$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/00971cda-f8a5-49a0-a1dc-2285c68a8e9f.roa File: 00971cda-f8a5-49a0-a1dc-2285c68a8e9f.roa (raw, json) Hash identifier: QwBMsVCSUJbVJ8gdYXLrxOxb5+pQxURP92y7lMp6X20= Subject key identifier: 31:69:F4:26:F6:D3:99:51:8F:B6:2C:02:F1:D0:AE:C9:8E:8C:0C:C7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 72E198BC4FCC7FD9F17D5660E6B7114BBBAB27EF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/00971cda-f8a5-49a0-a1dc-2285c68a8e9f.roa Signing time: Wed 20 Nov 2024 00:00:00 +0000 ROA not before: Wed 20 Nov 2024 00:00:00 +0000 ROA not after: Wed 25 Dec 2024 23:59:59 +0000 asID: 14618 IP address blocks: 43.200.0.0/13 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 00:35:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:e1:98:bc:4f:cc:7f:d9:f1:7d:56:60:e6:b7:11:4b:bb:ab:27:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 20 00:00:00 2024 GMT Not After : Dec 25 23:59:59 2024 GMT Subject: serialNumber=060d96baaa1880493f91ad034f733a99b742648a80bd684b3d9c1d98bc346838, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:3f:e1:8d:0e:b2:15:e7:f4:4b:4a:14:01:62: a4:7d:e9:12:c8:97:4d:89:7a:1a:27:87:50:20:76: 11:24:e4:de:79:36:66:20:c4:b6:92:d3:e3:00:cc: 31:bf:a7:c5:45:26:c1:44:61:ab:37:4d:e8:83:de: 3d:5c:7b:f9:41:d7:6a:82:fd:6b:aa:60:48:a8:23: 8d:24:fb:f7:ed:83:d3:23:7a:4b:89:67:17:eb:60: 35:5b:d3:40:39:7f:0a:12:50:66:cb:a8:ea:d8:4d: e1:9f:ff:aa:3a:e4:fe:f7:85:33:42:ef:f1:18:dc: 94:c0:79:30:35:85:71:4f:01:c5:98:c6:ae:31:d3: a7:de:e4:ab:45:38:e0:f2:e1:13:34:b8:f8:ff:aa: 36:e1:f7:0a:22:bb:e2:da:48:54:12:35:cc:ac:3a: f5:13:8a:17:74:96:af:50:ca:67:0d:7b:c6:c8:18: 01:75:f2:62:6a:06:67:68:72:53:90:83:5c:26:90: f5:84:6c:0d:6a:65:4d:2d:7f:12:fc:5c:01:1f:0e: 6e:da:7a:c3:e0:5e:5f:99:6c:fc:7a:3c:cc:2d:b7: 85:13:b5:bd:da:27:3b:48:6f:cd:24:08:33:36:f6: df:6c:29:e4:2c:7e:48:f3:8a:2b:83:7b:d3:8b:53: 70:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:69:F4:26:F6:D3:99:51:8F:B6:2C:02:F1:D0:AE:C9:8E:8C:0C:C7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/00971cda-f8a5-49a0-a1dc-2285c68a8e9f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.200.0.0/13 Signature Algorithm: sha256WithRSAEncryption a4:8f:ee:c0:89:72:86:a7:06:4c:52:51:7c:17:58:2f:ea:f4: d8:a7:23:fd:4c:65:a7:d0:7e:49:4b:65:95:20:45:9a:e5:95: 5f:6a:44:3a:4a:9d:f3:3a:69:b5:4c:c3:84:92:97:bb:ff:cf: b5:b3:bb:86:49:eb:97:f7:4e:eb:0d:c3:79:a5:60:2a:25:a0: a1:fa:c1:86:fc:a5:c6:c9:b8:35:46:da:82:9d:05:c6:28:c3: b3:a2:1c:d1:b1:8b:4a:61:75:47:dd:16:e8:92:5b:8d:bf:9f: 1e:4b:cf:e6:4c:3f:34:70:77:42:58:a4:33:6e:51:e7:8f:1b: 7c:5c:5f:fe:47:1d:54:45:d2:5a:22:8a:62:0a:69:23:e4:bb: b4:b6:14:67:5d:ec:9f:f9:c5:a4:2f:96:b0:af:6c:0f:01:9e: 94:58:5b:34:bb:56:97:37:6e:56:9d:bf:74:52:39:78:de:12: d9:48:6e:07:77:7d:01:f9:ef:71:c5:09:9f:44:31:59:91:9c: 46:fa:fa:a6:87:fa:c1:9a:6c:ff:97:e8:31:1d:f2:46:12:b6: 9b:4d:6f:aa:c5:ff:28:51:2e:db:8d:da:ec:ae:fb:31:a6:7f: 23:41:54:0a:bc:35:59:47:ef:45:dc:c0:37:2a:d5:d6:ac:8d: 95:6d:bf:b9 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUcuGYvE/Mf9nxfVZg5rcRS7urJ+8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTEyMDAwMDAwMFoX DTI0MTIyNTIzNTk1OVowejFJMEcGA1UEBRNAMDYwZDk2YmFhYTE4ODA0OTNmOTFh ZDAzNGY3MzNhOTliNzQyNjQ4YTgwYmQ2ODRiM2Q5YzFkOThiYzM0NjgzODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqj/hjQ6yFef0S0oUAWKkfekSyJdN iXoaJ4dQIHYRJOTeeTZmIMS2ktPjAMwxv6fFRSbBRGGrN03og949XHv5Qddqgv1r qmBIqCONJPv37YPTI3pLiWcX62A1W9NAOX8KElBmy6jq2E3hn/+qOuT+94UzQu/x GNyUwHkwNYVxTwHFmMauMdOn3uSrRTjg8uETNLj4/6o24fcKIrvi2khUEjXMrDr1 E4oXdJavUMpnDXvGyBgBdfJiagZnaHJTkINcJpD1hGwNamVNLX8S/FwBHw5u2nrD 4F5fmWz8ejzMLbeFE7W92ic7SG/NJAgzNvbfbCnkLH5I84org3vTi1NwbQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFDFp9Cb205lRj7YsAvHQrsmOjAzHMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAwOTcxY2RhLWY4YTUtNDlhMC1hMWRjLTIyODVjNjhhOGU5Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMDK8gwDQYJKoZIhvcNAQELBQADggEBAKSP7sCJcoanBkxSUXwXWC/q 9NinI/1MZafQfklLZZUgRZrllV9qRDpKnfM6abVMw4SSl7v/z7Wzu4ZJ65f3TusN w3mlYColoKH6wYb8pcbJuDVG2oKdBcYow7OiHNGxi0phdUfdFuiSW42/nx5Lz+ZM PzRwd0JYpDNuUeePG3xcX/5HHVRF0loiimIKaSPku7S2FGdd7J/5xaQvlrCvbA8B npRYWzS7Vpc3bladv3RSOXjeEtlIbgd3fQH573HFCZ9EMVmRnEb6+qaH+sGabP+X 6DEd8kYStptNb6rF/yhRLtuN2uyu+zGmfyNBVAq8NVlH70XcwDcq1dasjZVtv7k= -----END CERTIFICATE-----Generated at Mon Nov 25 01:01:11 2024 by rpki-client on console-ams.rpki-client.org