$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/378e4fe4-326c-4ab3-850f-d313975e272e.roa File: 378e4fe4-326c-4ab3-850f-d313975e272e.roa (raw, json) Hash identifier: twJuuzvzBL0I+XOY8yu+3LhuNvJvMlnynNLFLkZM7go= Subject key identifier: 89:5A:7F:9B:99:14:40:5B:5B:9C:48:43:0D:60:6E:B6:B5:8F:35:88 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6A99964AC15AC7381C2B12D29C35A2E5B8A5CABC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/378e4fe4-326c-4ab3-850f-d313975e272e.roa Signing time: Wed 17 Jul 2024 00:00:00 +0000 ROA not before: Wed 17 Jul 2024 00:00:00 +0000 ROA not after: Wed 21 Aug 2024 23:59:59 +0000 asID: 14618 IP address blocks: 203.83.220.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:99:96:4a:c1:5a:c7:38:1c:2b:12:d2:9c:35:a2:e5:b8:a5:ca:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 17 00:00:00 2024 GMT Not After : Aug 21 23:59:59 2024 GMT Subject: serialNumber=b8d178ced4b36bce73ca3180ad84720c18fa1c339a928457101ba21657e8614c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:2e:63:e7:de:30:af:89:c1:1a:06:75:83:2a: 1e:1b:4e:e9:49:6c:b7:f1:15:22:54:b8:f7:74:41: f2:28:69:53:8e:3c:7a:c3:63:20:db:95:d7:01:d1: 6c:98:43:4c:c1:4e:6a:7e:17:0f:0c:96:f1:5c:04: f9:30:ef:76:24:4d:f7:86:d7:c5:13:29:f3:6d:89: a8:14:ea:cb:77:9c:c0:84:14:29:be:97:86:e8:f1: 30:65:b0:5a:ec:bf:4c:31:00:29:d1:ad:e7:22:7c: 26:11:ea:c3:ec:64:94:e0:a4:4e:c7:d1:dc:51:9b: 09:cc:e5:93:ef:c0:25:b5:1e:18:81:d9:30:1f:46: 4f:2b:43:ca:96:d6:33:04:4d:aa:23:42:ce:37:e1: 8e:1c:65:d6:b1:58:d0:85:a2:34:f4:7d:0b:d3:80: f3:8e:ac:5a:1f:91:dc:ea:6a:35:40:06:9e:86:0e: 6d:dc:4a:2b:50:3d:d5:d1:5d:af:85:c1:e1:be:29: 16:7f:9f:d1:f0:76:6c:eb:a1:df:31:39:62:dd:3a: 57:b5:b7:99:c1:b3:37:0f:b2:a1:cf:e4:f7:16:14: b4:6d:e5:43:44:9c:9e:64:e5:cd:68:6c:4a:0a:e4: e7:29:1c:63:d2:ca:2a:8d:6d:0c:37:cf:09:6e:32: 5b:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:5A:7F:9B:99:14:40:5B:5B:9C:48:43:0D:60:6E:B6:B5:8F:35:88 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/378e4fe4-326c-4ab3-850f-d313975e272e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.83.220.0/22 Signature Algorithm: sha256WithRSAEncryption a7:ac:1c:8c:17:99:9e:fb:a6:80:de:97:49:de:03:ce:b9:79: 5f:ee:3a:19:c0:1f:90:bc:36:ba:8d:34:56:ce:99:64:ee:11: c9:61:7f:91:4a:80:5d:f2:30:99:10:96:92:31:01:f8:d6:f3: 6a:a7:94:6b:8b:cb:0a:74:79:e3:5f:dd:e5:ee:b4:69:63:5a: b4:d3:f3:a0:9a:0f:84:02:d7:98:0e:08:3d:9e:92:94:3b:e8: 7e:c2:26:00:9d:ef:73:f3:e2:7f:20:f8:29:77:55:fd:e1:6b: 27:43:fa:17:f8:3c:a2:83:ef:40:7c:1e:04:be:9e:7e:89:ca: 81:4b:b9:42:4a:3b:3b:fe:c0:6a:6d:b8:ea:3f:c9:da:5f:eb: 5b:9f:80:c7:f0:2f:75:16:f4:e1:51:54:6a:65:17:d7:c2:f2: 13:c5:22:fa:bf:c8:51:4e:7f:93:e4:1f:31:da:94:7e:d9:d8: 95:af:1d:ad:a6:94:87:f2:06:c3:2f:93:c0:f8:5c:d2:aa:4b: 2f:7d:d0:6b:c6:8a:a5:67:86:98:90:f6:e8:95:64:48:ca:21: 92:39:51:2e:c5:c6:f0:fd:04:f5:cf:d4:04:28:25:35:7d:41: 9a:61:f7:e6:04:38:20:d3:91:e9:cc:c0:a8:4e:77:71:c5:bb: 10:a1:d3:c0 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUapmWSsFaxzgcKxLSnDWi5bilyrwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNzAwMDAwMFoX DTI0MDgyMTIzNTk1OVowejFJMEcGA1UEBRNAYjhkMTc4Y2VkNGIzNmJjZTczY2Ez MTgwYWQ4NDcyMGMxOGZhMWMzMzlhOTI4NDU3MTAxYmEyMTY1N2U4NjE0YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAry5j594wr4nBGgZ1gyoeG07pSWy3 8RUiVLj3dEHyKGlTjjx6w2Mg25XXAdFsmENMwU5qfhcPDJbxXAT5MO92JE33htfF EynzbYmoFOrLd5zAhBQpvpeG6PEwZbBa7L9MMQAp0a3nInwmEerD7GSU4KROx9Hc UZsJzOWT78AltR4YgdkwH0ZPK0PKltYzBE2qI0LON+GOHGXWsVjQhaI09H0L04Dz jqxaH5Hc6mo1QAaehg5t3EorUD3V0V2vhcHhvikWf5/R8HZs66HfMTli3TpXtbeZ wbM3D7Khz+T3FhS0beVDRJyeZOXNaGxKCuTnKRxj0soqjW0MN88JbjJbRQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFIlaf5uZFEBbW5xIQw1gbra1jzWIMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM3OGU0ZmU0LTMyNmMtNGFiMy04NTBmLWQzMTM5NzVlMjcyZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCy1PcMA0GCSqGSIb3DQEBCwUAA4IBAQCnrByMF5me+6aA3pdJ3gPO uXlf7joZwB+QvDa6jTRWzplk7hHJYX+RSoBd8jCZEJaSMQH41vNqp5Rri8sKdHnj X93l7rRpY1q00/Ogmg+EAteYDgg9npKUO+h+wiYAne9z8+J/IPgpd1X94WsnQ/oX +Dyig+9AfB4Evp5+icqBS7lCSjs7/sBqbbjqP8naX+tbn4DH8C91FvThUVRqZRfX wvITxSL6v8hRTn+T5B8x2pR+2diVrx2tppSH8gbDL5PA+FzSqksvfdBrxoqlZ4aY kPbolWRIyiGSOVEuxcbw/QT1z9QEKCU1fUGaYffmBDgg05HpzMCoTndxxbsQodPA -----END CERTIFICATE-----Generated at Fri Jul 26 01:58:40 2024 by rpki-client on console-ams.rpki-client.org