$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/427017ca-fc05-4df1-9de8-dc6182848704.roa File: 427017ca-fc05-4df1-9de8-dc6182848704.roa (raw, json) Hash identifier: y5r7lNAnv+HFW6Uek36b5P9PEBlB2GStZIUbwAEtcd0= Subject key identifier: 34:E3:B9:5F:91:86:ED:37:89:87:24:00:15:F5:FC:38:6D:8A:B0:C6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0D30639D407D5F1B7C6F0314FCF1EFE7E490E5B5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/427017ca-fc05-4df1-9de8-dc6182848704.roa Signing time: Mon 08 Apr 2024 00:00:00 +0000 ROA not before: Mon 08 Apr 2024 00:00:00 +0000 ROA not after: Mon 13 May 2024 23:59:59 +0000 asID: 8987 IP address blocks: 43.198.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Apr 2024 00:00:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:30:63:9d:40:7d:5f:1b:7c:6f:03:14:fc:f1:ef:e7:e4:90:e5:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 8 00:00:00 2024 GMT Not After : May 13 23:59:59 2024 GMT Subject: serialNumber=a8069e75c3b9d6236e0ddf3acef4676a4ae66274e12a0a792273ddd5ef9faa35, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:74:df:6e:90:c4:43:1a:eb:4e:a8:cb:6c:33: 99:69:00:ea:98:a4:36:ef:e7:2f:6e:30:62:b4:e2: ae:fa:a3:84:9d:b3:da:fe:4c:06:80:69:ee:aa:97: fe:0c:4e:3a:64:98:0b:f9:24:5e:83:70:52:2e:3f: 13:98:06:cd:89:a2:4d:ed:b2:33:21:39:f4:89:67: 2c:b9:a6:42:84:45:ff:37:23:7e:77:a1:15:cb:0e: 75:88:35:2e:c3:bb:65:4c:6f:14:4e:06:7a:a9:b2: ed:96:71:5c:3f:88:50:8a:14:5f:d9:9c:a0:64:87: e7:1c:83:ac:e1:9f:02:53:ee:8a:d8:46:a2:4b:ad: 95:4d:64:25:6a:cb:c2:3a:67:ac:c7:57:6f:e9:86: d1:8f:ce:4c:2a:dd:ff:16:4a:f9:d1:4c:24:a8:60: 2b:93:be:94:46:96:78:17:40:8e:12:32:99:2b:a9: 68:0d:d6:e6:79:87:40:37:f7:14:f5:0c:2e:68:3e: bd:9c:35:09:f6:06:7e:12:33:56:46:a8:89:a9:db: 42:0d:63:ae:ec:a3:f2:d8:1d:ee:96:27:98:f8:34: 32:a9:5b:59:d6:0e:01:ac:88:8a:16:d5:c8:3a:5a: bc:b1:03:55:48:9a:b9:dc:e8:06:eb:3c:fe:f7:aa: 65:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:E3:B9:5F:91:86:ED:37:89:87:24:00:15:F5:FC:38:6D:8A:B0:C6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/427017ca-fc05-4df1-9de8-dc6182848704.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.198.0.0/15 Signature Algorithm: sha256WithRSAEncryption b8:5e:bf:a5:a7:da:52:fd:e0:bd:6c:6a:3d:8a:8b:e3:15:2f: 24:52:50:a6:21:2b:12:42:21:da:bb:0d:d0:1e:4b:68:42:d7: a5:13:76:89:21:31:1c:76:50:c3:a1:b7:c0:f7:dc:e1:e4:d5: 13:80:63:a4:5e:b9:c8:ea:45:76:68:43:e9:73:bd:cc:ab:be: fd:d1:54:af:59:54:e0:90:42:75:21:91:0d:a8:ba:3e:9a:a8: 81:88:d7:06:37:56:74:7d:56:bc:9c:76:24:c1:8c:cc:4d:f0: 6a:09:05:7c:30:f1:27:ee:29:42:8d:0a:29:67:de:b5:fb:c1: d3:94:b1:69:a8:0b:37:d3:70:cf:ec:9f:86:00:0b:f2:46:40: 27:27:9c:ef:7a:2d:9f:81:38:e2:e7:13:b3:d9:60:0c:39:d2: 9a:4f:fb:7d:c7:40:ff:59:28:b1:01:aa:3a:0e:d4:0b:31:7e: fe:96:4f:a8:33:fc:03:c6:b0:9c:32:16:0a:63:0b:eb:af:7a: 94:2a:c6:8d:ba:29:28:ef:fc:86:b4:f1:26:4f:f2:3f:73:61: 3c:91:50:98:97:40:fd:66:49:12:1c:96:0e:ac:5c:01:8c:c8: 6e:ee:4f:d2:bc:09:d0:eb:be:a3:63:ef:6c:d6:bf:97:32:5b: e6:48:fb:96 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUDTBjnUB9Xxt8bwMU/PHv5+SQ5bUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwODAwMDAwMFoX DTI0MDUxMzIzNTk1OVowejFJMEcGA1UEBRNAYTgwNjllNzVjM2I5ZDYyMzZlMGRk ZjNhY2VmNDY3NmE0YWU2NjI3NGUxMmEwYTc5MjI3M2RkZDVlZjlmYWEzNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnTfbpDEQxrrTqjLbDOZaQDqmKQ2 7+cvbjBitOKu+qOEnbPa/kwGgGnuqpf+DE46ZJgL+SReg3BSLj8TmAbNiaJN7bIz ITn0iWcsuaZChEX/NyN+d6EVyw51iDUuw7tlTG8UTgZ6qbLtlnFcP4hQihRf2Zyg ZIfnHIOs4Z8CU+6K2EaiS62VTWQlasvCOmesx1dv6YbRj85MKt3/Fkr50UwkqGAr k76URpZ4F0COEjKZK6loDdbmeYdAN/cU9QwuaD69nDUJ9gZ+EjNWRqiJqdtCDWOu 7KPy2B3ulieY+DQyqVtZ1g4BrIiKFtXIOlq8sQNVSJq53OgG6zz+96plVwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFDTjuV+Rhu03iYckABX1/DhtirDGMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQyNzAxN2NhLWZjMDUtNGRmMS05ZGU4LWRjNjE4Mjg0ODcwNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK8YwDQYJKoZIhvcNAQELBQADggEBALhev6Wn2lL94L1saj2Ki+MV LyRSUKYhKxJCIdq7DdAeS2hC16UTdokhMRx2UMOht8D33OHk1ROAY6ReucjqRXZo Q+lzvcyrvv3RVK9ZVOCQQnUhkQ2ouj6aqIGI1wY3VnR9VrycdiTBjMxN8GoJBXww 8SfuKUKNCiln3rX7wdOUsWmoCzfTcM/sn4YAC/JGQCcnnO96LZ+BOOLnE7PZYAw5 0ppP+33HQP9ZKLEBqjoO1Asxfv6WT6gz/APGsJwyFgpjC+uvepQqxo26KSjv/Ia0 8SZP8j9zYTyRUJiXQP1mSRIclg6sXAGMyG7uT9K8CdDrvqNj72zWv5cyW+ZI+5Y= -----END CERTIFICATE-----Generated at Sat Apr 20 01:07:31 2024 by rpki-client on console-ams.rpki-client.org