$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa File: b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa (raw, json) Hash identifier: qQ9WemdCbI/aNZ9OOkzqIJvXqmOYBLROF2K6OMCD7us= Subject key identifier: 7C:46:E3:07:89:85:BD:FE:AC:25:E1:A0:85:15:9F:F8:0F:53:08:93 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 320BBC03928A82DEC4D231598E1B8246F0E2B588 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa Signing time: Tue 14 May 2024 00:00:00 +0000 ROA not before: Tue 14 May 2024 00:00:00 +0000 ROA not after: Tue 18 Jun 2024 23:59:59 +0000 asID: 16509 IP address blocks: 43.224.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Jun 2024 00:01:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:0b:bc:03:92:8a:82:de:c4:d2:31:59:8e:1b:82:46:f0:e2:b5:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 14 00:00:00 2024 GMT Not After : Jun 18 23:59:59 2024 GMT Subject: serialNumber=3cbd5f6d42a8ce19cfe1136a6c18afa45f49b68dd82734f42a3d7864c711d12f, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:e5:af:a0:f0:b0:8c:e8:c1:47:fd:13:d0:12: 7f:11:8b:1a:7a:19:8e:49:3c:10:c4:cf:4d:27:15: 49:8f:46:0f:ca:76:70:c0:e6:b5:c4:7a:ed:6a:d3: 44:3d:7a:a0:ef:c5:fb:dc:ad:84:9f:8e:e2:af:6c: 53:e5:38:d8:da:b4:06:51:c1:63:a8:85:6f:11:15: 2d:74:93:1b:23:c0:c0:46:58:09:8e:ca:30:ef:72: 41:87:7d:0f:cc:38:f0:b6:79:7b:93:f4:c2:b6:1b: 94:47:9a:ee:70:8d:c0:06:d1:84:49:c6:a5:c2:2e: 38:12:b8:5c:26:9c:fa:97:46:04:e3:6f:49:fd:c7: 9d:2c:42:f6:da:c0:51:84:7d:a9:a9:13:5e:d0:a4: 36:53:f0:6e:ce:4a:31:9d:60:7a:50:cc:73:71:ec: 20:b6:f5:49:76:6d:41:d4:c0:f2:e8:91:f8:ff:4b: 26:ef:67:ad:e8:2c:d9:6d:e8:dd:5f:4c:d7:4f:a6: 03:32:76:6f:d1:08:69:f6:8d:c2:ee:c8:0c:f8:7f: 31:55:44:e3:88:93:70:92:53:c3:89:0b:2a:41:84: 6f:6c:50:8e:4b:cb:8c:9c:ea:3f:fa:fd:74:58:1e: 23:2b:9b:33:0f:c2:5e:ef:ee:55:35:56:70:61:bd: 6d:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:46:E3:07:89:85:BD:FE:AC:25:E1:A0:85:15:9F:F8:0F:53:08:93 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.144.0/22 Signature Algorithm: sha256WithRSAEncryption 8d:b6:c5:8c:07:15:1e:01:a2:a1:28:51:9c:ee:95:a0:9d:a2: d8:2d:32:42:72:0c:43:61:c4:31:98:97:c0:c9:ea:25:40:6a: 4c:53:b6:fd:4a:d2:e7:d6:9c:1a:0d:4d:24:e7:c8:ad:6b:70: 32:b6:dc:66:94:fa:0c:be:1e:68:d0:cd:3f:be:72:25:0a:86: b8:f6:2f:57:e5:84:6f:07:60:ec:50:0e:f7:d9:b4:a7:60:78: c7:22:08:f9:42:77:72:9a:c8:93:c1:4b:aa:5b:d1:35:8b:1c: da:73:6e:bf:c2:0d:86:16:cc:60:ec:67:3f:98:a3:d9:fc:86: 72:ba:dc:f6:a4:d8:36:06:0b:00:b7:bd:e4:07:59:8d:d7:3f: 9a:2d:d4:9e:78:f9:55:a9:0b:2e:19:ac:d2:cd:c3:12:48:ba: 80:fa:45:a6:c6:c1:1e:b7:20:ea:e2:49:b1:6e:6e:c2:e3:ac: 33:e1:71:05:5a:4f:35:3f:1c:8e:fb:76:db:17:58:ff:d8:5b: 4e:e6:1c:e5:7c:40:54:c5:40:e9:5c:eb:07:3a:37:5f:28:9c: 05:00:3a:d6:92:e4:33:d7:03:50:24:0e:e7:3f:d6:6a:bf:6a: d6:42:f0:6a:c4:97:ac:b0:15:87:0b:c8:60:95:27:ba:50:32: bd:c3:12:34 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUMgu8A5KKgt7E0jFZjhuCRvDitYgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MDUxNDAwMDAwMFoX DTI0MDYxODIzNTk1OVowejFJMEcGA1UEBRNAM2NiZDVmNmQ0MmE4Y2UxOWNmZTEx MzZhNmMxOGFmYTQ1ZjQ5YjY4ZGQ4MjczNGY0MmEzZDc4NjRjNzExZDEyZjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4OWvoPCwjOjBR/0T0BJ/EYsaehmO STwQxM9NJxVJj0YPynZwwOa1xHrtatNEPXqg78X73K2En47ir2xT5TjY2rQGUcFj qIVvERUtdJMbI8DARlgJjsow73JBh30PzDjwtnl7k/TCthuUR5rucI3ABtGEScal wi44ErhcJpz6l0YE429J/cedLEL22sBRhH2pqRNe0KQ2U/BuzkoxnWB6UMxzcewg tvVJdm1B1MDy6JH4/0sm72et6CzZbejdX0zXT6YDMnZv0Qhp9o3C7sgM+H8xVUTj iJNwklPDiQsqQYRvbFCOS8uMnOo/+v10WB4jK5szD8Je7+5VNVZwYb1tnwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFHxG4weJhb3+rCXhoIUVn/gPUwiTMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2IwYzM4ZjAzLTNjZWQtNDg0ZS1hYTViLTdiMDZmMTI1YWQ3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+CQMA0GCSqGSIb3DQEBCwUAA4IBAQCNtsWMBxUeAaKhKFGc7pWg naLYLTJCcgxDYcQxmJfAyeolQGpMU7b9StLn1pwaDU0k58ita3AyttxmlPoMvh5o 0M0/vnIlCoa49i9X5YRvB2DsUA732bSnYHjHIgj5QndymsiTwUuqW9E1ixzac26/ wg2GFsxg7Gc/mKPZ/IZyutz2pNg2BgsAt73kB1mN1z+aLdSeePlVqQsuGazSzcMS SLqA+kWmxsEetyDq4kmxbm7C46wz4XEFWk81PxyO+3bbF1j/2FtO5hzlfEBUxUDp XOsHOjdfKJwFADrWkuQz1wNQJA7nP9Zqv2rWQvBqxJessBWHC8hglSe6UDK9wxI0 -----END CERTIFICATE-----Generated at Sun Jun 2 01:00:49 2024 by rpki-client on console-fra.rpki-client.org