$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa File: c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa (raw, json) Hash identifier: WOrCZsuSU93907mrq1/8L9PYRpGTUReLldH2W+51axM= Subject key identifier: 17:FF:E2:DC:FB:D7:FB:4D:3B:1A:5A:89:66:20:88:82:B5:EB:DA:7D Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 0136A860FB9FAB9AB536E1BD04595B881A05DB69 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa Signing time: Mon 31 Mar 2025 15:00:03 +0000 ROA not before: Mon 31 Mar 2025 15:00:03 +0000 ROA not after: Mon 05 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 00:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:36:a8:60:fb:9f:ab:9a:b5:36:e1:bd:04:59:5b:88:1a:05:db:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Mar 31 15:00:03 2025 GMT Not After : May 5 23:59:59 2025 GMT Subject: serialNumber=9a3f1a0bc5e47c6b30acf67a77cad36853dfcfda08829d29bb080f3e8d64fb98, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:e9:1d:98:96:9c:7b:8f:7c:69:ca:d7:8e:6a: 9e:0a:87:eb:c9:b5:02:d1:a8:c0:f5:0e:bf:fd:c4: 75:d1:ec:b1:31:d4:3c:0c:43:64:98:7d:8a:15:6e: fd:6f:33:27:f8:43:d4:19:f4:73:29:69:2b:7a:b9: 0f:d7:f9:8e:fd:56:03:ac:ea:82:2c:3d:50:b9:b6: 71:14:5a:5d:5c:8c:41:8e:78:0c:ca:28:f3:00:54: 40:99:06:4f:35:94:99:4e:84:21:d2:5b:bc:36:a8: b8:12:32:d0:15:9c:1a:ae:d1:a4:a9:37:8c:b9:83: f3:bb:9f:86:5d:65:04:a3:2f:ee:b7:bd:48:76:91: de:e6:a1:cc:26:24:25:85:6d:a1:74:bc:17:28:bc: 0c:ff:6c:7f:1c:75:94:ab:73:62:15:0a:a8:df:08: a8:f5:1a:39:1e:92:a0:5b:79:1a:34:89:0a:04:2f: 2c:2c:58:cf:99:16:83:5c:ae:b5:72:38:a4:7d:fb: 84:c9:dd:a3:0f:fa:b4:13:fd:08:e1:7f:cd:82:76: 2e:54:d5:28:03:e0:f9:c4:7c:9b:9d:fc:f5:79:2a: 42:af:10:5e:30:90:14:01:b8:68:ea:b7:df:8d:ba: 83:96:aa:18:bf:9b:4b:ab:7c:9a:b7:5d:5e:99:ee: 76:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:FF:E2:DC:FB:D7:FB:4D:3B:1A:5A:89:66:20:88:82:B5:EB:DA:7D X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700::/48 Signature Algorithm: sha256WithRSAEncryption ae:5f:68:6b:03:88:ee:21:2a:aa:46:1d:5f:6e:14:f1:96:65: d4:b7:1b:93:2e:d7:c1:8f:b6:75:a8:b1:8f:f2:e1:99:03:e7: f0:cc:aa:75:88:c3:9d:aa:80:9b:16:8e:8f:bc:27:54:94:f6: ea:6c:11:40:3a:c1:69:df:3e:a9:a2:9b:6c:ac:83:23:de:f2: 9f:c1:42:40:ab:f3:8a:d4:16:51:6c:88:61:67:7f:16:f2:a1: 1c:5d:81:d7:a4:4e:81:53:e8:1e:af:1b:4b:e6:c6:98:76:55: bc:21:1b:6c:80:7b:c0:c4:22:d2:2e:99:a8:85:2c:93:55:17: 99:70:5a:a9:3d:d7:8b:bf:aa:e7:39:fe:32:3c:62:3d:16:87: 9e:65:cf:90:57:eb:c1:6b:76:0b:18:6a:82:61:97:37:ba:97: a8:19:be:07:a2:57:e6:1b:70:0c:d5:28:e0:aa:ad:a0:3d:c5: a4:7b:e3:a9:cd:29:51:f3:9f:1b:47:75:fb:fa:a0:39:fd:d0: 3b:1e:17:f7:3c:b1:d2:32:c7:dc:9f:21:7a:b7:05:79:31:97: b1:f9:c4:13:06:df:bf:02:d0:1e:71:0b:0b:54:f9:87:ab:19: 8d:71:26:64:d0:d9:ca:60:f5:67:7d:6d:4c:e7:1d:9d:16:d4: e7:8a:a8:96 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUATaoYPufq5q1NuG9BFlbiBoF22kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI1MDMzMTE1MDAwM1oX DTI1MDUwNTIzNTk1OVowejFJMEcGA1UEBRNAOWEzZjFhMGJjNWU0N2M2YjMwYWNm NjdhNzdjYWQzNjg1M2RmY2ZkYTA4ODI5ZDI5YmIwODBmM2U4ZDY0ZmI5ODEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOkdmJace498acrXjmqeCofrybUC 0ajA9Q6//cR10eyxMdQ8DENkmH2KFW79bzMn+EPUGfRzKWkrerkP1/mO/VYDrOqC LD1QubZxFFpdXIxBjngMyijzAFRAmQZPNZSZToQh0lu8Nqi4EjLQFZwartGkqTeM uYPzu5+GXWUEoy/ut71IdpHe5qHMJiQlhW2hdLwXKLwM/2x/HHWUq3NiFQqo3wio 9Ro5HpKgW3kaNIkKBC8sLFjPmRaDXK61cjikffuEyd2jD/q0E/0I4X/NgnYuVNUo A+D5xHybnfz1eSpCrxBeMJAUAbho6rffjbqDlqoYv5tLq3yat11eme52gQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBf/4tz71/tNOxpaiWYgiIK169p9MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2MxNTY0NjU5LWYzYWEtNDAyMS1hN2E1LThmNGIxYzJjNDk2My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABnAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCuX2hrA4juISqqRh1f bhTxlmXUtxuTLtfBj7Z1qLGP8uGZA+fwzKp1iMOdqoCbFo6PvCdUlPbqbBFAOsFp 3z6poptsrIMj3vKfwUJAq/OK1BZRbIhhZ38W8qEcXYHXpE6BU+gerxtL5saYdlW8 IRtsgHvAxCLSLpmohSyTVReZcFqpPdeLv6rnOf4yPGI9FoeeZc+QV+vBa3YLGGqC YZc3upeoGb4HolfmG3AM1Sjgqq2gPcWke+OpzSlR858bR3X7+qA5/dA7Hhf3PLHS MsfcnyF6twV5MZex+cQTBt+/AtAecQsLVPmHqxmNcSZk0NnKYPVnfW1M5x2dFtTn iqiW -----END CERTIFICATE-----Generated at Thu Apr 24 04:33:54 2025 by rpki-client on console.sobornost.net