$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa File: 9b59fbe4-f242-4dbf-9964-15048c3da996.roa (raw, json) Hash identifier: HyYk1qTMcbdjCco+oBYO4eDbEYlvBNmuV4W9QY2tSXY= Subject key identifier: B7:25:36:E7:2A:D1:CA:0C:4F:65:D7:11:DE:47:7E:53:77:D2:05:94 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 2DC3541B49A5B8800A2DD3EEA76A5B37425D2BA7 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa Signing time: Wed 23 Apr 2025 00:00:03 +0000 ROA not before: Wed 23 Apr 2025 00:00:03 +0000 ROA not after: Wed 28 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 103.4.8.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:c3:54:1b:49:a5:b8:80:0a:2d:d3:ee:a7:6a:5b:37:42:5d:2b:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Apr 23 00:00:03 2025 GMT Not After : May 28 23:59:59 2025 GMT Subject: serialNumber=6294226abb21633a5c664fb660fb3fed6dc57d0913c3d63a45cd590b9bf667df, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:aa:ae:7d:e0:ee:34:14:ce:43:0e:23:37:7a: 0b:39:04:ec:b5:d7:f5:1b:56:a5:24:9c:0b:07:27: d7:c4:de:de:94:e2:22:c0:aa:e8:8e:be:e1:ab:db: aa:88:3d:9d:db:37:36:7b:7c:3f:a0:44:bd:ea:f6: 1b:f3:bf:dd:3b:0e:b0:bd:a3:cf:44:e6:e3:3d:cd: 09:62:02:ae:4d:f7:40:26:15:70:ca:62:3c:3d:51: e2:5d:c4:b3:bf:d4:be:58:92:d6:e3:0a:3f:f0:68: 7b:a4:93:df:36:aa:27:01:fc:34:4c:b4:6f:88:05: f1:2a:a4:7f:48:99:30:9a:a5:35:f4:0b:40:54:31: 1e:9f:be:91:68:80:74:f8:32:d9:7d:df:b2:a2:e3: 47:4c:b4:46:45:98:24:72:45:a9:92:76:f4:2b:01: f7:2f:a2:9b:af:d7:8e:8e:04:58:d4:fd:b1:99:6f: 00:9a:02:9a:8d:9e:f7:46:ab:5a:9c:9d:eb:48:13: 0c:80:ab:db:9d:33:4d:e1:da:50:f8:f1:93:97:fa: 55:92:fd:7d:09:e9:72:45:25:a8:5e:f2:9e:bd:e3: 5a:f3:e3:97:82:6e:fb:5d:c8:e7:bf:86:cd:cf:0d: e0:e4:26:90:c4:e6:6f:78:f6:1b:33:b5:dd:26:e1: a9:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:25:36:E7:2A:D1:CA:0C:4F:65:D7:11:DE:47:7E:53:77:D2:05:94 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.4.8.0/21 Signature Algorithm: sha256WithRSAEncryption 19:4d:ab:5c:35:c9:b9:d1:9f:33:a6:41:dd:86:e5:ef:74:0b: 74:20:56:c8:80:3f:62:4f:56:e3:44:49:1d:5e:58:30:1e:09: a8:b1:1e:bc:f2:e8:9a:d8:20:a0:76:80:0e:f9:62:88:0f:f7: 02:4b:c9:22:b6:30:ef:18:65:13:ad:5d:75:83:ca:03:d8:9d: 82:74:a5:78:82:0f:83:67:c1:6c:db:4f:dc:3b:db:6e:59:53: 40:cb:79:6d:75:70:c3:3c:46:66:86:24:3b:f9:c7:77:b1:10: 10:ea:09:47:9a:91:c5:c8:70:de:c6:bb:46:b7:26:83:d1:ab: bf:e4:fd:31:0d:84:e3:8f:c3:45:b7:3e:c9:b2:06:62:e8:82: b8:82:50:41:c2:a8:c1:6b:52:22:18:20:90:aa:ef:ae:57:08: de:b4:71:da:4d:18:e5:77:2a:a4:65:4a:1d:3f:34:5c:28:e4: d9:74:5c:40:ba:a0:ad:c7:21:57:93:4c:c9:59:80:84:58:f1: b1:41:e0:18:15:28:9a:54:60:5c:fe:4c:5b:ea:9c:63:b4:82: b9:e4:cc:ac:40:e5:be:31:f5:2c:68:1f:e2:f2:e1:03:00:fa: ad:dd:1b:4f:65:ab:93:a6:d8:53:7a:2f:1b:a9:38:b9:61:9f: 68:82:a5:29 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIULcNUG0mluIAKLdPup2pbN0JdK6cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDQyMzAwMDAwM1oX DTI1MDUyODIzNTk1OVowejFJMEcGA1UEBRNANjI5NDIyNmFiYjIxNjMzYTVjNjY0 ZmI2NjBmYjNmZWQ2ZGM1N2QwOTEzYzNkNjNhNDVjZDU5MGI5YmY2NjdkZjEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaqufeDuNBTOQw4jN3oLOQTstdf1 G1alJJwLByfXxN7elOIiwKrojr7hq9uqiD2d2zc2e3w/oES96vYb87/dOw6wvaPP RObjPc0JYgKuTfdAJhVwymI8PVHiXcSzv9S+WJLW4wo/8Gh7pJPfNqonAfw0TLRv iAXxKqR/SJkwmqU19AtAVDEen76RaIB0+DLZfd+youNHTLRGRZgkckWpknb0KwH3 L6Kbr9eOjgRY1P2xmW8AmgKajZ73RqtanJ3rSBMMgKvbnTNN4dpQ+PGTl/pVkv19 CelyRSWoXvKeveNa8+OXgm77Xcjnv4bNzw3g5CaQxOZvePYbM7XdJuGp1wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFLclNucq0coMT2XXEd5HflN30gWUMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzliNTlmYmU0LWYyNDItNGRiZi05OTY0LTE1MDQ4YzNkYTk5Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDZwQIMA0GCSqGSIb3DQEBCwUAA4IBAQAZTatcNcm50Z8zpkHdhuXv dAt0IFbIgD9iT1bjREkdXlgwHgmosR688uia2CCgdoAO+WKID/cCS8kitjDvGGUT rV11g8oD2J2CdKV4gg+DZ8Fs20/cO9tuWVNAy3ltdXDDPEZmhiQ7+cd3sRAQ6glH mpHFyHDexrtGtyaD0au/5P0xDYTjj8NFtz7JsgZi6IK4glBBwqjBa1IiGCCQqu+u VwjetHHaTRjldyqkZUodPzRcKOTZdFxAuqCtxyFXk0zJWYCEWPGxQeAYFSiaVGBc /kxb6pxjtIK55MysQOW+MfUsaB/i8uEDAPqt3RtPZauTpthTei8bqTi5YZ9ogqUp -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:54 2025 by rpki-client on console.sobornost.net