$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/084fc721-60a4-414f-b72d-dc01788e0fc2.roa File: 084fc721-60a4-414f-b72d-dc01788e0fc2.roa (raw, json) Hash identifier: RyChWB2QA+Cuy5N9hN1rWhVefEu7Oq4dbEVM+X94uaM= Subject key identifier: 49:05:92:6D:C3:32:5A:BF:9F:D1:49:9E:8A:BB:23:1E:A1:F3:6F:D7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5B6AB60D74FD06B1B4FE3B5BEE9FA26D05AD39D8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/084fc721-60a4-414f-b72d-dc01788e0fc2.roa Signing time: Mon 13 Jan 2025 00:00:00 +0000 ROA not before: Mon 13 Jan 2025 00:00:00 +0000 ROA not after: Mon 17 Feb 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.216.61.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:6a:b6:0d:74:fd:06:b1:b4:fe:3b:5b:ee:9f:a2:6d:05:ad:39:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Jan 13 00:00:00 2025 GMT Not After : Feb 17 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:3a:6d:60:63:8e:c2:5a:eb:a9:0d:73:16:32: a9:4f:01:51:c1:07:87:34:8a:42:73:4d:c8:ad:dd: 47:fd:ea:3c:58:60:20:80:9b:55:70:ac:f9:6a:2a: 68:0a:ea:23:7c:c4:51:8c:05:20:9c:30:83:88:ee: 93:d5:23:b4:84:6d:e5:d5:ea:d7:32:0c:fc:59:ac: 28:98:61:2e:3b:5f:88:f9:5c:f7:a8:68:21:44:40: b9:e8:c1:5a:48:b9:9f:ad:58:29:9b:61:37:4e:f6: be:d4:d7:cb:98:b2:b5:1a:3c:62:6a:6f:ac:a7:45: 7a:17:c2:3e:e5:8e:a8:25:c5:83:c5:a8:c7:92:ff: c3:fc:ca:7e:18:fa:78:72:6d:7f:20:c1:c1:ee:35: b4:2c:da:21:a6:d3:2d:9b:6f:45:db:5c:b3:19:97: db:ef:31:11:e4:77:63:fe:ce:ea:ad:ee:69:cd:d8: 96:0f:80:1c:b9:3c:08:f4:38:6e:e1:3e:3f:a6:cc: 77:f8:bc:0f:19:e8:8d:54:6f:ee:d7:fe:f9:22:f6: 81:16:db:63:ae:5e:bd:84:67:0b:da:5b:20:98:6e: b8:08:0f:9e:28:fc:7b:3a:11:dd:e3:3e:e0:f1:38: dc:69:af:b0:48:02:b3:d1:36:7c:62:13:52:ff:13: 73:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:05:92:6D:C3:32:5A:BF:9F:D1:49:9E:8A:BB:23:1E:A1:F3:6F:D7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/084fc721-60a4-414f-b72d-dc01788e0fc2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.216.61.0/24 Signature Algorithm: sha256WithRSAEncryption 86:99:05:81:30:2b:be:e3:b7:52:80:12:06:b7:12:12:fb:37: 39:c0:dc:52:e5:27:89:3a:d2:74:03:37:5d:b5:98:b9:4c:c3: b1:cf:8f:83:da:b4:a6:b8:2c:51:90:fa:b4:86:e3:02:51:3b: 9d:11:af:a3:0e:05:3a:3c:f7:29:bd:e9:ed:a5:72:c5:50:8a: 3e:f2:9a:5e:bc:86:3e:da:e9:5e:dd:06:8f:38:e1:e8:7b:39: 1a:17:c2:0e:e3:69:19:af:de:3f:f3:e3:9b:b7:5e:0e:80:27: 9e:42:03:1b:25:a9:fe:94:02:95:2b:ee:ac:b3:da:e9:88:32: 23:eb:d3:b1:e0:1d:9c:c8:a6:f4:61:c6:17:13:9c:db:83:25: 6b:b0:b0:0d:98:94:d4:e9:7a:46:b0:9b:cf:f5:91:c2:11:65: 51:68:c2:85:5c:f7:c9:0a:95:14:51:96:3c:37:3d:09:74:ea: be:c5:0c:3f:f6:29:d8:ba:b8:49:86:1e:8f:ff:90:9f:c5:6e: 7d:38:2c:a8:69:18:00:64:bf:df:da:59:d1:8b:c4:a3:db:73: 92:64:c9:7f:41:c6:7a:d6:43:54:dd:72:f5:ba:a0:ca:84:c3: f3:9c:6c:14:46:8a:61:09:32:77:2f:d3:78:0f:02:51:a2:87: a3:29:7a:61 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUW2q2DXT9BrG0/jtb7p+ibQWtOdgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDExMzAwMDAwMFoX DTI1MDIxNzIzNTk1OVowejFJMEcGA1UEBRNAZDk3ODdlNzExYmZjNGI0NDFjMDM4 MzY3ZjQ3OTg5ZGYwMjNhNDdlNmUxM2U2NWJjNmYxNzJkYzBjNzY0Y2MyZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjptYGOOwlrrqQ1zFjKpTwFRwQeH NIpCc03Ird1H/eo8WGAggJtVcKz5aipoCuojfMRRjAUgnDCDiO6T1SO0hG3l1erX Mgz8WawomGEuO1+I+Vz3qGghREC56MFaSLmfrVgpm2E3Tva+1NfLmLK1Gjxiam+s p0V6F8I+5Y6oJcWDxajHkv/D/Mp+GPp4cm1/IMHB7jW0LNohptMtm29F21yzGZfb 7zER5Hdj/s7qre5pzdiWD4AcuTwI9Dhu4T4/psx3+LwPGeiNVG/u1/75IvaBFttj rl69hGcL2lsgmG64CA+eKPx7OhHd4z7g8Tjcaa+wSAKz0TZ8YhNS/xNzXwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFEkFkm3DMlq/n9FJnoq7Ix6h82/XMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA4NGZjNzIxLTYwYTQtNDE0Zi1iNzJkLWRjMDE3ODhlMGZjMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9g9MA0GCSqGSIb3DQEBCwUAA4IBAQCGmQWBMCu+47dSgBIGtxIS +zc5wNxS5SeJOtJ0AzddtZi5TMOxz4+D2rSmuCxRkPq0huMCUTudEa+jDgU6PPcp ventpXLFUIo+8ppevIY+2ule3QaPOOHoezkaF8IO42kZr94/8+Obt14OgCeeQgMb Jan+lAKVK+6ss9rpiDIj69Ox4B2cyKb0YcYXE5zbgyVrsLANmJTU6XpGsJvP9ZHC EWVRaMKFXPfJCpUUUZY8Nz0JdOq+xQw/9inYurhJhh6P/5CfxW59OCyoaRgAZL/f 2lnRi8Sj23OSZMl/QcZ61kNU3XL1uqDKhMPznGwURophCTJ3L9N4DwJRooejKXph -----END CERTIFICATE-----Generated at Wed Feb 5 04:11:58 2025 by rpki-client