$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/378e4fe4-326c-4ab3-850f-d313975e272e.roa File: 378e4fe4-326c-4ab3-850f-d313975e272e.roa (raw, json) Hash identifier: eBoPNVyBk8/ig2O5zf2a2hoYByg31jjrNxzzAR+dR68= Subject key identifier: D0:81:9E:E4:00:34:47:F0:BE:FA:96:17:03:DE:75:AF:90:A3:B3:35 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 51E7E879DF995B1BD1F3D4758A28B3549DD79A2B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/378e4fe4-326c-4ab3-850f-d313975e272e.roa Signing time: Mon 08 Apr 2024 00:00:00 +0000 ROA not before: Mon 08 Apr 2024 00:00:00 +0000 ROA not after: Mon 13 May 2024 23:59:59 +0000 asID: 14618 IP address blocks: 203.83.220.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Apr 2024 00:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:e7:e8:79:df:99:5b:1b:d1:f3:d4:75:8a:28:b3:54:9d:d7:9a:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 8 00:00:00 2024 GMT Not After : May 13 23:59:59 2024 GMT Subject: serialNumber=a34e0b828daccebae1f04fc6c0c4e117df8169378e2f64e240ca40be3226d781, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:a2:72:ff:be:87:ee:52:8b:b1:a5:a9:98:d5: 9b:34:51:f3:ca:22:63:2d:ef:5f:87:ae:be:91:d7: 5c:25:74:06:b7:ba:20:f9:db:c0:af:de:96:a4:e6: 1d:68:26:ec:34:30:89:97:bf:09:66:55:6f:2e:36: d3:76:5b:ea:22:8a:a5:0c:d7:05:c4:e8:57:86:31: 7f:25:53:1c:1d:e9:83:47:5b:ac:13:48:12:b4:19: 8d:fd:a5:c2:f1:17:99:cc:92:5a:70:d8:75:be:e4: aa:63:01:2c:03:4d:07:1a:f1:19:68:f8:75:6a:2d: 89:26:b4:9c:c9:b5:48:ef:17:ee:4b:27:e4:fa:40: 89:7b:1f:10:8a:de:b7:72:d0:b7:a4:83:c5:19:55: ad:73:db:fe:dc:69:36:e6:bf:81:78:d3:82:15:a4: 72:bb:08:f7:cc:43:fb:3b:19:ef:1d:ea:58:10:87: 72:fd:53:83:fd:77:ff:74:bd:df:52:bb:a3:20:26: 9e:1a:6e:ad:62:75:49:13:51:2a:15:87:ae:fc:4d: fe:eb:f7:49:b3:20:4b:af:d7:85:51:b9:43:c4:3b: 6f:11:d2:b3:4c:a6:eb:d2:3a:48:be:d6:13:f0:c4: da:0f:d8:e0:d2:ea:86:db:1a:e7:09:fa:eb:1b:59: 0a:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:81:9E:E4:00:34:47:F0:BE:FA:96:17:03:DE:75:AF:90:A3:B3:35 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/378e4fe4-326c-4ab3-850f-d313975e272e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.83.220.0/22 Signature Algorithm: sha256WithRSAEncryption a7:39:df:11:cf:73:7b:a5:12:ea:17:6c:20:95:69:d7:6a:b4: ea:a3:4d:38:14:93:c5:ec:15:28:df:12:7e:14:82:a8:1d:18: 34:6a:31:1e:c0:fa:34:5f:48:22:5c:53:bc:07:ad:f5:68:b7: c2:38:a9:d9:32:ed:23:ec:16:49:d8:f0:48:45:de:84:14:18: 16:4b:8d:6f:73:0b:94:7a:ef:ee:05:0b:7b:8f:bf:3e:05:ee: 9e:d9:51:36:e3:61:8e:55:22:38:3e:db:79:39:8c:52:7f:04: c7:59:02:48:f1:31:16:24:10:68:87:cc:af:07:73:db:1b:48: 37:aa:65:d7:ef:23:27:8b:5b:e6:78:70:0f:f8:ee:2c:ff:73: 2c:d3:07:07:00:ec:04:1c:f9:fc:f4:8e:6c:e0:21:ec:09:e8: 36:a3:32:dd:23:be:0d:b2:d9:7a:59:8d:88:0f:50:04:0a:b2: 10:f3:5b:c4:4a:83:f0:97:a2:c6:57:91:da:7d:71:17:be:6a: 8c:32:90:13:79:5c:21:66:ce:fd:d1:65:0e:ea:26:33:c6:54: 11:52:fc:1d:41:6a:37:5f:2d:92:52:c1:b1:21:79:e6:fe:1f: ae:17:c8:70:c5:31:72:95:49:c2:4e:99:b8:00:4c:39:a2:33: 30:6f:2d:cd -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUUefoed+ZWxvR89R1iiizVJ3XmiswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwODAwMDAwMFoX DTI0MDUxMzIzNTk1OVowejFJMEcGA1UEBRNAYTM0ZTBiODI4ZGFjY2ViYWUxZjA0 ZmM2YzBjNGUxMTdkZjgxNjkzNzhlMmY2NGUyNDBjYTQwYmUzMjI2ZDc4MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKJy/76H7lKLsaWpmNWbNFHzyiJj Le9fh66+kddcJXQGt7og+dvAr96WpOYdaCbsNDCJl78JZlVvLjbTdlvqIoqlDNcF xOhXhjF/JVMcHemDR1usE0gStBmN/aXC8ReZzJJacNh1vuSqYwEsA00HGvEZaPh1 ai2JJrScybVI7xfuSyfk+kCJex8Qit63ctC3pIPFGVWtc9v+3Gk25r+BeNOCFaRy uwj3zEP7OxnvHepYEIdy/VOD/Xf/dL3fUrujICaeGm6tYnVJE1EqFYeu/E3+6/dJ syBLr9eFUblDxDtvEdKzTKbr0jpIvtYT8MTaD9jg0uqG2xrnCfrrG1kKgQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFNCBnuQANEfwvvqWFwPeda+Qo7M1MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM3OGU0ZmU0LTMyNmMtNGFiMy04NTBmLWQzMTM5NzVlMjcyZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCy1PcMA0GCSqGSIb3DQEBCwUAA4IBAQCnOd8Rz3N7pRLqF2wglWnX arTqo004FJPF7BUo3xJ+FIKoHRg0ajEewPo0X0giXFO8B631aLfCOKnZMu0j7BZJ 2PBIRd6EFBgWS41vcwuUeu/uBQt7j78+Be6e2VE242GOVSI4Ptt5OYxSfwTHWQJI 8TEWJBBoh8yvB3PbG0g3qmXX7yMni1vmeHAP+O4s/3Ms0wcHAOwEHPn89I5s4CHs Ceg2ozLdI74Nstl6WY2ID1AECrIQ81vESoPwl6LGV5HafXEXvmqMMpATeVwhZs79 0WUO6iYzxlQRUvwdQWo3Xy2SUsGxIXnm/h+uF8hwxTFylUnCTpm4AEw5ojMwby3N -----END CERTIFICATE-----Generated at Fri Apr 19 00:30:57 2024 by rpki-client on console-fra.rpki-client.org