$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa File: e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa (raw, json) Hash identifier: cg47nb0N+Rraj3ghyNg2lut+jKBC4YpmrygyXYonxd4= Subject key identifier: 62:17:81:DC:3E:8F:E2:BF:4F:8A:CC:FF:1A:E1:B1:9C:BB:13:F9:88 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 07D8F3A9989F1B34C23A3B85BE055FC2DACB7EB6 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa Signing time: Wed 23 Apr 2025 00:00:03 +0000 ROA not before: Wed 23 Apr 2025 00:00:03 +0000 ROA not after: Wed 28 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 122.248.232.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:d8:f3:a9:98:9f:1b:34:c2:3a:3b:85:be:05:5f:c2:da:cb:7e:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Apr 23 00:00:03 2025 GMT Not After : May 28 23:59:59 2025 GMT Subject: serialNumber=9ed6d4c082b0c20a157d0655178b0d4ebd937ab9c789b3477294088a48958305, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:5e:4e:3a:e0:17:ba:39:38:d1:60:76:84:ea: bd:21:a1:74:72:1b:bd:cf:97:4c:ba:58:7e:8d:71: 19:49:8f:ae:97:e5:88:7c:7b:b5:62:a2:13:f1:e0: 6c:3c:75:85:e0:04:1c:0c:e0:d8:72:47:35:f4:55: 85:56:33:53:c8:23:13:cd:fa:61:9a:00:12:ac:af: 6b:26:6d:7f:d9:ea:7e:af:5f:6e:8e:a0:8b:fd:12: 9a:b8:51:c4:8f:80:71:e3:27:dc:14:17:e9:c7:fd: bf:50:9e:af:fb:95:11:9c:4b:b8:01:fc:ce:55:4e: 06:7c:b8:27:36:c5:51:b6:cd:d1:a1:da:9c:4b:d6: fb:36:18:20:c9:0e:5b:36:ee:65:f5:c6:e1:91:91: e3:34:a3:ee:77:ef:1a:5e:8f:c6:e0:87:cd:93:e6: 7d:7f:98:20:d3:59:62:17:4c:ca:bc:41:c9:61:1a: 7b:f4:ef:6c:20:11:23:c3:e0:72:35:45:4f:e8:b9: 8a:fe:3e:de:49:84:14:a9:f4:3e:fd:0e:07:bd:75: ff:0a:df:e2:99:41:ce:44:4c:98:65:db:5d:6d:01: a8:5c:d1:53:39:55:8c:54:4c:a3:0b:26:de:f8:a4: 05:0f:83:1b:38:09:10:1f:aa:39:de:15:e5:50:ad: c7:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:17:81:DC:3E:8F:E2:BF:4F:8A:CC:FF:1A:E1:B1:9C:BB:13:F9:88 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.248.232.0/21 Signature Algorithm: sha256WithRSAEncryption 51:97:36:9e:5c:66:38:ec:6b:e1:5d:4a:46:f2:22:d0:b9:e3: 7a:0d:c9:13:2d:4d:cf:44:37:e3:84:a3:dd:21:41:e1:8a:4c: 95:f3:c8:38:7d:0a:b8:6c:41:f5:01:b5:89:eb:af:8e:28:ff: 82:4a:5c:b9:15:3f:53:7a:4b:66:41:72:08:e5:12:79:31:49: a3:f8:20:38:71:3f:9f:1b:c0:4b:04:08:d6:99:78:23:0f:9d: 80:c3:ac:fa:1e:a8:12:e3:6d:eb:4f:74:27:ca:91:60:f6:bb: a0:37:0a:06:55:15:4b:93:83:d7:bd:9d:f7:4d:39:41:81:93: 98:66:62:b0:1e:f2:71:09:bc:50:11:26:cf:22:d1:41:0c:d8: 49:e5:a7:89:7e:8e:e6:e8:71:f9:22:f9:7f:df:f0:21:ff:ad: 50:01:10:74:1c:a7:7e:17:72:56:a4:a3:60:7f:c3:60:5a:88: ea:d2:12:da:eb:09:22:8c:46:3b:1e:2b:67:06:6c:e9:dc:70: 77:d8:1d:b5:e8:fd:71:67:a9:2d:39:2f:a5:84:15:db:cb:94: 95:b5:48:ce:13:ea:51:c1:b8:b4:f7:94:08:6d:06:21:8d:03: f5:e3:76:a1:54:1f:20:d1:e7:8f:d5:a4:ff:41:35:16:65:ce: f1:1a:13:f7 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUB9jzqZifGzTCOjuFvgVfwtrLfrYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDQyMzAwMDAwM1oX DTI1MDUyODIzNTk1OVowejFJMEcGA1UEBRNAOWVkNmQ0YzA4MmIwYzIwYTE1N2Qw NjU1MTc4YjBkNGViZDkzN2FiOWM3ODliMzQ3NzI5NDA4OGE0ODk1ODMwNTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0F5OOuAXujk40WB2hOq9IaF0chu9 z5dMulh+jXEZSY+ul+WIfHu1YqIT8eBsPHWF4AQcDODYckc19FWFVjNTyCMTzfph mgASrK9rJm1/2ep+r19ujqCL/RKauFHEj4Bx4yfcFBfpx/2/UJ6v+5URnEu4AfzO VU4GfLgnNsVRts3RodqcS9b7NhggyQ5bNu5l9cbhkZHjNKPud+8aXo/G4IfNk+Z9 f5gg01liF0zKvEHJYRp79O9sIBEjw+ByNUVP6LmK/j7eSYQUqfQ+/Q4HvXX/Ct/i mUHOREyYZdtdbQGoXNFTOVWMVEyjCybe+KQFD4MbOAkQH6o53hXlUK3HKQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFGIXgdw+j+K/T4rM/xrhsZy7E/mIMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2UzMmM5Y2JkLWEyNDEtNGRmNi05OWJiLWU3ZDE1YWJlNGIzYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDevjoMA0GCSqGSIb3DQEBCwUAA4IBAQBRlzaeXGY47GvhXUpG8iLQ ueN6DckTLU3PRDfjhKPdIUHhikyV88g4fQq4bEH1AbWJ66+OKP+CSly5FT9Tektm QXII5RJ5MUmj+CA4cT+fG8BLBAjWmXgjD52Aw6z6HqgS423rT3QnypFg9rugNwoG VRVLk4PXvZ33TTlBgZOYZmKwHvJxCbxQESbPItFBDNhJ5aeJfo7m6HH5Ivl/3/Ah /61QARB0HKd+F3JWpKNgf8NgWojq0hLa6wkijEY7HitnBmzp3HB32B216P1xZ6kt OS+lhBXby5SVtUjOE+pRwbi095QIbQYhjQP143ahVB8g0eeP1aT/QTUWZc7xGhP3 -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:53 2025 by rpki-client on console.sobornost.net