$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa File: 0bce91dc-229b-42a7-9c92-722aa69f577e.roa (raw, json) Hash identifier: wW4pzzlWgVJLc/9Q4bk2jo8EirBnRj0H0Qeqta0ks7Y= Subject key identifier: BF:8F:A2:61:6C:2D:BE:7B:C6:08:41:BF:DB:48:43:8C:45:39:78:5E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 21BC8B4F2D15343895F593A8853F1A25083A164C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa Signing time: Tue 19 Sep 2023 00:00:00 +0000 ROA not before: Tue 19 Sep 2023 00:00:00 +0000 ROA not after: Tue 24 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 43.198.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 12:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:bc:8b:4f:2d:15:34:38:95:f5:93:a8:85:3f:1a:25:08:3a:16:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 19 00:00:00 2023 GMT Not After : Oct 24 23:59:59 2023 GMT Subject: serialNumber=709ca10379e3158f4453b0b94a086c15563ff5e0a3f9d46ad5091562b5f22b53, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:fd:c6:d6:65:0d:ea:0e:85:0c:8c:1a:7c:d7: 6b:c0:b3:64:6e:7a:bf:52:94:26:d8:6b:f0:e1:30: b5:cb:37:05:d9:ff:c9:63:ec:80:fe:cc:ff:3b:0e: ae:e9:ab:f2:a9:06:ea:d6:ea:52:d6:10:f3:6e:47: 5a:00:6c:99:48:a6:d8:c2:b7:b5:6a:24:b4:c6:9d: 1c:83:0a:99:a9:fa:fa:35:84:63:c1:ef:f1:aa:50: 81:8b:96:42:fa:79:d1:e4:2f:1c:79:ec:c0:5e:db: a9:27:44:cf:74:1a:3e:c4:1f:db:2c:e5:c3:a8:df: 74:33:71:11:83:f6:1d:f2:9e:84:fd:c9:19:26:b0: 9d:9e:3c:8e:1d:78:c8:10:17:94:89:29:90:d9:11: c4:f2:48:b8:4c:fd:ed:d8:3f:2d:7d:ca:f6:47:65: 0a:d0:d4:c3:be:6b:4f:77:50:7a:1e:72:77:26:cb: ad:20:fb:1f:ab:cc:45:73:f1:ea:8d:fb:22:c2:57: b3:59:f0:e2:e3:4f:24:5b:7d:8d:81:5e:0a:19:07: cf:5a:4f:bd:aa:39:08:4d:19:bb:0c:ba:78:b8:83: 27:c6:f6:1f:66:8d:c2:cc:c8:ec:bb:35:39:92:af: fc:21:db:fb:0c:ad:ae:08:36:03:3d:71:04:82:0d: cc:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:8F:A2:61:6C:2D:BE:7B:C6:08:41:BF:DB:48:43:8C:45:39:78:5E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0bce91dc-229b-42a7-9c92-722aa69f577e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.198.0.0/15 Signature Algorithm: sha256WithRSAEncryption 8e:e3:25:24:c5:7f:74:68:eb:57:bd:0c:10:3e:27:48:4c:a7: 68:bb:16:fd:83:6b:5c:04:59:0c:0a:1d:92:a2:92:e0:43:33: 01:0f:05:2f:89:21:97:03:48:69:cd:85:46:a6:a4:0c:fe:65: 29:6f:8f:53:43:5a:07:62:0d:0f:6d:6c:39:7b:5f:ca:a0:82: 7f:15:9e:ef:8a:fd:ce:ca:bc:5c:1c:38:77:6e:cb:19:c8:75: d1:c8:77:79:90:ab:8a:53:f0:f7:2f:db:36:b8:86:93:42:9b: e6:db:47:43:ce:0f:a6:42:3a:51:fe:0a:3d:73:1c:d9:be:01: 93:9a:06:d6:04:fa:1e:df:c6:90:c2:cb:94:a0:d8:87:45:9b: 42:b9:82:10:24:f9:67:93:6b:98:d9:25:3c:ea:1d:df:ab:11: c2:81:0c:42:17:b4:4d:08:a6:71:0f:8a:85:e5:b0:3b:48:6a: ac:2c:26:e9:d7:93:b2:bd:77:01:24:45:fa:80:cf:9c:da:1e: 9e:57:d2:74:da:48:96:e2:65:16:3a:62:69:74:85:d0:fa:b2: 9f:2a:74:13:35:96:ea:2e:d2:c2:cc:ec:dc:61:5f:f9:7d:60: e0:db:1a:3b:f0:eb:ec:e4:e4:9f:1c:ed:07:ce:ec:1e:dd:99: 8c:ae:9f:59 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUIbyLTy0VNDiV9ZOohT8aJQg6FkwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxOTAwMDAwMFoX DTIzMTAyNDIzNTk1OVowejFJMEcGA1UEBRNANzA5Y2ExMDM3OWUzMTU4ZjQ0NTNi MGI5NGEwODZjMTU1NjNmZjVlMGEzZjlkNDZhZDUwOTE1NjJiNWYyMmI1MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/3G1mUN6g6FDIwafNdrwLNkbnq/ UpQm2Gvw4TC1yzcF2f/JY+yA/sz/Ow6u6avyqQbq1upS1hDzbkdaAGyZSKbYwre1 aiS0xp0cgwqZqfr6NYRjwe/xqlCBi5ZC+nnR5C8ceezAXtupJ0TPdBo+xB/bLOXD qN90M3ERg/Yd8p6E/ckZJrCdnjyOHXjIEBeUiSmQ2RHE8ki4TP3t2D8tfcr2R2UK 0NTDvmtPd1B6HnJ3JsutIPsfq8xFc/HqjfsiwlezWfDi408kW32NgV4KGQfPWk+9 qjkITRm7DLp4uIMnxvYfZo3CzMjsuzU5kq/8Idv7DK2uCDYDPXEEgg3MhwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFL+PomFsLb57xghBv9tIQ4xFOXheMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBiY2U5MWRjLTIyOWItNDJhNy05YzkyLTcyMmFhNjlmNTc3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK8YwDQYJKoZIhvcNAQELBQADggEBAI7jJSTFf3Ro61e9DBA+J0hM p2i7Fv2Da1wEWQwKHZKikuBDMwEPBS+JIZcDSGnNhUampAz+ZSlvj1NDWgdiDQ9t bDl7X8qggn8Vnu+K/c7KvFwcOHduyxnIddHId3mQq4pT8Pcv2za4hpNCm+bbR0PO D6ZCOlH+Cj1zHNm+AZOaBtYE+h7fxpDCy5Sg2IdFm0K5ghAk+WeTa5jZJTzqHd+r EcKBDEIXtE0IpnEPioXlsDtIaqwsJunXk7K9dwEkRfqAz5zaHp5X0nTaSJbiZRY6 Yml0hdD6sp8qdBM1luou0sLM7NxhX/l9YODbGjvw6+zk5J8c7QfO7B7dmYyun1k= -----END CERTIFICATE-----Generated at Tue Sep 19 00:49:50 2023 by rpki-client on console-ams.rpki-client.org