$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9fb28a95-f5bb-4868-9ab3-7d83d5142538.roa File: 9fb28a95-f5bb-4868-9ab3-7d83d5142538.roa (raw, json) Hash identifier: 9LhjBGJqLU7nYg/9kszmkOBUHK+cSH3N61tTzRBPgWc= Subject key identifier: E9:7D:F7:26:1A:78:0C:ED:E3:5B:7F:54:06:ED:8A:AA:4A:27:E8:1B Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 1271813CA51CEAE764053D33F78A8EA5C0EFC505 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9fb28a95-f5bb-4868-9ab3-7d83d5142538.roa Signing time: Fri 19 Apr 2024 00:00:00 +0000 ROA not before: Fri 19 Apr 2024 00:00:00 +0000 ROA not after: Fri 24 May 2024 23:59:59 +0000 asID: 14618 IP address blocks: 103.21.240.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 10 May 2024 00:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:71:81:3c:a5:1c:ea:e7:64:05:3d:33:f7:8a:8e:a5:c0:ef:c5:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 19 00:00:00 2024 GMT Not After : May 24 23:59:59 2024 GMT Subject: serialNumber=523060bffa7943cc0276ef55df3116b2525e6e2368463b7b0ecda2ff7cf7e25c, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:04:ed:7c:92:d5:c5:0e:7d:8f:b3:1d:d4:37: db:59:1f:0f:57:66:22:d6:43:dd:bc:db:e0:69:42: 1e:1a:c4:91:76:68:6e:f4:52:5d:51:1d:92:2a:1c: c0:82:f6:aa:7d:fd:cf:6c:56:c2:95:8d:e3:5f:b3: e5:35:bd:6c:39:00:67:aa:e0:89:89:64:25:0a:cb: f1:d2:af:1d:6b:21:02:1a:29:01:55:78:14:3e:65: 27:bd:83:c4:27:cc:1c:9c:4f:30:d1:9a:e6:12:5b: 2c:b2:16:46:c1:2f:05:31:72:15:95:7b:73:35:05: e7:f9:89:44:60:b2:83:8b:e0:ed:d8:91:d5:60:eb: 73:b6:e5:ce:73:7d:7c:13:d5:ea:3c:5b:5d:d7:bd: 70:be:61:b0:72:86:d1:fc:ef:f0:49:91:c5:28:00: 29:b2:0a:45:4e:b0:e1:a2:88:dd:50:66:99:b6:14: 91:6b:66:7c:38:40:4c:cb:f7:57:bf:d9:14:5b:4c: c9:7f:b4:55:82:4c:9d:5a:d1:43:9e:ea:1f:93:c7: 38:61:6d:d2:1e:1a:01:8c:f9:7f:52:2e:43:26:05: 65:d3:01:34:6f:77:de:a4:f6:76:8a:19:27:07:67: 71:45:89:d1:36:43:3c:37:ba:f9:05:e9:99:5f:a8: 36:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:7D:F7:26:1A:78:0C:ED:E3:5B:7F:54:06:ED:8A:AA:4A:27:E8:1B X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9fb28a95-f5bb-4868-9ab3-7d83d5142538.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.21.240.0/22 Signature Algorithm: sha256WithRSAEncryption b7:86:d7:6e:d3:fe:d9:7d:5f:e2:77:9d:3e:9f:d2:2f:b6:0b: 1b:01:8b:b3:f4:fb:34:e4:ed:45:5f:5e:23:e4:84:45:dd:b9: c8:a4:94:f0:c3:b3:4b:8e:48:76:08:51:55:3d:60:df:74:ef: 4d:70:27:37:32:0d:e9:f2:38:8a:83:26:ff:01:02:55:e5:a3: ac:4f:76:f9:8a:50:00:da:0d:74:26:e8:16:bb:1a:3a:e2:7d: 65:82:c4:3e:9f:ad:be:e3:7b:7a:5f:0b:62:a2:ed:cc:7c:21: d0:de:85:81:7f:ce:96:bc:73:f0:aa:78:bd:4a:87:34:7c:f5: 91:25:dc:d3:80:dd:2c:7e:ba:e1:9f:cb:9d:17:4f:3e:9c:b7: 07:14:88:b6:c2:36:2b:86:a9:00:50:9d:d1:42:6d:36:fb:4e: 02:5c:7e:f5:fa:df:5e:ab:f6:e4:f4:82:de:f2:6f:63:14:be: f7:d6:c1:e7:69:b7:f1:47:24:33:84:41:6f:bc:32:6f:a9:18: 76:99:1f:b1:5c:e3:99:1b:9c:2c:53:0a:0d:2f:4c:20:2d:56: fa:c5:35:9c:ab:b5:f0:b4:46:b4:98:cf:64:38:2a:93:11:4d: af:42:8f:18:3c:d8:bb:70:87:47:b1:ea:57:d4:f4:31:b0:13: 89:f1:a9:a1 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUEnGBPKUc6udkBT0z94qOpcDvxQUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MDQxOTAwMDAwMFoX DTI0MDUyNDIzNTk1OVowejFJMEcGA1UEBRNANTIzMDYwYmZmYTc5NDNjYzAyNzZl ZjU1ZGYzMTE2YjI1MjVlNmUyMzY4NDYzYjdiMGVjZGEyZmY3Y2Y3ZTI1YzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQTtfJLVxQ59j7Md1DfbWR8PV2Yi 1kPdvNvgaUIeGsSRdmhu9FJdUR2SKhzAgvaqff3PbFbClY3jX7PlNb1sOQBnquCJ iWQlCsvx0q8dayECGikBVXgUPmUnvYPEJ8wcnE8w0ZrmElssshZGwS8FMXIVlXtz NQXn+YlEYLKDi+Dt2JHVYOtztuXOc318E9XqPFtd171wvmGwcobR/O/wSZHFKAAp sgpFTrDhoojdUGaZthSRa2Z8OEBMy/dXv9kUW0zJf7RVgkydWtFDnuofk8c4YW3S HhoBjPl/Ui5DJgVl0wE0b3fepPZ2ihknB2dxRYnRNkM8N7r5BemZX6g2vQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFOl99yYaeAzt41t/VAbtiqpKJ+gbMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzlmYjI4YTk1LWY1YmItNDg2OC05YWIzLTdkODNkNTE0MjUzOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZxXwMA0GCSqGSIb3DQEBCwUAA4IBAQC3htdu0/7ZfV/id50+n9Iv tgsbAYuz9Ps05O1FX14j5IRF3bnIpJTww7NLjkh2CFFVPWDfdO9NcCc3Mg3p8jiK gyb/AQJV5aOsT3b5ilAA2g10JugWuxo64n1lgsQ+n62+43t6Xwtiou3MfCHQ3oWB f86WvHPwqni9Soc0fPWRJdzTgN0sfrrhn8udF08+nLcHFIi2wjYrhqkAUJ3RQm02 +04CXH71+t9eq/bk9ILe8m9jFL731sHnabfxRyQzhEFvvDJvqRh2mR+xXOOZG5ws UwoNL0wgLVb6xTWcq7XwtEa0mM9kOCqTEU2vQo8YPNi7cIdHsepX1PQxsBOJ8amh -----END CERTIFICATE-----Generated at Mon May 6 00:47:29 2024 by rpki-client on console-ams.rpki-client.org