$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d18856ee-503c-4c21-86dd-30078f2c3aee.roa File: d18856ee-503c-4c21-86dd-30078f2c3aee.roa (raw, json) Hash identifier: /mw5ybIvXvivS6HTCPvJW5VN/zs1GCqild2HQ6NXz4A= Subject key identifier: 09:2E:BC:7F:E9:35:D8:4A:73:B8:CC:9D:F1:50:29:29:63:1D:95:BD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3E4F5DD64C3D4F54B4DD8020520F6D55A683E980 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d18856ee-503c-4c21-86dd-30078f2c3aee.roa Signing time: Tue 28 May 2024 00:00:00 +0000 ROA not before: Tue 28 May 2024 00:00:00 +0000 ROA not after: Tue 02 Jul 2024 23:59:59 +0000 asID: 8987 IP address blocks: 43.208.0.0/13 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Jun 2024 00:21:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:4f:5d:d6:4c:3d:4f:54:b4:dd:80:20:52:0f:6d:55:a6:83:e9:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 28 00:00:00 2024 GMT Not After : Jul 2 23:59:59 2024 GMT Subject: serialNumber=a6099a8af45c09898a336c94675b51fec447b90f65029e580ef0449569bede6d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:15:5d:62:40:f3:d0:d1:b5:b1:e0:62:9d:d6: 8d:46:ea:85:cd:5f:ea:1e:fd:e3:c7:18:e6:f3:f9: d0:66:4f:02:26:5b:54:9d:ae:8a:39:e3:5a:9d:be: 53:93:b6:34:dc:09:c0:a3:a6:ba:f6:76:1a:69:a1: c2:10:4f:69:22:67:a1:c4:a2:56:c2:1d:85:f0:8a: 94:8d:33:ff:df:75:af:b6:78:99:18:92:0a:1d:7e: 87:f6:12:1e:aa:93:de:6d:15:8e:56:70:87:7d:13: 11:c9:7b:87:f3:93:78:73:f9:cd:98:6b:b8:4d:12: 94:a0:c5:ad:ba:bd:37:ee:5c:7c:ae:cc:23:cd:ec: 5b:2c:bd:ae:41:2d:1f:f5:9e:5f:8f:f7:88:d0:51: 33:6f:ec:7c:32:f0:1a:f9:6d:b0:c3:db:09:b3:cb: fd:b2:14:12:18:20:d8:89:0c:2c:17:45:bd:bc:ee: 2c:79:07:e8:9d:f1:2f:ac:af:cb:81:1c:c6:ae:6e: 9b:a6:15:e3:b3:5e:fc:2a:ab:7e:00:27:a7:b9:79: ae:2c:7a:94:e3:0b:94:ee:eb:2c:37:0e:96:39:46: b1:5c:8c:13:71:a5:ed:a4:12:ad:6c:f3:f9:38:e0: aa:55:17:2e:e0:c9:ad:32:00:10:a9:fa:39:78:e9: 10:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:2E:BC:7F:E9:35:D8:4A:73:B8:CC:9D:F1:50:29:29:63:1D:95:BD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d18856ee-503c-4c21-86dd-30078f2c3aee.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.208.0.0/13 Signature Algorithm: sha256WithRSAEncryption 84:ca:e1:48:4c:45:c6:fc:b2:2a:c7:d1:10:e5:5f:32:be:5d: 84:2d:a6:32:2f:12:81:33:45:42:dd:b3:5e:76:4f:da:b1:9a: 35:ee:ac:0a:5b:9d:5a:00:0a:34:5f:b8:51:07:4e:ec:62:87: 65:4c:29:c2:f0:ec:e7:98:94:80:6b:3f:6a:4b:20:56:20:8e: 6f:28:d3:31:89:10:d4:2f:1d:a2:f8:80:79:3c:17:33:4c:ad: 97:ac:cf:f6:16:31:74:c6:0d:68:20:d0:15:25:9f:94:c8:a8: fe:a3:7e:74:d5:c1:30:72:56:1d:3f:ae:ee:1b:ec:ff:c6:af: 2d:31:1a:5f:3e:2e:68:c1:ed:7b:23:a8:82:fd:99:4c:a8:bd: ef:97:1e:c3:72:17:e4:67:dd:9e:ce:e4:4c:51:4e:fc:ba:6e: 9b:da:8c:8b:12:7c:4e:21:22:61:11:70:f9:30:f4:18:83:89: 8a:20:41:29:14:d1:aa:0f:9e:e8:ce:1a:c9:46:00:3d:59:5f: 70:f2:ca:88:e4:3f:49:76:23:30:8d:f5:96:48:33:89:bb:87: 2a:2a:84:ce:f3:ef:29:dd:7e:51:7a:98:95:26:31:fb:b9:a7: 52:4e:76:9b:a3:9f:2b:57:56:14:91:16:7a:89:29:2a:01:e3: 19:be:05:a6 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUPk9d1kw9T1S03YAgUg9tVaaD6YAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUyODAwMDAwMFoX DTI0MDcwMjIzNTk1OVowejFJMEcGA1UEBRNAYTYwOTlhOGFmNDVjMDk4OThhMzM2 Yzk0Njc1YjUxZmVjNDQ3YjkwZjY1MDI5ZTU4MGVmMDQ0OTU2OWJlZGU2ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhVdYkDz0NG1seBindaNRuqFzV/q Hv3jxxjm8/nQZk8CJltUna6KOeNanb5Tk7Y03AnAo6a69nYaaaHCEE9pImehxKJW wh2F8IqUjTP/33WvtniZGJIKHX6H9hIeqpPebRWOVnCHfRMRyXuH85N4c/nNmGu4 TRKUoMWtur037lx8rswjzexbLL2uQS0f9Z5fj/eI0FEzb+x8MvAa+W2ww9sJs8v9 shQSGCDYiQwsF0W9vO4seQfonfEvrK/LgRzGrm6bphXjs178Kqt+ACenuXmuLHqU 4wuU7ussNw6WOUaxXIwTcaXtpBKtbPP5OOCqVRcu4MmtMgAQqfo5eOkQFQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFAkuvH/pNdhKc7jMnfFQKSljHZW9MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QxODg1NmVlLTUwM2MtNGMyMS04NmRkLTMwMDc4ZjJjM2FlZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMDK9AwDQYJKoZIhvcNAQELBQADggEBAITK4UhMRcb8sirH0RDlXzK+ XYQtpjIvEoEzRULds152T9qxmjXurApbnVoACjRfuFEHTuxih2VMKcLw7OeYlIBr P2pLIFYgjm8o0zGJENQvHaL4gHk8FzNMrZesz/YWMXTGDWgg0BUln5TIqP6jfnTV wTByVh0/ru4b7P/Gry0xGl8+LmjB7XsjqIL9mUyove+XHsNyF+Rn3Z7O5ExRTvy6 bpvajIsSfE4hImERcPkw9BiDiYogQSkU0aoPnujOGslGAD1ZX3DyyojkP0l2IzCN 9ZZIM4m7hyoqhM7z7yndflF6mJUmMfu5p1JOdpujnytXVhSRFnqJKSoB4xm+BaY= -----END CERTIFICATE-----Generated at Sun Jun 2 01:00:42 2024 by rpki-client on console-fra.rpki-client.org