$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/245a65bb-591c-47bc-8a8c-6c86b093fd8b.roa File: 245a65bb-591c-47bc-8a8c-6c86b093fd8b.roa (raw, json) Hash identifier: XP7ZNQEY3QlVIIbA5lOtnv/630yi+0T5DLklG/Nr2sw= Subject key identifier: D7:61:61:7D:B5:FD:0F:6C:74:B2:D7:9B:94:60:C4:13:D0:0D:27:F1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 643C75CD6E8318FAB89ADF490450D1B30E544DAB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/245a65bb-591c-47bc-8a8c-6c86b093fd8b.roa Signing time: Fri 25 Oct 2024 00:00:00 +0000 ROA not before: Fri 25 Oct 2024 00:00:00 +0000 ROA not after: Fri 29 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 43.249.44.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:3c:75:cd:6e:83:18:fa:b8:9a:df:49:04:50:d1:b3:0e:54:4d:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 25 00:00:00 2024 GMT Not After : Nov 29 23:59:59 2024 GMT Subject: serialNumber=e095333618528c19c1b1f28e40d5a537d1e0312937e0e18927f61764d8ec738e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:e3:5c:e1:eb:93:49:b4:b5:62:05:5e:22:45: 4a:e0:df:de:e8:75:4d:77:f6:16:d9:a0:73:7d:ad: fe:7f:5c:b2:7c:28:60:68:f2:2d:fa:d7:a7:4d:ca: 9d:ce:be:7b:a4:c9:43:88:d3:53:f6:4f:8e:33:4f: 5d:e8:6d:4c:b5:9f:ad:47:07:35:f8:86:74:b0:78: 54:a4:d2:eb:4a:32:d0:3e:d0:ca:99:b8:16:b6:32: f2:db:79:d6:43:7a:12:f7:72:57:03:86:be:48:a0: 60:ed:79:0e:9f:34:ce:92:26:34:74:c3:93:f4:3f: 04:60:89:fc:73:68:34:1a:a6:58:e4:93:e8:2f:40: 6c:8c:86:64:83:15:dc:96:d6:73:d0:f3:50:07:f2: 3e:bc:9f:10:bb:43:a8:56:6d:a3:14:ee:df:ae:74: c3:91:ba:9f:a9:ba:f5:a8:13:37:c5:9b:22:86:7b: 77:96:2b:02:5f:84:49:de:23:23:77:d5:5f:5f:cc: 69:9f:88:cc:ef:b4:4c:8f:a7:b0:65:87:6e:46:bd: 2c:75:bd:23:cd:28:15:aa:f3:e4:8c:2a:4e:9c:7d: 81:6f:35:f2:34:39:73:74:4d:71:18:1a:b3:45:69: 3a:a5:7f:51:b6:7b:fe:d9:8e:2b:66:5a:39:e9:6c: 80:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:61:61:7D:B5:FD:0F:6C:74:B2:D7:9B:94:60:C4:13:D0:0D:27:F1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/245a65bb-591c-47bc-8a8c-6c86b093fd8b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.249.44.0/22 Signature Algorithm: sha256WithRSAEncryption 5d:b0:55:ed:1f:d8:cb:35:a5:29:ff:0f:38:0a:52:fc:ff:4e: ea:cc:7a:0f:4b:22:52:c4:de:d7:32:cd:38:8c:45:2c:b9:69: 7e:25:64:d4:09:5b:9a:47:8d:e8:f4:d3:03:91:af:e6:31:e8: 19:d9:82:f0:99:0e:58:22:ea:d2:b4:b1:19:41:60:f7:ec:e3: 1c:e4:42:10:19:f7:96:64:25:b8:80:f4:af:11:92:90:eb:54: f3:b2:92:f0:2e:37:53:b9:95:26:4f:f2:9a:5c:0e:5e:ef:48: b9:02:62:4b:e7:a6:f6:fe:81:1d:8e:0d:66:58:c4:0b:ca:db: 4d:05:9d:57:f2:f0:52:8f:4f:5c:2b:4f:38:1b:4d:61:15:2e: df:2e:e7:6b:71:03:ac:9a:64:83:17:f3:0b:d7:27:2a:eb:68: b3:e0:33:c1:e8:a1:35:29:b6:69:24:bc:4e:5f:b3:56:88:98: a9:d6:eb:fe:97:fd:3e:d3:58:23:9d:d9:e4:ee:ed:da:2c:a7: 83:64:81:b1:d8:2e:42:05:22:27:ed:0a:43:53:87:32:02:1f: 2c:35:39:d7:03:1d:aa:0e:e5:91:4d:92:ac:57:bf:57:07:1c: b0:7d:7d:09:88:a7:61:ae:b2:d8:53:57:c0:b3:2a:70:b1:e5: ce:99:89:1e -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUZDx1zW6DGPq4mt9JBFDRsw5UTaswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAyNTAwMDAwMFoX DTI0MTEyOTIzNTk1OVowejFJMEcGA1UEBRNAZTA5NTMzMzYxODUyOGMxOWMxYjFm MjhlNDBkNWE1MzdkMWUwMzEyOTM3ZTBlMTg5MjdmNjE3NjRkOGVjNzM4ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveNc4euTSbS1YgVeIkVK4N/e6HVN d/YW2aBzfa3+f1yyfChgaPIt+tenTcqdzr57pMlDiNNT9k+OM09d6G1MtZ+tRwc1 +IZ0sHhUpNLrSjLQPtDKmbgWtjLy23nWQ3oS93JXA4a+SKBg7XkOnzTOkiY0dMOT 9D8EYIn8c2g0GqZY5JPoL0BsjIZkgxXcltZz0PNQB/I+vJ8Qu0OoVm2jFO7frnTD kbqfqbr1qBM3xZsihnt3lisCX4RJ3iMjd9VfX8xpn4jM77RMj6ewZYduRr0sdb0j zSgVqvPkjCpOnH2BbzXyNDlzdE1xGBqzRWk6pX9Rtnv+2Y4rZlo56WyA8wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFNdhYX21/Q9sdLLXm5RgxBPQDSfxMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI0NWE2NWJiLTU5MWMtNDdiYy04YThjLTZjODZiMDkzZmQ4Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/ksMA0GCSqGSIb3DQEBCwUAA4IBAQBdsFXtH9jLNaUp/w84ClL8 /07qzHoPSyJSxN7XMs04jEUsuWl+JWTUCVuaR43o9NMDka/mMegZ2YLwmQ5YIurS tLEZQWD37OMc5EIQGfeWZCW4gPSvEZKQ61TzspLwLjdTuZUmT/KaXA5e70i5AmJL 56b2/oEdjg1mWMQLyttNBZ1X8vBSj09cK084G01hFS7fLudrcQOsmmSDF/ML1ycq 62iz4DPB6KE1KbZpJLxOX7NWiJip1uv+l/0+01gjndnk7u3aLKeDZIGx2C5CBSIn 7QpDU4cyAh8sNTnXAx2qDuWRTZKsV79XBxywfX0JiKdhrrLYU1fAsypwseXOmYke -----END CERTIFICATE-----Generated at Fri Oct 25 16:44:23 2024 by rpki-client on console-ams.rpki-client.org