$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35dfb33f-b7b9-4028-af5b-c36bf54a49e8.roa File: 35dfb33f-b7b9-4028-af5b-c36bf54a49e8.roa (raw, json) Hash identifier: gIaOc0vxzFLKd4MKGSswJyRJyr+etBqaMSxKwIZrbJk= Subject key identifier: 70:0D:54:AE:24:E3:F9:AC:A0:79:3D:17:21:18:9F:C6:84:9F:E8:AA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6D76682094411C27675E30D703EB5F626BDA8138 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35dfb33f-b7b9-4028-af5b-c36bf54a49e8.roa Signing time: Fri 03 May 2024 00:00:00 +0000 ROA not before: Fri 03 May 2024 00:00:00 +0000 ROA not after: Fri 07 Jun 2024 23:59:59 +0000 asID: 16509 IP address blocks: 43.200.0.0/13 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 14 May 2024 15:22:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:76:68:20:94:41:1c:27:67:5e:30:d7:03:eb:5f:62:6b:da:81:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 3 00:00:00 2024 GMT Not After : Jun 7 23:59:59 2024 GMT Subject: serialNumber=29f3fd6c29c92b7a83db7ba3fdfead61dada62a0db3a9d8653cb2bdc30addaf1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:6b:b9:93:02:d5:37:a6:eb:b1:14:9e:8d:9d: ed:32:7d:d7:52:5b:60:4e:c3:6a:72:0b:6d:bf:aa: 1f:e2:43:3c:48:6e:55:15:1a:39:5e:e6:db:78:eb: 52:1c:9c:b2:53:69:1b:c7:46:87:3a:ad:60:f6:71: 3c:e4:85:d6:45:18:10:b0:f0:9d:ea:33:22:c8:a6: 21:d2:e3:0f:97:f6:e4:9a:04:95:da:f3:14:bf:fc: ed:4b:bc:6e:23:8c:fe:32:4a:40:ef:da:ea:d7:95: 8d:6d:06:f2:57:24:b1:6f:38:02:5b:ab:2c:19:20: ba:15:94:83:b5:34:fd:5f:e1:43:27:d8:09:f3:48: 65:b3:31:99:74:17:e7:b1:b4:54:d8:8a:09:59:75: b8:d4:40:a8:0c:57:f6:44:c4:3d:33:e9:5f:87:d5: d0:84:38:90:47:e0:4c:86:69:97:5e:77:4c:31:85: 08:70:d6:8a:9e:ae:3f:7e:10:6c:a1:6f:b4:0f:c2: 52:4e:b6:05:7e:a5:6d:5e:d9:04:fc:b5:2b:a9:49: f0:50:ac:08:61:2a:3d:91:ad:55:eb:d7:c9:e1:5d: f1:ad:c3:e7:4e:f7:e4:8d:21:e4:27:3c:c2:e3:6a: 3d:c6:ba:80:6e:7c:07:1a:d8:03:ba:e2:59:a3:57: df:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:0D:54:AE:24:E3:F9:AC:A0:79:3D:17:21:18:9F:C6:84:9F:E8:AA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35dfb33f-b7b9-4028-af5b-c36bf54a49e8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.200.0.0/13 Signature Algorithm: sha256WithRSAEncryption 0f:23:5a:b1:bf:a7:ba:ef:c5:4e:1b:8b:81:f1:c9:cd:96:39: 65:64:2a:80:c6:78:64:aa:cc:83:9c:1d:c5:fd:d7:99:e6:eb: 1d:cf:31:b2:df:ae:d9:67:48:ac:c4:70:bd:97:77:18:85:d3: 92:ab:e7:85:7a:11:4f:95:f3:54:ad:58:e5:41:04:79:0d:57: 4f:87:51:85:20:83:cb:4b:df:ed:92:f1:05:94:89:b0:89:0b: fa:dd:37:c3:f0:9a:8b:76:f4:c8:1e:c5:ed:c5:ae:bf:da:a8: e0:d9:fd:c5:8f:0c:8d:40:de:de:18:59:49:09:1a:74:70:e0: f3:03:6d:64:08:cb:8e:ae:5c:cc:f9:a6:d1:ed:6d:76:50:df: 42:9d:3b:71:13:8a:f0:fc:54:2a:4e:7e:37:a8:37:1c:70:73: 1a:c6:37:23:7b:87:f0:0b:68:bf:c7:43:98:09:36:ea:e8:d9: 04:5f:4c:27:06:36:e0:9a:fd:fd:38:93:53:e7:d1:7a:fc:98: 0e:35:ec:72:41:51:58:85:e2:49:cc:ad:c9:c1:fe:69:47:c1: 66:af:b6:39:54:9f:bf:91:d0:3d:35:7a:be:8d:f9:be:50:1b: aa:b3:41:ba:75:3b:31:f0:31:68:bb:f2:1c:69:e7:7a:15:ef: c0:05:aa:12 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUbXZoIJRBHCdnXjDXA+tfYmvagTgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUwMzAwMDAwMFoX DTI0MDYwNzIzNTk1OVowejFJMEcGA1UEBRNAMjlmM2ZkNmMyOWM5MmI3YTgzZGI3 YmEzZmRmZWFkNjFkYWRhNjJhMGRiM2E5ZDg2NTNjYjJiZGMzMGFkZGFmMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2u5kwLVN6brsRSejZ3tMn3XUltg TsNqcgttv6of4kM8SG5VFRo5XubbeOtSHJyyU2kbx0aHOq1g9nE85IXWRRgQsPCd 6jMiyKYh0uMPl/bkmgSV2vMUv/ztS7xuI4z+MkpA79rq15WNbQbyVySxbzgCW6ss GSC6FZSDtTT9X+FDJ9gJ80hlszGZdBfnsbRU2IoJWXW41ECoDFf2RMQ9M+lfh9XQ hDiQR+BMhmmXXndMMYUIcNaKnq4/fhBsoW+0D8JSTrYFfqVtXtkE/LUrqUnwUKwI YSo9ka1V69fJ4V3xrcPnTvfkjSHkJzzC42o9xrqAbnwHGtgDuuJZo1ffIwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFHANVK4k4/msoHk9FyEYn8aEn+iqMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM1ZGZiMzNmLWI3YjktNDAyOC1hZjViLWMzNmJmNTRhNDllOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMDK8gwDQYJKoZIhvcNAQELBQADggEBAA8jWrG/p7rvxU4bi4Hxyc2W OWVkKoDGeGSqzIOcHcX915nm6x3PMbLfrtlnSKzEcL2XdxiF05Kr54V6EU+V81St WOVBBHkNV0+HUYUgg8tL3+2S8QWUibCJC/rdN8Pwmot29Mgexe3Frr/aqODZ/cWP DI1A3t4YWUkJGnRw4PMDbWQIy46uXMz5ptHtbXZQ30KdO3ETivD8VCpOfjeoNxxw cxrGNyN7h/ALaL/HQ5gJNuro2QRfTCcGNuCa/f04k1Pn0Xr8mA417HJBUViF4knM rcnB/mlHwWavtjlUn7+R0D01er6N+b5QG6qzQbp1OzHwMWi78hxp53oV78AFqhI= -----END CERTIFICATE-----Generated at Sat May 11 01:27:50 2024 by rpki-client on console-ams.rpki-client.org