$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa File: 0bce91dc-229b-42a7-9c92-722aa69f577e.roa (raw, json) Hash identifier: nHWoDUpnc1qieXjIGZfJup32x1PNLzuna0Pvgcgi1po= Subject key identifier: B1:06:8C:45:E6:61:C5:EB:E8:57:F4:6B:42:43:FA:CE:09:77:EC:F4 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7C1BFE2D4E8999065E29A5875BCCCCBB72E0B00E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa Signing time: Wed 20 Nov 2024 00:00:00 +0000 ROA not before: Wed 20 Nov 2024 00:00:00 +0000 ROA not after: Wed 25 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 43.198.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:27:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:1b:fe:2d:4e:89:99:06:5e:29:a5:87:5b:cc:cc:bb:72:e0:b0:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 20 00:00:00 2024 GMT Not After : Dec 25 23:59:59 2024 GMT Subject: serialNumber=0fd37467785b59d38065b0adc50835060c703a03c7c202c7f5ce5485663d2975, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:ef:8d:2c:6a:5c:52:8a:80:c9:85:85:e4:91: 87:46:46:92:fc:12:bf:6f:3c:c8:d0:ce:5a:f3:da: d3:9f:8d:e6:bb:a6:8a:29:a3:21:d5:f3:4d:d4:02: c0:df:2d:9a:ed:a1:e9:3c:01:43:64:df:20:7a:20: 67:a5:20:0e:69:b5:c2:61:d7:30:ad:f1:6b:d4:b2: 68:7b:6e:82:e0:65:68:82:45:a2:38:5e:9a:5d:68: 1b:cf:9d:90:00:4a:cc:6c:02:5c:2d:97:56:8d:b8: df:ce:b1:ea:04:b6:54:ea:64:14:b0:40:40:75:42: eb:24:ca:ec:9f:68:ba:8a:f6:57:26:c2:fa:48:77: bd:dd:e7:ba:bc:d5:31:18:fe:7e:40:62:7e:9c:af: af:5d:5d:83:37:93:04:d7:32:5f:44:9e:bd:03:fd: 67:b3:73:2b:98:6f:87:9e:43:39:fe:f2:90:5e:45: d7:67:74:39:c4:a0:97:9d:e5:19:35:36:72:0e:e3: 6a:40:f5:12:42:38:11:cf:4f:64:5f:cd:b3:22:ed: 40:12:55:75:e2:a2:d2:95:8d:e3:26:23:54:e8:6d: 5a:e3:f7:d9:9f:d1:75:b5:5f:c0:39:25:4c:56:0d: b5:be:b1:32:5d:d6:68:ad:82:0b:84:48:db:59:04: 57:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:06:8C:45:E6:61:C5:EB:E8:57:F4:6B:42:43:FA:CE:09:77:EC:F4 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.198.0.0/15 Signature Algorithm: sha256WithRSAEncryption 82:bb:15:2b:c7:e2:e4:29:ef:04:eb:df:dc:c0:90:d1:9a:e6: 4b:d9:30:37:43:37:c4:eb:76:7e:84:b8:2e:7a:06:b0:ad:5d: 53:2d:af:34:81:94:fd:cc:31:ec:a2:b3:0a:85:df:2f:22:9e: ae:1d:48:58:8d:0b:d5:5e:d9:76:ef:82:37:25:3f:b1:13:22: 01:2a:eb:89:52:8e:ec:ac:3f:b6:13:16:10:f4:66:a0:55:f4: aa:2f:a7:de:66:f9:60:78:ae:06:29:57:de:94:f7:04:45:81: d3:91:48:aa:05:7a:05:56:0f:09:06:42:86:dc:cd:f0:b3:8e: 87:7d:25:26:c2:55:a1:23:99:00:11:3f:87:73:60:89:40:55: fd:9a:90:9f:69:27:4a:7e:16:d6:9b:52:fa:74:fc:55:9b:f8: ae:40:cd:f2:b9:48:d4:11:f5:74:38:53:ff:11:cb:04:a9:cf: 6b:4e:e7:c6:25:57:26:1a:e9:6d:b6:14:9b:82:36:b8:e5:dc: d9:c5:86:ad:18:39:d4:69:fc:3e:89:1e:03:f0:ea:a3:11:70: a4:43:30:2a:63:0a:72:a8:cd:e5:8d:c2:1a:4f:25:cf:b5:14: 53:a1:c9:3d:94:d4:6e:7a:13:fa:f6:21:25:52:c5:61:41:81: cb:5c:11:d9 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUfBv+LU6JmQZeKaWHW8zMu3LgsA4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTEyMDAwMDAwMFoX DTI0MTIyNTIzNTk1OVowejFJMEcGA1UEBRNAMGZkMzc0Njc3ODViNTlkMzgwNjVi MGFkYzUwODM1MDYwYzcwM2EwM2M3YzIwMmM3ZjVjZTU0ODU2NjNkMjk3NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmO+NLGpcUoqAyYWF5JGHRkaS/BK/ bzzI0M5a89rTn43mu6aKKaMh1fNN1ALA3y2a7aHpPAFDZN8geiBnpSAOabXCYdcw rfFr1LJoe26C4GVogkWiOF6aXWgbz52QAErMbAJcLZdWjbjfzrHqBLZU6mQUsEBA dULrJMrsn2i6ivZXJsL6SHe93ee6vNUxGP5+QGJ+nK+vXV2DN5ME1zJfRJ69A/1n s3MrmG+HnkM5/vKQXkXXZ3Q5xKCXneUZNTZyDuNqQPUSQjgRz09kX82zIu1AElV1 4qLSlY3jJiNU6G1a4/fZn9F1tV/AOSVMVg21vrEyXdZorYILhEjbWQRXmwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFLEGjEXmYcXr6Ff0a0JD+s4Jd+z0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBiY2U5MWRjLTIyOWItNDJhNy05YzkyLTcyMmFhNjlmNTc3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK8YwDQYJKoZIhvcNAQELBQADggEBAIK7FSvH4uQp7wTr39zAkNGa 5kvZMDdDN8Trdn6EuC56BrCtXVMtrzSBlP3MMeyiswqF3y8inq4dSFiNC9Ve2Xbv gjclP7ETIgEq64lSjuysP7YTFhD0ZqBV9Kovp95m+WB4rgYpV96U9wRFgdORSKoF egVWDwkGQobczfCzjod9JSbCVaEjmQARP4dzYIlAVf2akJ9pJ0p+FtabUvp0/FWb +K5AzfK5SNQR9XQ4U/8RywSpz2tO58YlVyYa6W22FJuCNrjl3NnFhq0YOdRp/D6J HgPw6qMRcKRDMCpjCnKozeWNwhpPJc+1FFOhyT2U1G56E/r2ISVSxWFBgctcEdk= -----END CERTIFICATE-----Generated at Fri Nov 22 02:07:34 2024 by rpki-client on console-fra.rpki-client.org