$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0d6f5c86-57d8-4e0d-8445-30cb122bb4dd.roa File: 0d6f5c86-57d8-4e0d-8445-30cb122bb4dd.roa (raw, json) Hash identifier: +1Bu4SpUidA/TgegoIAYELQWeO3sJGZbTS/blA4wBK8= Subject key identifier: 92:26:3E:6E:CC:F5:91:4D:43:FF:1B:D9:96:87:D2:BF:22:77:F1:6C Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 72300DC19F2B109099A7FC53E2BC8F162A73EDD3 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0d6f5c86-57d8-4e0d-8445-30cb122bb4dd.roa Signing time: Mon 31 Mar 2025 15:01:28 +0000 ROA not before: Mon 31 Mar 2025 15:01:28 +0000 ROA not after: Mon 05 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8014::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:30:0d:c1:9f:2b:10:90:99:a7:fc:53:e2:bc:8f:16:2a:73:ed:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Mar 31 15:01:28 2025 GMT Not After : May 5 23:59:59 2025 GMT Subject: serialNumber=5920798baa73366b91859daa68f6c3cd79ff4b63946ebf3034daa6d0811e2976, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:df:36:94:ac:1d:66:dd:72:9b:3c:6d:72:e5: 55:9b:5c:d4:e6:fd:e7:17:42:e9:c1:9a:19:c9:bd: 1a:07:34:c7:79:d5:2d:07:32:a2:83:1f:5b:f0:e4: 5c:f6:42:0b:2d:ce:fe:53:86:8b:2b:97:73:ac:f5: f2:84:8e:0f:62:f9:0b:35:4a:5e:56:55:df:d4:6c: 83:43:e7:cf:cd:8b:03:9d:b1:df:05:bc:69:a3:9d: e1:1f:da:5a:f1:30:8c:b5:e2:7c:a4:6a:4f:4a:11: 87:bf:c5:79:51:0f:d4:5d:29:f2:79:5e:fd:4c:ec: 4a:1b:4d:7c:23:90:67:5c:83:71:d0:f6:13:c6:f8: ef:c2:10:c2:d9:24:4f:0e:d0:b8:1f:37:a4:07:8a: 74:be:a4:f5:f3:db:8b:89:76:09:dc:81:1d:75:9a: d9:96:54:c5:c0:e6:7c:cd:51:79:5f:93:27:a1:5d: ee:4c:f6:8c:57:0c:1a:f5:f2:c2:a2:95:d8:9d:2c: fd:37:09:02:9d:de:2d:a0:ac:1f:a7:30:b1:fa:54: 0f:58:e5:da:1c:4c:44:7a:f6:f0:49:f7:7d:4e:13: 4c:33:66:b8:20:f7:46:b4:3d:5d:50:5b:ae:2f:52: 85:f0:b5:31:83:86:95:33:61:d7:2a:0f:cf:56:a3: 8b:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:26:3E:6E:CC:F5:91:4D:43:FF:1B:D9:96:87:D2:BF:22:77:F1:6C X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/0d6f5c86-57d8-4e0d-8445-30cb122bb4dd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8014::/36 Signature Algorithm: sha256WithRSAEncryption 5e:32:fb:75:73:19:d1:b6:35:3b:37:8c:c1:fb:ab:43:1c:1f: 15:84:e6:ee:17:2e:1e:b1:9e:c3:ee:93:ae:11:f8:2e:cd:56: 80:71:0c:51:c6:42:a3:e5:ac:ab:e4:00:89:f3:c1:22:14:2c: 3a:de:45:5c:a2:51:4c:64:f6:c0:fd:f7:61:e0:aa:88:f8:9f: bd:11:d3:b2:16:63:ca:9b:9e:91:93:04:48:f7:1e:7d:e2:2c: e0:a8:b3:2b:b1:46:22:48:4d:70:88:c3:6e:26:b1:34:21:97: 38:54:fd:70:94:14:ed:8d:44:ea:37:22:14:89:31:2c:a6:82: 1b:64:e5:b1:54:5d:bc:51:92:26:9b:a8:e8:7d:91:db:0a:b9: b1:b9:52:d8:ea:f4:03:15:c1:93:20:5b:de:bd:9b:f3:25:cf: 20:99:db:64:4d:8f:f0:33:fc:95:bf:23:0c:0e:46:1c:7f:aa: 26:48:42:75:3e:22:62:9c:21:06:20:09:3d:df:a6:28:aa:a0: 43:f8:6e:fa:b9:8a:23:53:de:66:c3:e8:84:8c:9a:08:94:82: 02:44:ed:b8:89:ba:fc:5f:33:d0:43:e6:67:b5:fa:25:c6:d2: a8:e0:8b:e8:df:3c:29:63:72:9f:3e:fa:05:7f:0f:5e:62:b5: c7:7f:72:a8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcjANwZ8rEJCZp/xT4ryPFipz7dMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDMzMTE1MDEyOFoX DTI1MDUwNTIzNTk1OVowejFJMEcGA1UEBRNANTkyMDc5OGJhYTczMzY2YjkxODU5 ZGFhNjhmNmMzY2Q3OWZmNGI2Mzk0NmViZjMwMzRkYWE2ZDA4MTFlMjk3NjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1t82lKwdZt1ymzxtcuVVm1zU5v3n F0LpwZoZyb0aBzTHedUtBzKigx9b8ORc9kILLc7+U4aLK5dzrPXyhI4PYvkLNUpe VlXf1GyDQ+fPzYsDnbHfBbxpo53hH9pa8TCMteJ8pGpPShGHv8V5UQ/UXSnyeV79 TOxKG018I5BnXINx0PYTxvjvwhDC2SRPDtC4HzekB4p0vqT189uLiXYJ3IEddZrZ llTFwOZ8zVF5X5MnoV3uTPaMVwwa9fLCopXYnSz9NwkCnd4toKwfpzCx+lQPWOXa HExEevbwSfd9ThNMM2a4IPdGtD1dUFuuL1KF8LUxg4aVM2HXKg/PVqOLPQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJImPm7M9ZFNQ/8b2ZaH0r8id/FsMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzBkNmY1Yzg2LTU3ZDgtNGUwZC04NDQ1LTMwY2IxMjJiYjRkZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJA+AFAAwDQYJKoZIhvcNAQELBQADggEBAF4y+3VzGdG2NTs3jMH7 q0McHxWE5u4XLh6xnsPuk64R+C7NVoBxDFHGQqPlrKvkAInzwSIULDreRVyiUUxk 9sD992Hgqoj4n70R07IWY8qbnpGTBEj3Hn3iLOCosyuxRiJITXCIw24msTQhlzhU /XCUFO2NROo3IhSJMSymghtk5bFUXbxRkiabqOh9kdsKubG5Utjq9AMVwZMgW969 m/MlzyCZ22RNj/Az/JW/IwwORhx/qiZIQnU+ImKcIQYgCT3fpiiqoEP4bvq5iiNT 3mbD6ISMmgiUggJE7biJuvxfM9BD5me1+iXG0qjgi+jfPCljcp8++gV/D15itcd/ cqg= -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:53 2025 by rpki-client on console.sobornost.net