$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/5484d331-446c-4042-9500-dd3002e6a910.roa File: 5484d331-446c-4042-9500-dd3002e6a910.roa (raw, json) Hash identifier: XrwESrWLPGfsHHT8dyM+BJVS/PRO4haL5sfcvuMVtoU= Subject key identifier: E5:C0:19:26:24:49:E6:47:E0:27:42:45:77:E6:75:8E:AB:98:AB:6B Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 2EA5A54C1709B9F5DCB088EC86217C4C138B994F Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/5484d331-446c-4042-9500-dd3002e6a910.roa Signing time: Mon 31 Mar 2025 15:01:27 +0000 ROA not before: Mon 31 Mar 2025 15:01:27 +0000 ROA not after: Mon 05 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8014:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:a5:a5:4c:17:09:b9:f5:dc:b0:88:ec:86:21:7c:4c:13:8b:99:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Mar 31 15:01:27 2025 GMT Not After : May 5 23:59:59 2025 GMT Subject: serialNumber=89639c3a27a9a6d03dfbc143d0cb136364fccd5a389417b8687ee6d53013cd17, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:02:40:88:60:dd:c4:5e:1a:7c:45:b6:0c:f4: a4:a6:32:2a:de:9c:4e:9b:79:b1:bf:cc:6e:4c:64: f0:05:39:c1:29:e6:2c:9c:8a:21:4c:3b:f4:79:e3: de:5c:7f:64:45:bb:0d:80:4e:93:0e:35:2b:61:cf: 79:34:db:60:9e:0f:bb:74:3e:bc:6f:d5:dc:a8:e7: e7:00:5c:3f:c8:7c:16:af:e4:b1:3e:a0:6e:c7:ca: 6d:56:5b:3a:a3:53:d1:d0:c9:57:c4:81:4c:45:8d: e8:5b:b2:70:a4:22:b3:38:a4:ef:66:92:4e:1c:58: 2d:5c:6e:e4:38:9f:2f:e6:3c:ed:c4:22:f8:06:65: 14:54:cf:0a:5a:d5:6d:36:0a:d2:72:6a:89:a6:18: a7:ba:d4:f6:17:4a:1e:a4:53:75:11:11:97:e1:07: 2c:33:11:e2:0a:09:20:be:f2:4b:3f:72:8d:dd:6c: 94:87:20:e6:c1:ae:e7:5f:42:10:36:ac:80:3f:1b: c9:11:07:85:f3:f1:1b:f3:ca:66:78:62:c8:1b:29: f7:7c:14:9c:ce:30:66:2b:86:15:4f:9c:11:e5:c0: 54:23:36:b6:95:aa:f0:6c:3e:cc:b4:53:a8:d6:f9: 4c:09:ea:cb:6d:b5:f9:25:1e:f6:ce:e7:91:6d:92: 8f:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:C0:19:26:24:49:E6:47:E0:27:42:45:77:E6:75:8E:AB:98:AB:6B X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/5484d331-446c-4042-9500-dd3002e6a910.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8014:c00::/38 Signature Algorithm: sha256WithRSAEncryption b1:af:63:da:58:9a:e0:ac:95:43:bc:9d:f4:f4:3a:f3:ad:99: 00:3d:0a:93:94:91:aa:5b:39:7a:25:08:c4:83:75:2c:36:08: 95:4d:e7:22:ef:b1:f6:21:3b:8c:0f:4b:67:f7:3e:62:ad:36: 9f:d1:3e:d7:d1:59:d9:20:09:6d:45:e4:ea:1b:99:54:3f:a8: fd:94:84:5d:be:ad:a8:90:ef:a1:41:a9:a2:5a:93:e9:ab:ad: 7f:bd:9d:dd:07:c3:82:99:0f:98:a4:db:01:99:98:b0:a8:20: d8:89:b9:39:55:b6:d4:5f:92:33:df:71:b6:2e:74:02:c2:1b: f8:6b:c4:bf:1c:cc:5a:47:24:1a:dd:cb:1a:22:c5:cc:d6:a4: af:5e:2d:21:9b:9a:a5:37:71:21:72:9a:0a:63:dc:37:0a:d9: b0:d8:ee:68:0f:17:74:8e:99:83:50:19:ab:9e:9d:15:70:2c: 15:86:7a:33:c7:55:48:2a:4c:92:7c:b0:e1:36:fe:b4:51:6c: f4:20:4b:a3:3e:c0:16:8a:d7:93:5f:f3:2a:36:0e:ff:d5:24: 7d:17:ff:af:dc:01:68:2c:cf:83:7f:68:b4:51:d7:13:02:c6: fd:94:12:ab:bb:8b:d3:7b:bd:b0:11:ec:11:61:1f:bd:48:7a: 1d:84:0f:e5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIULqWlTBcJufXcsIjshiF8TBOLmU8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDMzMTE1MDEyN1oX DTI1MDUwNTIzNTk1OVowejFJMEcGA1UEBRNAODk2MzljM2EyN2E5YTZkMDNkZmJj MTQzZDBjYjEzNjM2NGZjY2Q1YTM4OTQxN2I4Njg3ZWU2ZDUzMDEzY2QxNzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogJAiGDdxF4afEW2DPSkpjIq3pxO m3mxv8xuTGTwBTnBKeYsnIohTDv0eePeXH9kRbsNgE6TDjUrYc95NNtgng+7dD68 b9XcqOfnAFw/yHwWr+SxPqBux8ptVls6o1PR0MlXxIFMRY3oW7JwpCKzOKTvZpJO HFgtXG7kOJ8v5jztxCL4BmUUVM8KWtVtNgrScmqJphinutT2F0oepFN1ERGX4Qcs MxHiCgkgvvJLP3KN3WyUhyDmwa7nX0IQNqyAPxvJEQeF8/Eb88pmeGLIGyn3fBSc zjBmK4YVT5wR5cBUIza2larwbD7MtFOo1vlMCerLbbX5JR72zueRbZKPwwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOXAGSYkSeZH4CdCRXfmdY6rmKtrMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzU0ODRkMzMxLTQ0NmMtNDA0Mi05NTAwLWRkMzAwMmU2YTkxMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AFAwwDQYJKoZIhvcNAQELBQADggEBALGvY9pYmuCslUO8nfT0 OvOtmQA9CpOUkapbOXolCMSDdSw2CJVN5yLvsfYhO4wPS2f3PmKtNp/RPtfRWdkg CW1F5OobmVQ/qP2UhF2+raiQ76FBqaJak+mrrX+9nd0Hw4KZD5ik2wGZmLCoINiJ uTlVttRfkjPfcbYudALCG/hrxL8czFpHJBrdyxoixczWpK9eLSGbmqU3cSFymgpj 3DcK2bDY7mgPF3SOmYNQGauenRVwLBWGejPHVUgqTJJ8sOE2/rRRbPQgS6M+wBaK 15Nf8yo2Dv/VJH0X/6/cAWgsz4N/aLRR1xMCxv2UEqu7i9N7vbAR7BFhH71Ieh2E D+U= -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:53 2025 by rpki-client on console.sobornost.net