$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/297539b4-7a62-452c-952f-8f3d17400754.roa File: 297539b4-7a62-452c-952f-8f3d17400754.roa (raw, json) Hash identifier: dSA0VwBbdNr1r6YKW0AYGPwzdUBS4qhfKnCfTXhaBZo= Subject key identifier: 16:A4:E2:18:A2:BA:89:3E:DB:58:23:DC:E2:33:FD:A9:CA:93:00:2D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6EA0092A68D4991DBDBC6066AD1BFC0D3E8095F0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/297539b4-7a62-452c-952f-8f3d17400754.roa Signing time: Thu 11 Apr 2024 00:00:00 +0000 ROA not before: Thu 11 Apr 2024 00:00:00 +0000 ROA not after: Thu 16 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 43.212.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 May 2024 00:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:a0:09:2a:68:d4:99:1d:bd:bc:60:66:ad:1b:fc:0d:3e:80:95:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 11 00:00:00 2024 GMT Not After : May 16 23:59:59 2024 GMT Subject: serialNumber=050b0dbf102cad8005052da048184021104ab969081fb7f15308b855218c7b30, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:f3:4a:e5:20:f2:12:2b:33:7f:dc:c2:cf:96: 89:ad:ab:52:41:0f:09:3b:62:1a:18:e6:e6:96:a2: 0b:4d:20:31:83:21:94:27:f8:00:92:cd:94:64:6c: 9c:9f:8b:13:9a:7d:d8:08:80:2a:fb:72:24:a0:e2: 31:f1:ce:92:d9:c5:bb:7d:f2:99:05:17:b1:3e:e0: 93:bf:f4:9e:7e:ee:8f:73:2c:fa:ab:58:4b:37:64: 83:07:95:98:e0:ab:19:44:3b:e8:d8:8d:29:72:c2: 8a:83:45:db:c9:81:00:66:5b:4d:d6:dd:9f:4c:1e: 2d:86:fb:59:e6:71:0e:a5:4c:5f:a7:6b:41:14:aa: 22:3c:46:ac:2f:93:2e:3f:45:8c:ff:e7:f6:3f:25: 99:f4:27:15:db:eb:a0:6a:a0:25:7f:c4:b1:68:d6: 35:b8:59:cc:c3:66:58:83:a9:3e:6f:a8:84:2f:06: 62:3e:8d:bf:e4:3c:33:c0:e7:62:bb:b6:b9:7f:fc: a6:f3:0f:5a:24:8f:c3:1f:ea:6a:29:20:6c:6b:4d: 3d:08:8b:71:a5:73:f5:ab:7b:29:19:15:3d:43:b1: 31:45:0d:44:1d:94:10:6e:8e:3a:2d:40:c1:db:8e: db:c9:d3:8e:d6:5a:21:f1:0e:9d:fc:30:6e:49:e7: d9:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:A4:E2:18:A2:BA:89:3E:DB:58:23:DC:E2:33:FD:A9:CA:93:00:2D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/297539b4-7a62-452c-952f-8f3d17400754.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.212.0.0/15 Signature Algorithm: sha256WithRSAEncryption 31:fb:7b:9f:dd:bd:16:6b:7b:7e:56:24:d5:4f:d6:0a:fa:b9: dd:02:ca:db:24:ad:90:3e:18:fb:0a:cc:5e:80:67:c9:a4:c8: 16:ea:d1:3f:0a:60:a1:d7:d7:e8:d1:d6:39:64:e6:34:81:3c: 8f:38:7b:8e:a4:ce:57:60:a0:6b:4d:64:6a:b9:41:80:61:24: 08:e6:c4:71:ee:37:5e:9d:28:9a:4b:53:70:7f:37:b0:3a:3a: f4:46:35:72:33:50:70:4a:91:a7:b0:ef:8d:f0:e4:ea:bc:39: 2f:96:3d:9a:c1:d9:1e:8c:ab:0b:e9:50:60:4a:08:13:19:b0: 33:ee:11:4e:1f:ca:3e:10:db:38:ed:7a:e1:bf:fa:4f:5a:9a: 15:b4:a1:4c:37:10:ad:9e:d8:2f:f7:db:b9:ab:08:41:a2:04: 28:b2:25:91:8d:1d:05:e9:af:c2:85:0b:5b:ea:23:e3:68:3c: 7f:ef:c9:2b:07:e9:95:1b:1f:4e:99:a4:89:39:ef:ab:32:52: 57:fb:42:46:96:ee:f2:00:3e:ba:a7:d4:eb:9a:67:3c:e8:a8: 3d:7b:cf:8b:bc:2f:6f:a6:f3:f4:6d:5d:0a:eb:b8:ee:59:32: 6d:0a:0f:f3:d5:8c:37:65:bd:76:de:5f:57:d0:4f:ec:2d:95: fa:c6:75:3e -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUbqAJKmjUmR29vGBmrRv8DT6AlfAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQxMTAwMDAwMFoX DTI0MDUxNjIzNTk1OVowejFJMEcGA1UEBRNAMDUwYjBkYmYxMDJjYWQ4MDA1MDUy ZGEwNDgxODQwMjExMDRhYjk2OTA4MWZiN2YxNTMwOGI4NTUyMThjN2IzMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/NK5SDyEiszf9zCz5aJratSQQ8J O2IaGObmlqILTSAxgyGUJ/gAks2UZGycn4sTmn3YCIAq+3IkoOIx8c6S2cW7ffKZ BRexPuCTv/Sefu6Pcyz6q1hLN2SDB5WY4KsZRDvo2I0pcsKKg0XbyYEAZltN1t2f TB4thvtZ5nEOpUxfp2tBFKoiPEasL5MuP0WM/+f2PyWZ9CcV2+ugaqAlf8SxaNY1 uFnMw2ZYg6k+b6iELwZiPo2/5DwzwOdiu7a5f/ym8w9aJI/DH+pqKSBsa009CItx pXP1q3spGRU9Q7ExRQ1EHZQQbo46LUDB247bydOO1loh8Q6d/DBuSefZHQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFBak4hiiuok+21gj3OIz/anKkwAtMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI5NzUzOWI0LTdhNjItNDUyYy05NTJmLThmM2QxNzQwMDc1NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK9QwDQYJKoZIhvcNAQELBQADggEBADH7e5/dvRZre35WJNVP1gr6 ud0CytskrZA+GPsKzF6AZ8mkyBbq0T8KYKHX1+jR1jlk5jSBPI84e46kzldgoGtN ZGq5QYBhJAjmxHHuN16dKJpLU3B/N7A6OvRGNXIzUHBKkaew743w5Oq8OS+WPZrB 2R6MqwvpUGBKCBMZsDPuEU4fyj4Q2zjteuG/+k9amhW0oUw3EK2e2C/327mrCEGi BCiyJZGNHQXpr8KFC1vqI+NoPH/vySsH6ZUbH06ZpIk576syUlf7QkaW7vIAPrqn 1OuaZzzoqD17z4u8L2+m8/RtXQrruO5ZMm0KD/PVjDdlvXbeX1fQT+wtlfrGdT4= -----END CERTIFICATE-----Generated at Fri May 3 00:27:26 2024 by rpki-client on console-fra.rpki-client.org