$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9fbd7a58-e139-4ada-86fc-00bddf61bca6.roa File: 9fbd7a58-e139-4ada-86fc-00bddf61bca6.roa (raw, json) Hash identifier: 5K12Fh2ktdR00IT2Q62vbDXf46wDub9K85K4yzMcET0= Subject key identifier: 36:D5:77:A7:12:64:82:FB:16:F4:39:C9:79:73:89:FB:51:B5:C6:92 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 3604DDBF741BFEFB85440A74B4423B1C277D475D Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9fbd7a58-e139-4ada-86fc-00bddf61bca6.roa Signing time: Mon 27 May 2024 00:00:00 +0000 ROA not before: Mon 27 May 2024 00:00:00 +0000 ROA not after: Mon 01 Jul 2024 23:59:59 +0000 asID: 16509 IP address blocks: 103.21.240.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Jun 2024 00:01:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:04:dd:bf:74:1b:fe:fb:85:44:0a:74:b4:42:3b:1c:27:7d:47:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 27 00:00:00 2024 GMT Not After : Jul 1 23:59:59 2024 GMT Subject: serialNumber=57b4d0c1464c2818ef919444e145eb572caef91114181749cb60cbd72e7740b2, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:f7:06:3e:2e:35:6e:41:51:ec:82:8c:38:8f: ed:38:7b:66:04:2b:e9:ae:a1:4d:8d:49:36:69:2f: c4:02:0f:fb:c5:90:ef:10:38:38:19:37:37:6b:ed: 54:b4:e1:59:76:91:2c:7c:6d:04:1c:c6:83:a5:c5: 0c:c2:1c:72:34:f8:4a:3c:86:fb:18:de:f1:ae:ee: 20:3b:cb:f6:6a:1b:7d:74:92:37:19:54:ad:9b:63: 18:ba:31:da:1a:8f:cf:a2:25:77:97:f2:a3:58:3d: 5f:c5:e5:bc:1a:88:b4:64:f6:8e:37:97:6f:7a:c9: fd:ca:bd:31:08:1f:62:77:15:81:6e:c0:fa:54:bf: 75:ad:5d:3e:3d:6f:9b:e8:53:27:18:d7:19:b1:95: 43:82:79:1e:54:b6:1e:7c:13:2c:91:31:31:d3:cd: 49:00:fa:ee:52:cf:a6:ef:27:f0:6b:b2:a7:70:5a: 11:26:d5:7d:a5:0a:c7:bd:86:0a:0d:7c:e4:67:91: 0d:f6:c5:ad:63:fc:26:b1:e5:f6:85:26:b9:3b:95: 0b:61:26:a6:df:fc:87:de:16:82:e0:26:a6:8a:02: 23:c9:6c:59:4c:be:ff:e9:1e:7a:8a:2c:9c:f0:8f: df:60:6c:2a:19:37:17:85:43:7b:d7:67:74:4e:7d: fb:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:D5:77:A7:12:64:82:FB:16:F4:39:C9:79:73:89:FB:51:B5:C6:92 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9fbd7a58-e139-4ada-86fc-00bddf61bca6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.21.240.0/24 Signature Algorithm: sha256WithRSAEncryption 49:e1:18:3b:6c:f3:53:b1:72:93:ff:ad:11:32:59:e4:5d:38: e7:f4:50:e5:16:d0:4b:70:80:58:21:e5:5c:77:f1:db:90:06: ef:1e:84:4e:34:38:56:eb:85:c9:63:2e:20:13:f3:49:a0:08: 3d:e9:51:21:7f:f7:c5:82:bc:60:b9:6c:15:d4:12:c0:53:e4: 6e:13:94:af:5d:f2:6a:81:69:6c:ba:fd:a1:6f:b0:35:e4:48: 73:69:8d:ac:5d:80:73:fe:52:e9:d2:0b:12:87:30:c4:73:bb: 02:53:b8:5c:6b:f2:bf:ac:51:90:0b:a0:8c:b2:a5:b9:23:bb: ff:c0:9d:07:97:41:2e:de:27:8c:67:4a:72:9f:67:e7:6a:c1: 86:f5:b4:24:7c:05:04:a6:6d:e8:35:fe:29:b2:99:4a:bd:b3: a5:ae:f7:42:b4:85:28:d8:d5:f2:6e:90:86:e5:74:fe:e8:34: 17:aa:6b:24:47:90:b0:d2:e2:4d:74:b5:10:8f:eb:71:39:0f: 70:f7:e8:70:2c:0e:3c:a7:f1:41:e7:07:5e:dc:24:91:a3:23: fa:47:c9:a3:40:10:41:ba:b3:99:52:2a:23:92:34:50:3a:9d: 3a:5a:16:14:85:23:85:c2:a3:b2:f4:e0:0c:de:4b:41:cb:65: 4c:97:57:e4 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUNgTdv3Qb/vuFRAp0tEI7HCd9R10wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MDUyNzAwMDAwMFoX DTI0MDcwMTIzNTk1OVowejFJMEcGA1UEBRNANTdiNGQwYzE0NjRjMjgxOGVmOTE5 NDQ0ZTE0NWViNTcyY2FlZjkxMTE0MTgxNzQ5Y2I2MGNiZDcyZTc3NDBiMjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6PcGPi41bkFR7IKMOI/tOHtmBCvp rqFNjUk2aS/EAg/7xZDvEDg4GTc3a+1UtOFZdpEsfG0EHMaDpcUMwhxyNPhKPIb7 GN7xru4gO8v2aht9dJI3GVStm2MYujHaGo/PoiV3l/KjWD1fxeW8Goi0ZPaON5dv esn9yr0xCB9idxWBbsD6VL91rV0+PW+b6FMnGNcZsZVDgnkeVLYefBMskTEx081J APruUs+m7yfwa7KncFoRJtV9pQrHvYYKDXzkZ5EN9sWtY/wmseX2hSa5O5ULYSam 3/yH3haC4CamigIjyWxZTL7/6R56iiyc8I/fYGwqGTcXhUN712d0Tn37yQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFDbVd6cSZIL7FvQ5yXlziftRtcaSMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzlmYmQ3YTU4LWUxMzktNGFkYS04NmZjLTAwYmRkZjYxYmNhNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAZxXwMA0GCSqGSIb3DQEBCwUAA4IBAQBJ4Rg7bPNTsXKT/60RMlnk XTjn9FDlFtBLcIBYIeVcd/HbkAbvHoRONDhW64XJYy4gE/NJoAg96VEhf/fFgrxg uWwV1BLAU+RuE5SvXfJqgWlsuv2hb7A15EhzaY2sXYBz/lLp0gsShzDEc7sCU7hc a/K/rFGQC6CMsqW5I7v/wJ0Hl0Eu3ieMZ0pyn2fnasGG9bQkfAUEpm3oNf4psplK vbOlrvdCtIUo2NXybpCG5XT+6DQXqmskR5Cw0uJNdLUQj+txOQ9w9+hwLA48p/FB 5wde3CSRoyP6R8mjQBBBurOZUiojkjRQOp06WhYUhSOFwqOy9OAM3ktBy2VMl1fk -----END CERTIFICATE-----Generated at Sun Jun 2 01:00:49 2024 by rpki-client on console-fra.rpki-client.org