$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/d0a4f32b-00e7-45df-ac57-af8812e2ea60.roa File: d0a4f32b-00e7-45df-ac57-af8812e2ea60.roa (raw, json) Hash identifier: NWX/F9HyqTswrNnvq+vN10mUM5QPvozGFPQvP6ZOD7I= Subject key identifier: 7C:C3:FC:93:9A:7F:AB:9F:41:E3:F9:30:FE:29:1A:7A:5A:CF:42:41 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 2AC374EAB0786A635EFAE3993BB1FCFA34CEE102 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/d0a4f32b-00e7-45df-ac57-af8812e2ea60.roa Signing time: Tue 16 Apr 2024 00:00:00 +0000 ROA not before: Tue 16 Apr 2024 00:00:00 +0000 ROA not after: Tue 21 May 2024 23:59:59 +0000 asID: 14618 IP address blocks: 122.248.192.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 10 May 2024 00:01:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:c3:74:ea:b0:78:6a:63:5e:fa:e3:99:3b:b1:fc:fa:34:ce:e1:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Apr 16 00:00:00 2024 GMT Not After : May 21 23:59:59 2024 GMT Subject: serialNumber=b08e092cfecae89e20e3ff557f3e0f842c1c130eb5a5d8dc826cef0a1aec6376, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:94:a1:f7:76:26:0a:92:22:3e:87:70:48:1c: 61:d3:0f:6b:38:71:1d:94:7e:0f:7a:ad:5f:ad:e6: 36:8c:f0:3d:7b:47:4a:3c:6e:0f:a0:62:dc:f6:0d: a6:35:0a:a3:0e:f9:72:a8:3d:aa:65:db:5f:55:3c: 53:3f:a4:12:bc:51:54:fc:68:4d:0f:43:32:26:f8: 2e:08:17:6e:7f:f4:a0:de:70:b6:45:42:02:9d:b9: 2b:59:7b:b2:ae:0e:26:83:c5:df:dc:1c:1a:aa:45: e7:24:f2:88:81:4a:ac:b6:40:c4:13:a3:33:87:fa: 94:b3:87:8f:33:1d:64:e2:93:91:c2:50:2b:62:48: ec:23:ef:37:6f:34:d6:b0:0b:71:47:8f:93:d8:61: 30:dc:90:71:05:65:db:70:64:ac:be:08:7d:88:58: 47:87:b9:12:72:ec:7f:9f:32:9b:56:7a:bf:b3:11: 9f:7c:bd:5c:2e:38:5a:78:5b:a4:d4:7a:00:f1:94: 40:eb:57:a0:b5:eb:af:db:b0:92:9b:eb:86:d8:c2: 74:38:cc:2b:a5:c1:4a:06:24:24:67:1f:47:e5:7e: 7e:0e:58:8a:6e:7b:00:d8:fc:5e:7a:3f:f0:14:fc: 98:b9:72:92:d4:44:39:d6:b3:21:76:75:f9:50:80: 52:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:C3:FC:93:9A:7F:AB:9F:41:E3:F9:30:FE:29:1A:7A:5A:CF:42:41 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/d0a4f32b-00e7-45df-ac57-af8812e2ea60.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.248.192.0/18 Signature Algorithm: sha256WithRSAEncryption ce:fc:ac:1d:91:ca:7e:c5:b5:b0:3e:9b:d6:e4:21:03:4f:a9: 7a:db:9d:ba:a2:98:b6:a0:f2:f7:3d:75:98:b3:db:3c:fd:53: 1a:47:3b:39:7d:e4:40:f6:4c:eb:3c:91:24:93:d2:bb:62:d7: 63:e8:b8:99:4e:cd:c4:96:3f:e2:b2:5b:c3:6d:41:45:18:43: 31:11:c7:70:e8:c2:8d:6c:9c:84:a2:b9:16:20:a5:b6:ba:e6: ad:a9:45:7a:84:a3:ce:d1:7f:33:ba:28:69:2e:8e:8a:16:bc: c4:a0:64:dd:2a:f7:b7:cc:de:24:77:43:ca:39:f3:0a:fd:c0: 90:a3:11:95:5e:97:b4:ed:40:41:5c:11:d0:af:8f:90:e5:40: 8b:83:1b:be:24:66:76:eb:85:eb:3a:83:71:3c:81:fc:ee:b0: ca:1c:48:61:44:ba:7d:0b:2b:f4:2e:64:81:1a:65:59:22:3f: dd:24:42:25:8a:91:d9:3f:c1:fa:f9:e8:04:0a:ca:1b:c9:df: 7e:0d:d8:bd:51:f5:17:13:16:b1:53:47:3d:ab:30:79:34:55: b0:04:97:2a:7b:0f:77:f0:c0:85:e1:4f:03:b8:12:3a:02:ac: 47:ad:af:5d:28:cc:ea:d3:28:6d:b3:2b:e8:d7:d8:7a:c1:05: 5f:13:6c:5f -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUKsN06rB4amNe+uOZO7H8+jTO4QIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI0MDQxNjAwMDAwMFoX DTI0MDUyMTIzNTk1OVowejFJMEcGA1UEBRNAYjA4ZTA5MmNmZWNhZTg5ZTIwZTNm ZjU1N2YzZTBmODQyYzFjMTMwZWI1YTVkOGRjODI2Y2VmMGExYWVjNjM3NjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJSh93YmCpIiPodwSBxh0w9rOHEd lH4Peq1freY2jPA9e0dKPG4PoGLc9g2mNQqjDvlyqD2qZdtfVTxTP6QSvFFU/GhN D0MyJvguCBduf/Sg3nC2RUICnbkrWXuyrg4mg8Xf3BwaqkXnJPKIgUqstkDEE6Mz h/qUs4ePMx1k4pORwlArYkjsI+83bzTWsAtxR4+T2GEw3JBxBWXbcGSsvgh9iFhH h7kScux/nzKbVnq/sxGffL1cLjhaeFuk1HoA8ZRA61egteuv27CSm+uG2MJ0OMwr pcFKBiQkZx9H5X5+DliKbnsA2Pxeej/wFPyYuXKS1EQ51rMhdnX5UIBSWQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFHzD/JOaf6ufQeP5MP4pGnpaz0JBMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2QwYTRmMzJiLTAwZTctNDVkZi1hYzU3LWFmODgxMmUyZWE2MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQGevjAMA0GCSqGSIb3DQEBCwUAA4IBAQDO/Kwdkcp+xbWwPpvW5CED T6l62526opi2oPL3PXWYs9s8/VMaRzs5feRA9kzrPJEkk9K7Ytdj6LiZTs3Elj/i slvDbUFFGEMxEcdw6MKNbJyEorkWIKW2uuatqUV6hKPO0X8zuihpLo6KFrzEoGTd Kve3zN4kd0PKOfMK/cCQoxGVXpe07UBBXBHQr4+Q5UCLgxu+JGZ264XrOoNxPIH8 7rDKHEhhRLp9Cyv0LmSBGmVZIj/dJEIlipHZP8H6+egECsobyd9+Ddi9UfUXExax U0c9qzB5NFWwBJcqew938MCF4U8DuBI6AqxHra9dKMzq0yhtsyvo19h6wQVfE2xf -----END CERTIFICATE-----Generated at Mon May 6 00:49:43 2024 by rpki-client on console-fra.rpki-client.org