$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa File: 32bf2c39-b536-43d0-b557-f68d8ee64091.roa (raw, json) Hash identifier: lSL09CTuEjJVCWbuFw6w955v5NIV/x259aYCRRUj0r8= Subject key identifier: DA:7A:95:E1:83:9D:C3:E9:0A:07:8F:B7:2F:29:37:DD:E2:34:EF:87 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 02020D25355966E227BFF26BC2A218CA9AF9127A Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa Signing time: Mon 15 Jul 2024 00:00:00 +0000 ROA not before: Mon 15 Jul 2024 00:00:00 +0000 ROA not after: Mon 19 Aug 2024 23:59:59 +0000 asID: 7224 IP address blocks: 159.248.128.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:01:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:02:0d:25:35:59:66:e2:27:bf:f2:6b:c2:a2:18:ca:9a:f9:12:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Jul 15 00:00:00 2024 GMT Not After : Aug 19 23:59:59 2024 GMT Subject: serialNumber=f9a02e1a188d0aa8c4ccf9cf8393c01fe2c4d58276f2ba3c3780ec78dfc2c5c9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:a6:90:6c:a3:7c:c5:03:fd:fa:0d:22:ca:53: 19:f0:94:5b:d6:1a:41:d9:84:cd:eb:e0:ae:16:77: 20:4f:a1:ff:06:af:c8:a6:0b:8d:88:27:7d:eb:39: 5e:ae:fc:b2:21:31:d6:a6:e9:2c:d3:0f:36:13:91: 05:23:cd:c3:4e:00:30:94:63:e8:e9:1b:ef:76:27: 7a:bf:b7:4e:b5:87:1c:2e:32:87:c4:6b:47:5d:14: 12:c1:b3:d3:c1:b1:6f:3f:8b:9a:b3:10:48:6b:09: 85:07:78:00:d5:a7:44:33:a5:db:6c:6a:2c:31:e6: dc:bb:ac:d9:bd:9d:3c:be:e7:64:79:35:3c:fc:84: 3d:50:c7:4f:64:71:be:42:f4:09:0a:d2:e2:ba:62: 87:a3:62:c8:d2:dd:b4:07:a4:d8:2f:a8:be:a4:e4: 63:3c:f0:ea:6d:20:4a:97:90:74:29:e2:99:4e:d3: 38:34:bd:7a:9c:3e:f5:74:0a:8e:38:5d:bf:f8:e5: 23:22:44:86:e4:a2:c8:2b:81:6e:88:95:37:5d:21: 65:8c:d0:3d:40:99:56:fd:22:16:9c:3d:68:23:3e: 2e:77:ac:20:9a:b4:bb:17:bd:f2:8a:a8:92:a2:7e: 07:6d:9a:19:48:6f:8a:3a:87:d8:6e:e5:3f:26:49: ee:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:7A:95:E1:83:9D:C3:E9:0A:07:8F:B7:2F:29:37:DD:E2:34:EF:87 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.128.0/22 Signature Algorithm: sha256WithRSAEncryption 0c:17:53:4f:93:34:82:1e:ba:3f:e7:98:e0:fe:9a:df:1e:1c: 19:19:13:34:eb:4d:fb:0a:d3:40:96:b0:6a:a1:5e:ba:da:c1: 2b:ed:e6:2c:ac:3f:bb:f4:31:82:48:be:72:c9:3b:ee:61:50: c5:99:5c:23:8a:30:71:67:2b:35:c3:b1:04:76:52:f5:65:67: 91:57:02:3c:62:31:c2:e7:52:10:3a:69:6d:9d:ac:e6:14:91: 77:ee:f7:3a:fa:a6:1d:27:03:67:3d:56:3b:b0:5d:7a:b1:68: 16:dc:e7:fd:c1:88:71:e0:80:44:5a:c2:9d:5a:a6:53:76:09: 91:ca:24:36:03:e0:b8:6f:73:f3:cc:83:9a:62:7f:9f:5b:24: df:99:01:cb:19:7d:09:c1:27:7d:81:fd:6e:44:81:87:b6:26: 0a:9c:e9:2a:00:6e:2b:b6:61:f3:19:91:b9:ab:4a:63:a5:b2: d7:29:67:af:ce:99:44:8a:24:26:9c:1a:56:d9:78:c9:c9:34: d5:df:d4:b9:2e:b6:f8:37:33:1d:e8:45:ce:2b:1f:99:d2:4d: a3:f7:59:48:fc:22:f0:5a:76:c4:b3:82:1f:91:73:d2:f2:06: ad:41:81:70:aa:12:f5:a6:73:7d:8c:48:86:98:6b:77:95:ec: 87:16:8c:70 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUAgINJTVZZuInv/JrwqIYypr5EnowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI0MDcxNTAwMDAwMFoX DTI0MDgxOTIzNTk1OVowejFJMEcGA1UEBRNAZjlhMDJlMWExODhkMGFhOGM0Y2Nm OWNmODM5M2MwMWZlMmM0ZDU4Mjc2ZjJiYTNjMzc4MGVjNzhkZmMyYzVjOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6aQbKN8xQP9+g0iylMZ8JRb1hpB 2YTN6+CuFncgT6H/Bq/IpguNiCd96zlervyyITHWpuks0w82E5EFI83DTgAwlGPo 6Rvvdid6v7dOtYccLjKHxGtHXRQSwbPTwbFvP4uasxBIawmFB3gA1adEM6XbbGos Mebcu6zZvZ08vudkeTU8/IQ9UMdPZHG+QvQJCtLiumKHo2LI0t20B6TYL6i+pORj PPDqbSBKl5B0KeKZTtM4NL16nD71dAqOOF2/+OUjIkSG5KLIK4FuiJU3XSFljNA9 QJlW/SIWnD1oIz4ud6wgmrS7F73yiqiSon4HbZoZSG+KOofYbuU/JknuswIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFNp6leGDncPpCgePty8pN93iNO+HMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMyYmYyYzM5LWI1MzYtNDNkMC1iNTU3LWY2OGQ4ZWU2NDA5MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCn/iAMA0GCSqGSIb3DQEBCwUAA4IBAQAMF1NPkzSCHro/55jg/prf HhwZGRM06037CtNAlrBqoV662sEr7eYsrD+79DGCSL5yyTvuYVDFmVwjijBxZys1 w7EEdlL1ZWeRVwI8YjHC51IQOmltnazmFJF37vc6+qYdJwNnPVY7sF16sWgW3Of9 wYhx4IBEWsKdWqZTdgmRyiQ2A+C4b3PzzIOaYn+fWyTfmQHLGX0JwSd9gf1uRIGH tiYKnOkqAG4rtmHzGZG5q0pjpbLXKWevzplEiiQmnBpW2XjJyTTV39S5Lrb4NzMd 6EXOKx+Z0k2j91lI/CLwWnbEs4IfkXPS8gatQYFwqhL1pnN9jEiGmGt3leyHFoxw -----END CERTIFICATE-----Generated at Fri Jul 26 02:06:15 2024 by rpki-client on console-fra.rpki-client.org