$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/c2cd3f2e-ce8c-4d1f-96ab-a25caed1b42f.roa File: c2cd3f2e-ce8c-4d1f-96ab-a25caed1b42f.roa (raw, json) Hash identifier: Wee5wMfn+CPKjyKZyDEHY+R9Q6OV/K/l1RMdUBztyVc= Subject key identifier: 19:C9:8C:FA:BD:9E:BB:7D:28:0E:37:FC:97:3B:1B:F2:88:A7:07:2E Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 3C18497C2A5026CF7C51837155E6175CEAFA5166 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/c2cd3f2e-ce8c-4d1f-96ab-a25caed1b42f.roa Signing time: Tue 16 Apr 2024 00:00:00 +0000 ROA not before: Tue 16 Apr 2024 00:00:00 +0000 ROA not after: Tue 21 May 2024 23:59:59 +0000 asID: 14618 IP address blocks: 43.250.192.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 10 May 2024 00:01:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:18:49:7c:2a:50:26:cf:7c:51:83:71:55:e6:17:5c:ea:fa:51:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Apr 16 00:00:00 2024 GMT Not After : May 21 23:59:59 2024 GMT Subject: serialNumber=2def913f65306b016855f7d99f5afa69463465344ac9e8aa7397d8134f7b5ced, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:d4:46:9e:9b:5f:7a:62:68:a2:a8:15:f0:d6: d2:03:54:d5:26:c4:85:ae:61:69:e5:2a:85:05:92: cb:bd:79:5a:0e:bb:e5:4d:a0:e2:25:25:3a:28:9b: 86:f1:10:b8:b8:9a:91:d7:f8:d2:9e:64:8b:b0:5f: 2b:d9:cc:43:2f:a2:71:d8:02:c3:83:b4:07:f1:80: b8:b2:3d:e9:b6:f1:92:5a:cf:8d:70:24:54:f7:a1: 06:a4:8b:d3:6f:a5:91:74:88:67:9d:3b:f8:fc:bf: a9:62:70:d5:29:c0:eb:9b:bb:5b:55:c6:58:2d:de: af:f6:4a:4c:44:b6:46:13:73:9f:fe:e3:18:9d:20: 2c:8a:65:51:dc:0a:78:e4:49:a8:2d:2e:0e:21:e9: db:1f:d8:20:0c:37:94:28:3d:0b:e3:c5:96:d7:30: 84:e6:89:97:c0:e9:f3:b9:38:64:1a:aa:df:49:a8: 42:95:0d:9e:3a:07:e7:32:15:de:89:a2:43:e9:30: d4:ab:bb:bd:ef:5b:56:de:a0:fd:1e:c2:bf:c7:8b: 3a:90:be:08:3d:29:96:9f:11:3a:bb:94:ed:01:68: 98:a3:05:05:94:99:eb:5a:f4:9e:6c:83:89:09:54: c6:e8:96:52:fe:5e:3c:e8:45:37:08:8e:1d:39:60: 9a:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:C9:8C:FA:BD:9E:BB:7D:28:0E:37:FC:97:3B:1B:F2:88:A7:07:2E X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/c2cd3f2e-ce8c-4d1f-96ab-a25caed1b42f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.192.0/22 Signature Algorithm: sha256WithRSAEncryption 4d:24:11:4e:d9:82:eb:6e:07:a8:0b:ce:2c:51:71:42:d7:6b: b5:f4:a1:28:74:d6:7e:d4:cd:e6:87:32:10:3f:2d:75:3e:d2: f7:26:84:19:10:17:54:98:d1:3d:46:d7:2f:2c:97:d7:60:46: 93:70:6d:80:d4:d9:9f:33:29:8a:98:6f:46:c4:ba:f2:2c:a3: 6f:b8:c8:33:88:56:dd:a7:d5:31:57:5d:7e:6a:ef:e5:90:11: ff:53:65:eb:9f:20:24:d0:15:78:30:44:a6:b2:ba:5f:97:f3: b8:cc:a7:ba:0e:4d:b1:71:f4:b2:b4:c6:40:16:a6:14:c5:35: da:29:2e:21:40:2f:d8:31:f5:de:8b:97:e9:d1:3d:29:26:bc: 01:35:e8:a7:1b:af:80:40:4e:ff:90:4b:ba:c5:a8:2b:96:67: 94:ac:43:fe:68:57:ec:a8:45:80:53:dc:34:a4:a5:60:50:34: ef:cb:69:de:53:be:f5:e9:7c:70:00:18:81:2f:97:51:cb:b3: 87:79:41:f4:45:10:5d:4e:f0:bc:fc:37:01:61:b5:30:7b:38: 34:bf:1a:7b:b3:22:be:fb:63:4d:71:95:bf:cf:67:f2:20:b9: 62:cd:b8:e7:07:df:63:11:b7:45:6d:e6:47:ea:7e:a1:b8:44: f6:2a:2b:db -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUPBhJfCpQJs98UYNxVeYXXOr6UWYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI0MDQxNjAwMDAwMFoX DTI0MDUyMTIzNTk1OVowejFJMEcGA1UEBRNAMmRlZjkxM2Y2NTMwNmIwMTY4NTVm N2Q5OWY1YWZhNjk0NjM0NjUzNDRhYzllOGFhNzM5N2Q4MTM0ZjdiNWNlZDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tRGnptfemJooqgV8NbSA1TVJsSF rmFp5SqFBZLLvXlaDrvlTaDiJSU6KJuG8RC4uJqR1/jSnmSLsF8r2cxDL6Jx2ALD g7QH8YC4sj3ptvGSWs+NcCRU96EGpIvTb6WRdIhnnTv4/L+pYnDVKcDrm7tbVcZY Ld6v9kpMRLZGE3Of/uMYnSAsimVR3Ap45EmoLS4OIenbH9ggDDeUKD0L48WW1zCE 5omXwOnzuThkGqrfSahClQ2eOgfnMhXeiaJD6TDUq7u971tW3qD9HsK/x4s6kL4I PSmWnxE6u5TtAWiYowUFlJnrWvSebIOJCVTG6JZS/l486EU3CI4dOWCanwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFBnJjPq9nrt9KA43/Jc7G/KIpwcuMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2MyY2QzZjJlLWNlOGMtNGQxZi05NmFiLWEyNWNhZWQxYjQyZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rAMA0GCSqGSIb3DQEBCwUAA4IBAQBNJBFO2YLrbgeoC84sUXFC 12u19KEodNZ+1M3mhzIQPy11PtL3JoQZEBdUmNE9RtcvLJfXYEaTcG2A1NmfMymK mG9GxLryLKNvuMgziFbdp9UxV11+au/lkBH/U2XrnyAk0BV4MESmsrpfl/O4zKe6 Dk2xcfSytMZAFqYUxTXaKS4hQC/YMfXei5fp0T0pJrwBNeinG6+AQE7/kEu6xagr lmeUrEP+aFfsqEWAU9w0pKVgUDTvy2neU7716XxwABiBL5dRy7OHeUH0RRBdTvC8 /DcBYbUwezg0vxp7syK++2NNcZW/z2fyILlizbjnB99jEbdFbeZH6n6huET2Kivb -----END CERTIFICATE-----Generated at Mon May 6 00:47:29 2024 by rpki-client on console-ams.rpki-client.org