$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa File: 3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa (raw, json) Hash identifier: pyzwtWtvugnjJAQkzPyBldCLe1/01+NabCiaqfVAnp0= Subject key identifier: 34:67:4D:E7:60:8C:79:64:E1:49:C9:A7:DF:69:CB:7B:CA:1F:4B:8E Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 1B4BB08FB4AFD6569C111E07BB8C3A093959A9BA Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa Signing time: Wed 23 Apr 2025 00:00:13 +0000 ROA not before: Wed 23 Apr 2025 00:00:13 +0000 ROA not after: Wed 28 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.224.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:4b:b0:8f:b4:af:d6:56:9c:11:1e:07:bb:8c:3a:09:39:59:a9:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Apr 23 00:00:13 2025 GMT Not After : May 28 23:59:59 2025 GMT Subject: serialNumber=092a02ea5a40febd37f0b415510f33da9270d7c28711da27df768f7720f18dc4, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:4a:0a:9b:ec:a9:94:9d:fc:8f:d2:e5:f3:da: 97:90:ca:45:b2:f0:1e:12:1d:25:37:ba:cf:97:79: ff:de:81:8b:97:0b:23:52:c4:b2:63:c8:e3:83:ad: 89:b5:ad:5e:34:6a:d0:55:dc:1c:4e:ca:3c:19:73: f3:83:db:8a:1a:b9:23:74:03:ef:22:41:9c:97:ff: 0a:06:d2:9c:32:63:47:97:9b:66:43:51:76:b3:9a: 8b:db:3d:7d:fd:02:27:90:c4:c4:a8:fa:b8:56:37: 79:a2:10:e6:58:c6:c1:61:c0:99:2f:f9:3a:6a:f0: d7:00:0e:65:2f:ba:e1:3a:14:ff:6e:80:f7:72:26: d6:07:a1:b3:41:dd:cc:f5:5e:4c:e6:9d:02:67:af: ec:e4:9f:42:ec:34:13:92:1f:ef:5f:03:92:db:65: 0a:88:ba:a2:bf:46:42:ca:99:31:f1:d7:ef:36:a0: f6:ad:a5:91:e3:26:8f:69:3c:20:48:9d:56:86:06: 24:cd:ff:ae:e2:2c:79:0f:ab:81:2c:57:62:78:ce: 8d:fa:53:b3:35:cf:64:37:48:27:86:c0:de:72:eb: 3d:7b:60:71:5a:4e:29:8c:ca:07:4d:b0:ba:1e:36: 9a:cd:2f:8f:e6:e0:84:48:bd:fc:1e:ac:b9:26:72: 22:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:67:4D:E7:60:8C:79:64:E1:49:C9:A7:DF:69:CB:7B:CA:1F:4B:8E X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.224.0/21 Signature Algorithm: sha256WithRSAEncryption 8a:88:1b:bf:d6:eb:91:e9:d3:da:93:4f:b8:a6:6a:02:d4:bb: 21:60:d3:84:05:b5:ff:d5:ac:d9:0f:1f:fa:a3:e2:8f:a7:9d: 29:14:f0:85:cb:62:c6:b4:23:89:8d:26:5f:19:55:ab:08:e6: a5:d4:ad:e1:7f:83:6b:b8:37:a8:de:2c:97:01:0c:d4:44:ef: be:55:bd:51:cb:55:a3:e0:3c:59:df:d3:df:98:fc:68:78:08: 13:30:17:76:b1:ad:01:bc:68:19:7c:79:59:97:c9:66:2c:f9: ce:89:35:ce:0f:27:30:c8:cb:6d:4c:0e:62:5f:6d:55:a5:b8: bb:bc:88:24:b5:6b:15:e3:0c:49:15:05:16:0b:81:6a:4c:23: e4:3d:af:e3:44:db:e7:5f:8d:91:6a:41:af:67:0f:9c:12:50: a9:05:01:4d:68:6e:ee:c8:9a:02:88:bf:3f:71:5f:0b:e4:69: 5f:d3:ff:37:9d:5b:49:1c:2a:c6:ea:31:47:3b:bf:9e:ff:b6: 23:ba:94:d2:f8:bc:3b:1f:e7:84:59:61:dd:b7:37:40:6f:10: 0a:61:6f:af:26:e4:5e:40:b7:cc:40:9d:f0:d6:37:4a:9a:a0: e9:1c:56:27:7f:2a:6b:cb:c6:ed:55:b0:56:4d:77:8e:8d:fa: 78:92:54:bd -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUG0uwj7Sv1lacER4Hu4w6CTlZqbowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDQyMzAwMDAxM1oX DTI1MDUyODIzNTk1OVowejFJMEcGA1UEBRNAMDkyYTAyZWE1YTQwZmViZDM3ZjBi NDE1NTEwZjMzZGE5MjcwZDdjMjg3MTFkYTI3ZGY3NjhmNzcyMGYxOGRjNDEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUoKm+yplJ38j9Ll89qXkMpFsvAe Eh0lN7rPl3n/3oGLlwsjUsSyY8jjg62Jta1eNGrQVdwcTso8GXPzg9uKGrkjdAPv IkGcl/8KBtKcMmNHl5tmQ1F2s5qL2z19/QInkMTEqPq4Vjd5ohDmWMbBYcCZL/k6 avDXAA5lL7rhOhT/boD3cibWB6GzQd3M9V5M5p0CZ6/s5J9C7DQTkh/vXwOS22UK iLqiv0ZCypkx8dfvNqD2raWR4yaPaTwgSJ1WhgYkzf+u4ix5D6uBLFdieM6N+lOz Nc9kN0gnhsDecus9e2BxWk4pjMoHTbC6HjaazS+P5uCESL38Hqy5JnIi0wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFDRnTedgjHlk4UnJp99py3vKH0uOMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzNiOTQwZDE0LWI4YzQtNGMzZC05NzhmLWExYTNiN2EwYTgyYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDryngMA0GCSqGSIb3DQEBCwUAA4IBAQCKiBu/1uuR6dPak0+4pmoC 1LshYNOEBbX/1azZDx/6o+KPp50pFPCFy2LGtCOJjSZfGVWrCOal1K3hf4NruDeo 3iyXAQzURO++Vb1Ry1Wj4DxZ39PfmPxoeAgTMBd2sa0BvGgZfHlZl8lmLPnOiTXO DycwyMttTA5iX21Vpbi7vIgktWsV4wxJFQUWC4FqTCPkPa/jRNvnX42RakGvZw+c ElCpBQFNaG7uyJoCiL8/cV8L5Glf0/83nVtJHCrG6jFHO7+e/7YjupTS+Lw7H+eE WWHdtzdAbxAKYW+vJuReQLfMQJ3w1jdKmqDpHFYnfypry8btVbBWTXeOjfp4klS9 -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:54 2025 by rpki-client on console.sobornost.net