$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/04f7b09a-162c-4157-82a1-273946cdf1db.roa File: 04f7b09a-162c-4157-82a1-273946cdf1db.roa (raw, json) Hash identifier: fcF4mTAyczE/jwOn8JcCtsclQcuvDCEvDTUHaEpMS+M= Subject key identifier: 6D:35:AD:54:29:31:DA:37:64:D5:71:A7:A4:88:8E:1B:68:48:48:4D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 22DD68B067EBE8B304E5696518DADF0FFB15D565 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/04f7b09a-162c-4157-82a1-273946cdf1db.roa Signing time: Wed 20 Nov 2024 00:00:00 +0000 ROA not before: Wed 20 Nov 2024 00:00:00 +0000 ROA not after: Wed 25 Dec 2024 23:59:59 +0000 asID: 8987 IP address blocks: 203.83.220.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:27:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:dd:68:b0:67:eb:e8:b3:04:e5:69:65:18:da:df:0f:fb:15:d5:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 20 00:00:00 2024 GMT Not After : Dec 25 23:59:59 2024 GMT Subject: serialNumber=c44ee7fdde2a699f0e06a6d6b03dd07781ddd51cfae046c772a2e1e6ce6192fd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:56:c5:b6:b8:ad:39:19:9e:08:25:fc:27:9f: 7d:b7:6a:3f:d0:4b:49:56:70:21:fd:d2:0c:09:82: 2f:bb:dc:a5:d9:f6:0f:17:39:f0:0e:7e:8b:e1:76: 08:20:11:b8:91:ff:42:bb:9e:c7:cc:df:07:6a:a0: 06:35:a1:aa:29:e4:25:72:29:40:b7:8a:5f:c7:79: c6:4a:c1:0d:e0:c3:49:52:3b:ad:b7:d1:b3:a9:21: ad:db:42:06:1a:9b:95:85:cb:4c:2c:6d:71:00:e1: 84:03:8c:85:a0:83:0c:96:0e:d5:a0:ed:9f:fa:21: b2:83:de:8d:8a:e0:c9:4d:72:61:fe:7f:9d:1c:1e: 17:5b:d1:bb:fe:e5:c8:dc:7b:dd:40:c2:3b:58:d6: 2b:f0:a2:a5:b3:db:cd:8e:7d:a5:07:95:b9:8a:f5: 34:0a:d1:ad:29:37:a9:35:22:a3:f6:bb:b2:c7:ef: d9:a5:1d:d4:32:c8:97:99:ca:45:a3:e9:c7:bf:34: 17:c9:f2:0e:41:3e:50:8f:21:1d:06:3f:69:3e:c2: bc:1b:d1:bd:1a:9c:fc:ac:08:88:57:45:a2:fc:ae: 0d:61:2c:f6:8c:c0:9c:a1:9a:fc:57:7b:92:a7:30: 04:42:7b:d9:b0:83:88:4b:21:e5:02:1d:e9:71:5c: f4:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:35:AD:54:29:31:DA:37:64:D5:71:A7:A4:88:8E:1B:68:48:48:4D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/04f7b09a-162c-4157-82a1-273946cdf1db.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.83.220.0/22 Signature Algorithm: sha256WithRSAEncryption 85:24:ee:f3:cf:87:68:ce:a4:36:e3:b1:62:e6:90:e3:4d:6b: b4:94:4a:5e:4b:88:83:c0:1b:3b:da:f3:de:5d:87:1c:a7:27: ee:d8:d7:6a:f4:fb:85:43:4a:de:43:ff:1f:e0:f1:76:17:0b: f8:0c:2e:54:86:6a:31:94:48:4f:13:2b:d5:0d:8d:08:44:a4: c2:14:c8:6e:f1:ec:af:b4:c2:ae:c2:dd:fd:ac:91:ba:1c:9a: f5:b4:26:be:8f:e9:58:f2:83:c6:5b:a8:bc:76:ac:fb:2f:d1: 09:32:a9:8b:26:0f:3e:30:d6:cc:73:de:86:b0:6a:d4:8f:4e: d6:c4:9a:05:5e:ac:f5:e4:ff:d4:a9:2e:79:1d:44:ac:95:e2: b1:c8:fd:f2:f5:80:63:14:61:48:c4:f2:f1:5c:06:08:6f:36: 74:f9:b6:15:34:22:d7:5e:75:6a:41:78:9f:71:17:5f:41:b3: af:2c:32:ae:2d:89:97:ad:cb:88:4f:61:50:11:fc:c0:95:27: fe:ce:9f:e8:e7:59:4e:14:14:98:e0:a3:64:41:fe:df:d6:80: 3e:63:61:75:fa:05:ee:15:3a:c4:d9:1b:1a:1e:de:7d:86:01: a3:84:78:51:9e:92:e8:c0:df:9f:be:ca:88:1c:8d:23:80:e0: 5d:ce:12:50 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUIt1osGfr6LME5WllGNrfD/sV1WUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTEyMDAwMDAwMFoX DTI0MTIyNTIzNTk1OVowejFJMEcGA1UEBRNAYzQ0ZWU3ZmRkZTJhNjk5ZjBlMDZh NmQ2YjAzZGQwNzc4MWRkZDUxY2ZhZTA0NmM3NzJhMmUxZTZjZTYxOTJmZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplbFtritORmeCCX8J599t2o/0EtJ VnAh/dIMCYIvu9yl2fYPFznwDn6L4XYIIBG4kf9Cu57HzN8HaqAGNaGqKeQlcilA t4pfx3nGSsEN4MNJUjutt9GzqSGt20IGGpuVhctMLG1xAOGEA4yFoIMMlg7VoO2f +iGyg96NiuDJTXJh/n+dHB4XW9G7/uXI3HvdQMI7WNYr8KKls9vNjn2lB5W5ivU0 CtGtKTepNSKj9ruyx+/ZpR3UMsiXmcpFo+nHvzQXyfIOQT5QjyEdBj9pPsK8G9G9 Gpz8rAiIV0Wi/K4NYSz2jMCcoZr8V3uSpzAEQnvZsIOISyHlAh3pcVz04QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFG01rVQpMdo3ZNVxp6SIjhtoSEhNMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA0ZjdiMDlhLTE2MmMtNDE1Ny04MmExLTI3Mzk0NmNkZjFkYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCy1PcMA0GCSqGSIb3DQEBCwUAA4IBAQCFJO7zz4dozqQ247Fi5pDj TWu0lEpeS4iDwBs72vPeXYccpyfu2Ndq9PuFQ0reQ/8f4PF2Fwv4DC5UhmoxlEhP EyvVDY0IRKTCFMhu8eyvtMKuwt39rJG6HJr1tCa+j+lY8oPGW6i8dqz7L9EJMqmL Jg8+MNbMc96GsGrUj07WxJoFXqz15P/UqS55HUSsleKxyP3y9YBjFGFIxPLxXAYI bzZ0+bYVNCLXXnVqQXifcRdfQbOvLDKuLYmXrcuIT2FQEfzAlSf+zp/o51lOFBSY 4KNkQf7f1oA+Y2F1+gXuFTrE2RsaHt59hgGjhHhRnpLowN+fvsqIHI0jgOBdzhJQ -----END CERTIFICATE-----Generated at Fri Nov 22 01:33:37 2024 by rpki-client on console-ams.rpki-client.org