$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/427017ca-fc05-4df1-9de8-dc6182848704.roa File: 427017ca-fc05-4df1-9de8-dc6182848704.roa (raw, json) Hash identifier: I/YdmmWZtUsaj91+hcdFCmzcCkckcL6mGFe9OguH+iE= Subject key identifier: A2:84:BD:D4:51:CA:CC:58:8E:B0:FE:AF:5D:BC:FC:0A:6E:0C:C9:27 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 21BB8B6D284402E14DADABE82CA8969748E42076 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/427017ca-fc05-4df1-9de8-dc6182848704.roa Signing time: Wed 17 Jul 2024 00:00:00 +0000 ROA not before: Wed 17 Jul 2024 00:00:00 +0000 ROA not after: Wed 21 Aug 2024 23:59:59 +0000 asID: 8987 IP address blocks: 43.198.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:bb:8b:6d:28:44:02:e1:4d:ad:ab:e8:2c:a8:96:97:48:e4:20:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 17 00:00:00 2024 GMT Not After : Aug 21 23:59:59 2024 GMT Subject: serialNumber=07df33af3bcd5f1350a4efb7fcd4006ad5c8c6275b656f0756466bec260a015f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:21:78:d7:e6:49:6f:82:31:0c:89:70:8b:16: 8f:a6:8c:9c:17:db:95:a6:66:3b:0a:76:32:d9:42: cc:3c:62:9a:6d:9c:9f:23:8d:53:eb:42:fa:0e:e1: 7d:6b:eb:2e:76:19:ac:19:ca:f8:c0:9a:0d:55:9b: 43:74:21:6e:6d:d7:a8:b9:65:c0:1b:84:55:cd:a3: 66:c2:d7:a8:c6:8d:31:a5:a8:32:2b:5d:3e:ae:cc: 0f:35:25:93:fd:21:78:01:84:b5:d6:60:b9:7f:e3: 5f:75:fc:bb:f5:3f:5f:5c:f7:b7:1a:52:82:f0:aa: 02:33:a7:92:17:df:ee:d3:c2:fb:43:cb:5c:93:21: c0:df:dd:bf:68:3e:39:f5:0f:d0:68:6b:80:21:87: ba:5e:7e:11:12:e4:a2:75:ad:64:d3:45:b5:17:0f: 1a:17:6e:1b:09:a3:f1:a4:2e:a9:dc:82:c6:16:2c: 7a:f0:37:d1:d0:a0:6f:d4:16:d2:2a:90:59:cb:23: 64:dd:0b:49:64:a1:fd:e9:77:5b:6f:ac:12:e9:c9: 9f:29:57:0e:78:60:c9:4a:8b:3a:14:08:89:1d:02: f9:bd:ba:1b:9c:29:66:09:2e:3c:37:db:ba:75:4f: 66:f8:db:eb:47:88:2d:31:a0:2d:3e:b0:7f:cf:36: 62:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:84:BD:D4:51:CA:CC:58:8E:B0:FE:AF:5D:BC:FC:0A:6E:0C:C9:27 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/427017ca-fc05-4df1-9de8-dc6182848704.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.198.0.0/15 Signature Algorithm: sha256WithRSAEncryption 54:15:07:fa:6e:eb:e2:35:01:43:07:65:98:90:ea:a4:dc:b7: d6:aa:31:8d:20:be:06:e2:2a:b5:f0:6b:aa:42:11:f0:d5:d1: 10:82:60:1e:b2:2a:ff:c8:ed:dd:89:80:3c:51:5c:75:68:28: 38:fe:4d:af:ac:1e:1b:fc:42:ac:a5:e0:b1:fa:44:bd:e6:eb: 97:2a:5e:2e:d6:a5:47:82:00:6f:3f:c0:e6:e3:6e:bb:07:ad: 02:9c:79:4f:70:b5:a4:d3:21:ae:31:03:46:92:7e:46:1d:1b: 37:93:d5:03:72:27:c5:c7:1e:7e:d6:f1:24:c3:98:39:77:75: fa:4c:38:bc:83:e1:66:21:ec:20:ab:23:24:24:68:14:40:e1: 85:39:1c:aa:36:f6:cd:41:a7:aa:69:23:f8:a2:81:a7:92:58: e0:89:a1:33:74:1a:cd:bb:18:71:41:ce:d9:0c:6c:19:0d:b7: 9f:40:f0:c3:60:57:5c:d2:bc:3e:af:79:ad:a6:41:f9:d9:30: 3b:52:cc:60:5b:63:a6:40:fd:5c:ab:8d:6c:c4:25:7b:b4:1e: d9:54:d2:14:78:6c:58:95:12:ef:4d:89:b3:51:d0:3c:a6:71: d1:e5:b0:2c:0b:ca:1c:9d:88:c8:e9:12:ea:08:12:2d:39:d7: 8a:7f:73:9a -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUIbuLbShEAuFNravoLKiWl0jkIHYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNzAwMDAwMFoX DTI0MDgyMTIzNTk1OVowejFJMEcGA1UEBRNAMDdkZjMzYWYzYmNkNWYxMzUwYTRl ZmI3ZmNkNDAwNmFkNWM4YzYyNzViNjU2ZjA3NTY0NjZiZWMyNjBhMDE1ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSF41+ZJb4IxDIlwixaPpoycF9uV pmY7CnYy2ULMPGKabZyfI41T60L6DuF9a+sudhmsGcr4wJoNVZtDdCFubdeouWXA G4RVzaNmwteoxo0xpagyK10+rswPNSWT/SF4AYS11mC5f+Nfdfy79T9fXPe3GlKC 8KoCM6eSF9/u08L7Q8tckyHA392/aD459Q/QaGuAIYe6Xn4REuSida1k00W1Fw8a F24bCaPxpC6p3ILGFix68DfR0KBv1BbSKpBZyyNk3QtJZKH96Xdbb6wS6cmfKVcO eGDJSos6FAiJHQL5vbobnClmCS48N9u6dU9m+NvrR4gtMaAtPrB/zzZiDwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFKKEvdRRysxYjrD+r128/ApuDMknMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQyNzAxN2NhLWZjMDUtNGRmMS05ZGU4LWRjNjE4Mjg0ODcwNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK8YwDQYJKoZIhvcNAQELBQADggEBAFQVB/pu6+I1AUMHZZiQ6qTc t9aqMY0gvgbiKrXwa6pCEfDV0RCCYB6yKv/I7d2JgDxRXHVoKDj+Ta+sHhv8Qqyl 4LH6RL3m65cqXi7WpUeCAG8/wObjbrsHrQKceU9wtaTTIa4xA0aSfkYdGzeT1QNy J8XHHn7W8STDmDl3dfpMOLyD4WYh7CCrIyQkaBRA4YU5HKo29s1Bp6ppI/iigaeS WOCJoTN0Gs27GHFBztkMbBkNt59A8MNgV1zSvD6vea2mQfnZMDtSzGBbY6ZA/Vyr jWzEJXu0HtlU0hR4bFiVEu9NibNR0DymcdHlsCwLyhydiMjpEuoIEi0514p/c5o= -----END CERTIFICATE-----Generated at Fri Jul 26 02:06:15 2024 by rpki-client on console-fra.rpki-client.org