$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/08d6baab-c572-47df-8a68-08fddff235d6.roa File: 08d6baab-c572-47df-8a68-08fddff235d6.roa (raw, json) Hash identifier: eS0XVELqrmuHkQtwviFNEQ7aISBUuHfqoxW4S0rDMoY= Subject key identifier: C9:F2:02:5A:67:90:C4:8D:95:8A:38:9A:9E:77:31:8B:B1:4A:A3:42 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 163FAA20F67533A0A27C775707E202F2B034635C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/08d6baab-c572-47df-8a68-08fddff235d6.roa Signing time: Tue 19 Sep 2023 00:00:00 +0000 ROA not before: Tue 19 Sep 2023 00:00:00 +0000 ROA not after: Tue 24 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 43.218.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 12:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:3f:aa:20:f6:75:33:a0:a2:7c:77:57:07:e2:02:f2:b0:34:63:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 19 00:00:00 2023 GMT Not After : Oct 24 23:59:59 2023 GMT Subject: serialNumber=ed948bf23d1781a1d132b4a1d2dc682eb2d5b28575ee22becca36031ca84ec16, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:ae:4a:0a:f3:1c:d2:2e:7e:d8:61:29:d8:33: 84:a7:9d:19:69:ec:08:ba:e3:9b:c4:ed:a7:6b:fc: 9e:1b:12:0d:90:cc:69:96:a4:af:ca:84:59:fd:38: 94:b0:dd:84:45:6f:2c:04:47:02:ce:60:1e:01:cb: e8:5f:67:61:e5:ec:83:a6:29:ed:e9:cd:fa:a9:c9: 02:6a:be:96:12:1e:e2:91:2e:bd:8d:26:3e:43:c6: 5d:2c:18:ba:bb:08:65:e3:9e:86:64:7c:32:7e:59: ef:f2:94:1b:cd:38:ed:2b:6e:7c:42:13:9a:38:13: 80:df:5b:69:0b:b2:11:d1:21:ad:40:14:58:49:e6: 71:09:a1:40:ee:2c:a1:d0:cb:5c:1d:f6:f5:02:08: ad:c6:0d:cc:8a:34:39:22:1d:f6:34:a0:8b:b1:c2: 90:b7:ff:30:2a:6c:9f:66:05:1c:8a:49:5c:60:80: cb:3c:aa:e6:be:b1:1c:98:82:22:47:b2:5f:7e:d6: c7:a3:64:3d:7e:f6:34:f7:2d:15:aa:6d:2e:2a:f3: 61:e5:d2:1c:a8:0a:fc:ae:08:09:07:6f:7a:17:e9: 57:dd:49:e7:9e:e0:f8:b0:7a:55:fc:d1:49:e9:30: d4:78:79:15:05:62:a1:fb:cb:40:82:38:aa:05:cb: 71:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:F2:02:5A:67:90:C4:8D:95:8A:38:9A:9E:77:31:8B:B1:4A:A3:42 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/08d6baab-c572-47df-8a68-08fddff235d6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.218.0.0/16 Signature Algorithm: sha256WithRSAEncryption a5:9a:b0:c7:a7:05:85:67:34:d4:4a:62:1c:f1:52:72:f3:01: e8:49:70:12:f2:60:0d:03:68:79:81:07:41:d6:8c:51:8e:ed: ec:ba:70:e5:78:3d:11:3c:d2:8c:d4:80:03:cc:13:56:2e:8c: fe:6f:69:6a:a3:43:22:65:9a:48:22:02:c2:7a:e8:cc:3e:35: 48:09:58:96:00:e2:c0:52:17:1d:c5:f0:50:81:84:23:f6:ba: 9f:7f:26:68:7b:b2:f8:d9:2b:37:3a:01:a8:6c:69:06:06:0f: df:b5:5c:5c:59:37:7d:ba:2f:bd:29:c2:5b:eb:2c:65:d6:bd: 25:25:4c:66:3b:9b:43:13:12:8c:74:09:ca:f4:4b:25:ed:4a: 52:bf:31:fe:8b:e6:ce:12:0e:aa:1f:2e:6a:27:c6:5c:8d:3c: b2:f3:da:23:56:1f:eb:32:40:b9:2b:94:ab:2e:3c:f1:8c:40: be:6f:0e:9e:f8:e0:35:0c:9b:da:34:d3:05:94:92:bc:b4:96: 05:8f:e5:d3:da:2c:d7:23:09:39:0e:6a:d2:35:08:d1:0c:9a: b6:36:b4:97:1e:2a:78:e0:6a:06:7e:a2:06:07:89:3f:a0:57: 63:58:df:87:f8:95:f8:5b:2d:0c:19:03:28:53:a4:4e:c1:62: d6:ff:bd:b2 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUFj+qIPZ1M6CifHdXB+IC8rA0Y1wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxOTAwMDAwMFoX DTIzMTAyNDIzNTk1OVowejFJMEcGA1UEBRNAZWQ5NDhiZjIzZDE3ODFhMWQxMzJi NGExZDJkYzY4MmViMmQ1YjI4NTc1ZWUyMmJlY2NhMzYwMzFjYTg0ZWMxNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAma5KCvMc0i5+2GEp2DOEp50ZaewI uuObxO2na/yeGxINkMxplqSvyoRZ/TiUsN2ERW8sBEcCzmAeAcvoX2dh5eyDpint 6c36qckCar6WEh7ikS69jSY+Q8ZdLBi6uwhl456GZHwyflnv8pQbzTjtK258QhOa OBOA31tpC7IR0SGtQBRYSeZxCaFA7iyh0MtcHfb1Agitxg3MijQ5Ih32NKCLscKQ t/8wKmyfZgUciklcYIDLPKrmvrEcmIIiR7JfftbHo2Q9fvY09y0Vqm0uKvNh5dIc qAr8rggJB296F+lX3UnnnuD4sHpV/NFJ6TDUeHkVBWKh+8tAgjiqBctxqwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFMnyAlpnkMSNlYo4mp53MYuxSqNCMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA4ZDZiYWFiLWM1NzItNDdkZi04YTY4LTA4ZmRkZmYyMzVkNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMAK9owDQYJKoZIhvcNAQELBQADggEBAKWasMenBYVnNNRKYhzxUnLz AehJcBLyYA0DaHmBB0HWjFGO7ey6cOV4PRE80ozUgAPME1YujP5vaWqjQyJlmkgi AsJ66Mw+NUgJWJYA4sBSFx3F8FCBhCP2up9/Jmh7svjZKzc6AahsaQYGD9+1XFxZ N326L70pwlvrLGXWvSUlTGY7m0MTEox0Ccr0SyXtSlK/Mf6L5s4SDqofLmonxlyN PLLz2iNWH+syQLkrlKsuPPGMQL5vDp744DUMm9o00wWUkry0lgWP5dPaLNcjCTkO atI1CNEMmrY2tJceKnjgagZ+ogYHiT+gV2NY34f4lfhbLQwZAyhTpE7BYtb/vbI= -----END CERTIFICATE-----Generated at Tue Sep 19 00:21:19 2023 by rpki-client on console-fra.rpki-client.org