$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa File: 32bf2c39-b536-43d0-b557-f68d8ee64091.roa (raw, json) Hash identifier: zU0uDCDMNbp8BXV4hW9md977Vm+6PRHNQHcbyZsmz4Q= Subject key identifier: 53:85:30:44:A2:AD:9D:6B:B9:AF:94:1C:2A:48:32:D5:48:25:E1:05 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 1D013F0AD48FAA8E6C069EA03E72F95FD74B9426 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa Signing time: Tue 30 Apr 2024 00:00:00 +0000 ROA not before: Tue 30 Apr 2024 00:00:00 +0000 ROA not after: Tue 04 Jun 2024 23:59:59 +0000 asID: 7224 IP address blocks: 159.248.128.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 15 May 2024 00:01:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:01:3f:0a:d4:8f:aa:8e:6c:06:9e:a0:3e:72:f9:5f:d7:4b:94:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Apr 30 00:00:00 2024 GMT Not After : Jun 4 23:59:59 2024 GMT Subject: serialNumber=4960b6134b51684b7f1d8a57021055a13b896208e954d456f02833e9b80d5f04, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:80:b1:36:c4:2a:dc:c4:ec:0a:d8:43:17:e0: b9:75:44:4f:eb:df:60:63:28:0f:22:ff:a4:5e:4f: bb:9c:63:44:31:b2:3e:c5:8e:76:96:7a:53:0b:6b: 1c:87:54:b2:44:50:50:31:87:aa:84:81:da:ca:8f: 8d:39:fe:5f:0e:ac:0e:e9:bc:2f:e5:5e:93:ae:43: d7:80:24:10:04:ff:e7:97:70:c8:03:03:b0:79:cc: 45:bf:39:63:b4:42:af:65:a7:48:c9:85:87:a5:aa: 59:b8:38:43:12:cf:db:a3:01:2c:1d:9a:e8:57:0c: b2:c9:a0:ee:98:b5:d1:4e:18:20:79:6e:ad:65:55: 9f:eb:4a:58:07:a4:c1:3c:31:17:b5:da:81:9e:61: b7:94:24:46:ac:60:d6:ee:ed:76:41:cc:88:aa:29: 05:de:5b:f5:ff:b9:0b:2f:b4:19:40:2a:9e:57:f7: f2:b6:a4:8f:80:0e:95:73:91:fd:69:1a:fd:b8:0a: 42:67:79:db:52:3d:27:e8:d9:44:df:97:e5:88:b6: 40:fb:61:f1:d9:6c:58:e8:31:e1:6d:d3:3e:86:3d: f0:df:16:27:c8:cc:7e:1b:bf:25:1b:d9:e8:e2:05: be:02:e7:a5:a5:9f:0f:4f:28:45:25:9d:ae:50:7e: ee:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:85:30:44:A2:AD:9D:6B:B9:AF:94:1C:2A:48:32:D5:48:25:E1:05 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32bf2c39-b536-43d0-b557-f68d8ee64091.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.128.0/22 Signature Algorithm: sha256WithRSAEncryption 45:54:80:de:cc:b5:1c:f4:f2:4b:79:01:2e:ef:cc:c3:dc:a0: 53:e1:39:31:86:23:71:c8:de:f6:1e:57:b9:bd:c9:21:2f:31: 2f:6c:a6:1e:f3:a0:9c:74:5e:6f:35:a8:fd:ba:8d:bc:6f:81: 4c:60:0a:38:37:53:71:87:1d:60:e8:35:7c:23:b4:33:ec:c5: f5:80:e8:50:5b:69:48:3d:e8:34:0b:c5:cc:e4:84:28:79:96: c6:12:c8:db:78:61:19:42:59:0b:10:85:95:ee:51:9f:fc:53: 39:23:0c:65:be:f3:d0:b1:6c:b8:8b:0b:b1:d5:2a:ed:ef:51: 75:28:91:7d:17:dd:d3:31:cf:a6:05:58:d8:cb:76:8d:ee:33: d2:3e:9f:f4:29:ce:47:5d:39:c7:0e:98:8e:10:d4:f8:51:76: c7:f5:5d:1b:00:0d:30:ce:96:9c:93:44:d9:ad:f7:2b:8f:f7: c6:d3:b1:d4:ae:b6:b2:e8:4d:cb:a3:0a:a7:dc:15:b5:6d:70: 7c:a6:e4:1f:3e:50:56:11:f9:e4:bd:f8:51:39:03:ef:ce:9b: e4:76:fa:cc:72:60:54:27:a5:4d:b6:1b:e4:d1:3f:11:0c:c1: 77:72:ae:02:72:18:28:a8:df:2d:a4:84:ac:96:ae:4a:dc:5b: 03:fb:b9:1c -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUHQE/CtSPqo5sBp6gPnL5X9dLlCYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI0MDQzMDAwMDAwMFoX DTI0MDYwNDIzNTk1OVowejFJMEcGA1UEBRNANDk2MGI2MTM0YjUxNjg0YjdmMWQ4 YTU3MDIxMDU1YTEzYjg5NjIwOGU5NTRkNDU2ZjAyODMzZTliODBkNWYwNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4CxNsQq3MTsCthDF+C5dURP699g YygPIv+kXk+7nGNEMbI+xY52lnpTC2sch1SyRFBQMYeqhIHayo+NOf5fDqwO6bwv 5V6TrkPXgCQQBP/nl3DIAwOwecxFvzljtEKvZadIyYWHpapZuDhDEs/bowEsHZro VwyyyaDumLXRThggeW6tZVWf60pYB6TBPDEXtdqBnmG3lCRGrGDW7u12QcyIqikF 3lv1/7kLL7QZQCqeV/fytqSPgA6Vc5H9aRr9uApCZ3nbUj0n6NlE35fliLZA+2Hx 2WxY6DHhbdM+hj3w3xYnyMx+G78lG9no4gW+AuelpZ8PTyhFJZ2uUH7utQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFFOFMESirZ1rua+UHCpIMtVIJeEFMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMyYmYyYzM5LWI1MzYtNDNkMC1iNTU3LWY2OGQ4ZWU2NDA5MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCn/iAMA0GCSqGSIb3DQEBCwUAA4IBAQBFVIDezLUc9PJLeQEu78zD 3KBT4TkxhiNxyN72Hle5vckhLzEvbKYe86CcdF5vNaj9uo28b4FMYAo4N1Nxhx1g 6DV8I7Qz7MX1gOhQW2lIPeg0C8XM5IQoeZbGEsjbeGEZQlkLEIWV7lGf/FM5Iwxl vvPQsWy4iwux1Srt71F1KJF9F93TMc+mBVjYy3aN7jPSPp/0Kc5HXTnHDpiOENT4 UXbH9V0bAA0wzpack0TZrfcrj/fG07HUrray6E3Lowqn3BW1bXB8puQfPlBWEfnk vfhROQPvzpvkdvrMcmBUJ6VNthvk0T8RDMF3cq4CchgoqN8tpISslq5K3FsD+7kc -----END CERTIFICATE-----Generated at Sat May 11 01:27:50 2024 by rpki-client on console-ams.rpki-client.org