$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa File: 3407e5b6-a83d-4668-898f-fdbb23092502.roa (raw, json) Hash identifier: cH943DC4IwcYYVM5xLtZ3NJChO5pM1whgAnx0K/weZw= Subject key identifier: 03:7A:F6:92:96:1B:88:A9:EB:E7:F6:19:92:A7:9A:D7:DD:63:8D:B6 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 03338118FEE0B77ED04C05441BCED6446C13258B Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa Signing time: Sat 05 Apr 2025 00:00:03 +0000 ROA not before: Sat 05 Apr 2025 00:00:03 +0000 ROA not after: Sat 10 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:33:81:18:fe:e0:b7:7e:d0:4c:05:44:1b:ce:d6:44:6c:13:25:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Apr 5 00:00:03 2025 GMT Not After : May 10 23:59:59 2025 GMT Subject: serialNumber=515505f76d53d727ed65e043b84a9dc83aa05f4eb6cd8754bd13be447fdde9f2, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:a3:28:c7:db:44:f5:f4:2a:9f:78:92:00:95: 62:4e:bb:ba:7e:c6:ea:32:ab:8c:ff:4e:ff:67:41: c1:a0:27:e5:0f:86:72:07:40:9c:63:ab:78:ad:25: 75:a8:5e:96:cc:21:a3:43:38:18:59:98:08:dc:63: 6a:1d:c1:7a:26:58:73:54:17:b9:ff:ab:dc:2d:ce: 3c:48:ac:27:52:3c:bf:13:e8:6d:25:dd:3d:f5:7f: 9a:90:72:42:79:7a:42:36:1c:32:66:af:6a:81:c8: 3b:91:7c:cd:03:08:27:d8:c3:1f:15:80:3d:5f:f1: 3b:09:aa:2c:b5:2a:dd:76:ad:26:8c:50:01:e0:d3: a0:be:e2:0c:8b:1f:3d:55:52:ad:f2:38:f0:9b:c8: 88:47:3a:67:97:7a:2b:67:af:82:a9:db:a4:3c:7d: 44:40:ba:3e:b0:c0:d2:86:30:eb:e2:49:2e:9d:b3: 92:cd:dc:5b:0b:0e:99:c4:4a:a5:e2:8d:e7:f1:51: 8e:99:aa:16:45:61:cd:55:fc:d4:9d:dd:59:94:85: 4c:34:36:7b:f4:d6:0a:90:be:1e:95:d2:0d:72:20: 51:f6:6c:1d:fb:15:b1:d0:f9:77:ec:5c:c4:10:b5: e0:63:5a:ed:76:bc:3b:e7:57:6f:f2:a1:cc:99:5d: 9b:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:7A:F6:92:96:1B:88:A9:EB:E7:F6:19:92:A7:9A:D7:DD:63:8D:B6 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700::/32 Signature Algorithm: sha256WithRSAEncryption ad:08:72:37:d3:8d:0a:31:13:96:49:71:4f:c6:6c:77:27:05: 3a:49:6e:e6:7c:87:6b:31:3e:12:db:54:0c:9f:46:e6:0d:df: f2:54:d4:ee:2e:e4:ed:9d:e6:14:fe:f8:1b:3d:ac:a3:56:0e: c6:ef:8a:a1:04:0b:61:ee:0b:69:47:4d:87:7b:d8:d4:3d:54: 4d:7d:6c:5f:60:5f:60:09:93:15:d0:d9:ef:1d:e2:55:a4:92: 21:5f:84:b5:f3:ec:16:a7:67:08:51:87:4d:c4:b0:95:e1:23: 77:53:9a:a8:54:06:38:9c:6f:43:24:c6:60:9f:ad:68:eb:9e: 78:ce:f6:16:62:d0:14:e0:ad:1b:15:f0:e3:94:6c:5c:a5:b4: 68:d6:58:91:03:af:f0:42:da:b9:6a:0e:4b:79:6c:10:4a:62: bd:f4:13:8e:41:a2:a4:ef:3e:40:df:c3:b7:d0:d1:de:87:7f: 7f:9d:8e:a2:4d:51:1b:e8:ef:49:05:9a:f8:f5:1a:73:47:13: b1:ae:6f:38:08:fa:00:b8:2e:65:c6:80:c3:a6:6b:51:83:1d: 87:32:55:2d:86:f5:45:61:6d:da:f5:6f:a9:41:86:a9:1f:e4: da:ab:71:ab:a8:11:32:9d:0b:aa:47:42:a2:8d:6f:d7:09:7d: e9:0c:94:d5 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUAzOBGP7gt37QTAVEG87WRGwTJYswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDQwNTAwMDAwM1oX DTI1MDUxMDIzNTk1OVowejFJMEcGA1UEBRNANTE1NTA1Zjc2ZDUzZDcyN2VkNjVl MDQzYjg0YTlkYzgzYWEwNWY0ZWI2Y2Q4NzU0YmQxM2JlNDQ3ZmRkZTlmMjEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqMox9tE9fQqn3iSAJViTru6fsbq MquM/07/Z0HBoCflD4ZyB0CcY6t4rSV1qF6WzCGjQzgYWZgI3GNqHcF6JlhzVBe5 /6vcLc48SKwnUjy/E+htJd099X+akHJCeXpCNhwyZq9qgcg7kXzNAwgn2MMfFYA9 X/E7CaostSrddq0mjFAB4NOgvuIMix89VVKt8jjwm8iIRzpnl3orZ6+CqdukPH1E QLo+sMDShjDr4kkunbOSzdxbCw6ZxEql4o3n8VGOmaoWRWHNVfzUnd1ZlIVMNDZ7 9NYKkL4eldINciBR9mwd+xWx0Pl37FzEELXgY1rtdrw751dv8qHMmV2bQQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFAN69pKWG4ip6+f2GZKnmtfdY422MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzM0MDdlNWI2LWE4M2QtNDY2OC04OThmLWZkYmIyMzA5MjUwMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABnADANBgkqhkiG9w0BAQsFAAOCAQEArQhyN9ONCjETlklxT8Zs dycFOklu5nyHazE+EttUDJ9G5g3f8lTU7i7k7Z3mFP74Gz2so1YOxu+KoQQLYe4L aUdNh3vY1D1UTX1sX2BfYAmTFdDZ7x3iVaSSIV+EtfPsFqdnCFGHTcSwleEjd1Oa qFQGOJxvQyTGYJ+taOueeM72FmLQFOCtGxXw45RsXKW0aNZYkQOv8ELauWoOS3ls EEpivfQTjkGipO8+QN/Dt9DR3od/f52Ook1RG+jvSQWa+PUac0cTsa5vOAj6ALgu ZcaAw6ZrUYMdhzJVLYb1RWFt2vVvqUGGqR/k2qtxq6gRMp0LqkdCoo1v1wl96QyU 1Q== -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:54 2025 by rpki-client on console.sobornost.net