$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/04f7b09a-162c-4157-82a1-273946cdf1db.roa File: 04f7b09a-162c-4157-82a1-273946cdf1db.roa (raw, json) Hash identifier: 8k3x2R5AMGECJsgwEi1vQ9dFqoYFfREyTC+vX2RDYBE= Subject key identifier: 41:6B:9C:3D:EC:97:E8:5A:C4:7C:B3:97:8F:CD:B5:32:FB:AD:54:BC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 43252C63A58F7E1F6C5419FE47CFA83C08DA97B5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/04f7b09a-162c-4157-82a1-273946cdf1db.roa Signing time: Mon 08 Apr 2024 00:00:00 +0000 ROA not before: Mon 08 Apr 2024 00:00:00 +0000 ROA not after: Mon 13 May 2024 23:59:59 +0000 asID: 8987 IP address blocks: 203.83.220.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 28 Apr 2024 00:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:25:2c:63:a5:8f:7e:1f:6c:54:19:fe:47:cf:a8:3c:08:da:97:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 8 00:00:00 2024 GMT Not After : May 13 23:59:59 2024 GMT Subject: serialNumber=103564530c15994ec57af65660dbc69205e680e92f2da9821271a1a7b4ec59e1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:94:d2:1b:89:d9:0d:67:98:b5:d3:b1:a8:05: b7:44:72:f8:c1:82:3b:a4:ec:ef:70:57:96:30:0a: 3b:ff:40:c8:71:9b:37:2d:3d:dd:d1:4e:1d:6a:1d: d1:27:c8:ee:df:1c:e7:27:c5:c1:1e:0a:6a:86:fa: 80:3d:e1:97:48:3e:5f:ab:cd:78:4c:96:25:af:87: f9:e9:bf:71:9a:39:e4:72:33:24:a6:13:8b:b8:f7: ce:22:7e:cf:ee:e8:68:0f:ab:62:eb:5d:cc:ee:e6: 7b:65:61:f0:f8:c4:36:f0:0a:8f:a6:1d:9e:b5:08: e1:c5:6c:5a:0e:63:f2:ec:0c:74:24:13:a9:26:8f: d4:74:c6:fe:77:5d:61:79:18:c7:06:8e:c4:57:38: 7c:a1:46:6f:c4:15:72:3a:0b:3b:41:ef:c1:44:98: ff:0c:4e:ca:cf:fb:26:1a:86:9a:30:31:f6:0f:5b: 31:06:bd:c6:80:d9:23:88:32:4e:8c:29:7d:0a:57: a9:e6:77:f3:9f:7e:2b:ce:10:49:b8:b7:87:e3:8f: f2:13:64:fc:2d:cf:1b:9e:4c:e1:e0:5d:6d:9a:a7: 12:9d:dc:ba:b1:2d:0e:85:20:f7:48:a1:95:4a:df: 69:59:ac:f7:e2:e8:80:9c:c0:d3:13:3e:d5:cc:af: 28:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:6B:9C:3D:EC:97:E8:5A:C4:7C:B3:97:8F:CD:B5:32:FB:AD:54:BC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/04f7b09a-162c-4157-82a1-273946cdf1db.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.83.220.0/22 Signature Algorithm: sha256WithRSAEncryption cb:9e:f1:61:dc:e4:ea:c2:55:e5:ba:cc:53:3d:99:76:c8:61: dc:ed:de:1c:a2:b0:54:9f:d1:a8:22:6d:17:27:b7:77:9d:14: 45:79:b3:7b:f3:b7:44:83:24:d8:55:95:77:74:cc:20:75:8b: 17:d5:13:df:53:e4:33:3e:e6:98:b6:eb:90:be:ac:bb:56:6e: cc:1a:69:d4:bb:f8:16:6f:55:29:a0:69:df:43:37:2c:f4:96: 5d:c4:56:59:77:0a:d7:f5:a7:8c:16:76:5f:10:85:f3:82:f6: 83:76:b2:86:9d:87:d4:e6:02:68:3c:1a:b8:d2:a5:78:51:fd: 5d:f8:15:ed:1e:db:1f:3a:bf:28:ba:e7:85:b8:d2:9e:ca:ac: d7:71:f4:78:a1:81:5c:43:4e:f9:bb:5f:e0:b0:fd:a6:5c:33: 66:0e:4f:da:4e:a3:99:ae:1e:df:c8:60:5e:df:3f:79:4d:0d: 1a:35:b3:24:fe:3c:fd:f7:22:bd:4c:84:85:96:8f:56:63:5c: a5:8f:74:72:d1:0b:96:32:60:b2:ff:4f:45:e1:4c:36:92:01: 69:91:7a:b6:ae:f6:63:3d:76:72:ab:3f:b8:e8:42:ce:93:d0: 49:1d:ae:3b:d6:8a:24:bf:9d:91:b1:4d:38:bb:e4:40:ee:55: 18:d4:c3:0e -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUQyUsY6WPfh9sVBn+R8+oPAjal7UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwODAwMDAwMFoX DTI0MDUxMzIzNTk1OVowejFJMEcGA1UEBRNAMTAzNTY0NTMwYzE1OTk0ZWM1N2Fm NjU2NjBkYmM2OTIwNWU2ODBlOTJmMmRhOTgyMTI3MWExYTdiNGVjNTllMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15TSG4nZDWeYtdOxqAW3RHL4wYI7 pOzvcFeWMAo7/0DIcZs3LT3d0U4dah3RJ8ju3xznJ8XBHgpqhvqAPeGXSD5fq814 TJYlr4f56b9xmjnkcjMkphOLuPfOIn7P7uhoD6ti613M7uZ7ZWHw+MQ28AqPph2e tQjhxWxaDmPy7Ax0JBOpJo/UdMb+d11heRjHBo7EVzh8oUZvxBVyOgs7Qe/BRJj/ DE7Kz/smGoaaMDH2D1sxBr3GgNkjiDJOjCl9Clep5nfzn34rzhBJuLeH44/yE2T8 Lc8bnkzh4F1tmqcSndy6sS0OhSD3SKGVSt9pWaz34uiAnMDTEz7VzK8oawIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFEFrnD3sl+haxHyzl4/NtTL7rVS8MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA0ZjdiMDlhLTE2MmMtNDE1Ny04MmExLTI3Mzk0NmNkZjFkYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCy1PcMA0GCSqGSIb3DQEBCwUAA4IBAQDLnvFh3OTqwlXlusxTPZl2 yGHc7d4corBUn9GoIm0XJ7d3nRRFebN787dEgyTYVZV3dMwgdYsX1RPfU+QzPuaY tuuQvqy7Vm7MGmnUu/gWb1UpoGnfQzcs9JZdxFZZdwrX9aeMFnZfEIXzgvaDdrKG nYfU5gJoPBq40qV4Uf1d+BXtHtsfOr8ouueFuNKeyqzXcfR4oYFcQ075u1/gsP2m XDNmDk/aTqOZrh7fyGBe3z95TQ0aNbMk/jz99yK9TISFlo9WY1ylj3Ry0QuWMmCy /09F4Uw2kgFpkXq2rvZjPXZyqz+46ELOk9BJHa471ookv52RsU04u+RA7lUY1MMO -----END CERTIFICATE-----Generated at Wed Apr 24 05:35:17 2024 by rpki-client on console-ams.rpki-client.org