:7a:00:6b:a3:56:f6:ca:e6:71:44: 71:44:46:84 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUWr7kuY/QGJfTZQnD06uo0a0cEZ8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDQxODAwMDAwMFoX DTI1MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAOTBmYjE0YmU5ZTFkMDY1ODU3ZjAz MWMxOTY2YmI2ZTA1NTljOGFhMDFjZmRhMDc0YWM2MzcxZmZkZDRkNTQwNTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdKX4hhYjLvRhPldpCSfD9JkcKBr wdss/rWVj79JbnllX9xFf3JsqAUbcScVd66dyTBQSe0i7+VdPbFUh0MVO9T1DdR8 9CBjiFTYoWKogehqHRFRxeEb6LNCaS0LNxznE6CLjbPTU+WFfvSpQOT37txkFU+O vVxuU3JEFEHtMiC4S55uFl5/YSQ2aRnb3/94Bc3AiJppmO8XdU7yizfa7fsTwD/D xHcl33fVfwsBVzeGOY2PHvMbv13XHgzqum/INpkTjgiyZDusTNwal8O7XZQDXF0i OsAVvMN+fJ2MXtw//NARLZrXz5HrLBsn3q/Hm8hZjmpn5uRhOV/JlAyBwQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPv5g9F9cOX1vVyxIzHYQdJMQbugMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NiMmU1YThjLTIxZjEtNDY3OS1hMzcyLTYxNzczMmZjM2VhNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rAMA0GCSqGSIb3DQEBCwUAA4IBAQAYu7zXUeKjn7QrasxDsA5k TLOvaiyytsjCPG8ZiQavp23Cr7eqvtPiiORxRa+bt3ci+3XCC40mLEaX68t7Bc8/ 7aip3LLpg8ecwXi49ttBA5DPbw7iJkrveOUs4v2joLlMY4bI48kqbTrL2Ot9dtxf qky0KGFxiAZA2gi734ZaVdvD3nTbZlavzQqjms0whuOaHK7iqRfi3kn7MEwL9C4j cH44Yzpdj5bdS017fQ7BZ74JFt8kKqUP2Jh1i1I1ibuct6Uv7CN9He6Gz53ABpfv lxXEsTG4k0le2/81hAwmaHnyv9iWjScUHSYUQfycy5XsS3oAa6NW9srmcURxREaE -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:53 2025 by rpki-client on console.sobornost.net