$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4dd57872-4286-4ae3-96b4-e36652d55044.roa File: 4dd57872-4286-4ae3-96b4-e36652d55044.roa (raw, json) Hash identifier: Y9z94eWpQ/y9+oq/HkdsGmLwc9r1U5fsM2f63nWltDI= Subject key identifier: D8:70:6E:A1:7A:9A:D4:DD:12:A1:39:0F:A2:C8:BC:6E:2D:E7:0C:B6 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 5347C200BD0E2DF49AA9001AA506BCA6FF610D3A Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4dd57872-4286-4ae3-96b4-e36652d55044.roa Signing time: Wed 08 May 2024 00:00:00 +0000 ROA not before: Wed 08 May 2024 00:00:00 +0000 ROA not after: Wed 12 Jun 2024 23:59:59 +0000 asID: 8987 IP address blocks: 160.235.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 13 May 2024 00:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:47:c2:00:bd:0e:2d:f4:9a:a9:00:1a:a5:06:bc:a6:ff:61:0d:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: May 8 00:00:00 2024 GMT Not After : Jun 12 23:59:59 2024 GMT Subject: serialNumber=7c64a697c7cbabc2bcb1624d343cc3f5d691e8425440217619ce4700d833846e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:0d:bd:9d:f7:7e:4f:60:0c:82:38:5c:bd:83: 86:60:59:43:a6:85:4e:d6:0e:01:de:86:30:6c:1b: 81:5d:f0:db:53:32:54:bd:a9:37:7b:b1:60:60:a0: 64:59:fa:97:e5:8e:d3:a4:9a:52:17:49:5f:e2:f9: da:12:67:f0:83:1e:34:f7:df:c6:28:1e:e1:c0:d6: a6:8f:00:75:66:ec:e5:bf:a4:f1:38:b4:61:74:b5: 05:6b:81:b0:6b:fa:d7:de:64:80:98:ad:12:5f:a5: 4f:41:31:ad:78:8e:18:5c:c7:4f:4f:7e:13:02:a2: e3:38:56:4a:38:09:82:50:26:03:a3:de:3c:fa:52: 96:cb:4c:f0:b2:d0:04:be:24:67:22:c2:48:00:1e: d4:9d:98:b5:61:fd:59:94:d9:68:d9:8d:94:4e:34: c1:81:05:3c:fc:64:0a:ca:da:cb:40:d0:58:9e:d2: 0a:5d:1a:b8:97:55:cf:61:1e:3b:68:94:69:0f:bf: 06:11:0c:a1:8e:e9:e3:9c:d2:c6:7d:31:68:33:d3: ab:0c:07:b9:69:7d:b9:53:92:9e:cc:8e:83:d4:f8: 49:ba:14:12:5f:1a:33:5c:46:44:56:39:2d:31:6b: 99:2e:92:5b:51:f2:14:41:67:2e:82:58:af:03:87: 91:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:70:6E:A1:7A:9A:D4:DD:12:A1:39:0F:A2:C8:BC:6E:2D:E7:0C:B6 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4dd57872-4286-4ae3-96b4-e36652d55044.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.235.0.0/16 Signature Algorithm: sha256WithRSAEncryption 00:e5:f6:0d:5f:12:56:32:96:cf:42:86:1b:46:cb:ae:c0:61: 05:f4:28:3a:93:a6:c9:80:89:57:11:75:2e:44:75:26:9b:ea: 1d:a7:f8:35:e0:b3:bf:42:04:39:81:13:6c:23:5e:1a:77:c5: f0:05:80:67:62:6c:55:d9:c2:fc:cf:ee:ee:5d:82:b0:0f:56: 0b:8d:e6:87:ae:99:36:71:0a:34:a4:84:44:20:29:a8:68:36: fe:ed:73:2a:68:9d:7a:ac:d4:f3:0e:fb:ad:7a:c0:bb:07:b1: a7:69:9d:f2:86:36:d4:67:f0:f1:03:6f:c4:4d:0d:53:98:77: bf:1d:06:5e:57:8c:db:8f:5b:63:ea:6f:f8:8c:ee:38:76:d3: 1d:77:83:ae:fb:9d:c6:9b:c4:3f:d6:2f:83:42:f8:e3:e5:05: c5:e1:87:9f:1f:bc:5b:d8:85:7e:35:72:e7:9e:b8:3c:40:9f: fb:b7:99:2a:c0:5f:4a:48:aa:5f:2b:e2:80:7a:30:af:e8:97: b4:50:40:2e:8a:4a:f4:52:09:b7:91:f5:00:e2:33:d5:95:71: e1:0b:c4:32:ee:3b:be:3e:b8:9d:88:13:d2:c4:5d:19:24:87: 33:e9:3c:c1:be:a7:a6:eb:90:c1:d5:d4:d3:b0:ae:91:e1:22: 4a:c8:62:15 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUU0fCAL0OLfSaqQAapQa8pv9hDTowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI0MDUwODAwMDAwMFoX DTI0MDYxMjIzNTk1OVowejFJMEcGA1UEBRNAN2M2NGE2OTdjN2NiYWJjMmJjYjE2 MjRkMzQzY2MzZjVkNjkxZTg0MjU0NDAyMTc2MTljZTQ3MDBkODMzODQ2ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2A29nfd+T2AMgjhcvYOGYFlDpoVO 1g4B3oYwbBuBXfDbUzJUvak3e7FgYKBkWfqX5Y7TpJpSF0lf4vnaEmfwgx4099/G KB7hwNamjwB1Zuzlv6TxOLRhdLUFa4Gwa/rX3mSAmK0SX6VPQTGteI4YXMdPT34T AqLjOFZKOAmCUCYDo948+lKWy0zwstAEviRnIsJIAB7UnZi1Yf1ZlNlo2Y2UTjTB gQU8/GQKytrLQNBYntIKXRq4l1XPYR47aJRpD78GEQyhjunjnNLGfTFoM9OrDAe5 aX25U5KezI6D1PhJuhQSXxozXEZEVjktMWuZLpJbUfIUQWcuglivA4eRAwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFNhwbqF6mtTdEqE5D6LIvG4t5wy2MB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRkZDU3ODcyLTQyODYtNGFlMy05NmI0LWUzNjY1MmQ1NTA0NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMAoOswDQYJKoZIhvcNAQELBQADggEBAADl9g1fElYyls9ChhtGy67A YQX0KDqTpsmAiVcRdS5EdSab6h2n+DXgs79CBDmBE2wjXhp3xfAFgGdibFXZwvzP 7u5dgrAPVguN5oeumTZxCjSkhEQgKahoNv7tcyponXqs1PMO+616wLsHsadpnfKG NtRn8PEDb8RNDVOYd78dBl5XjNuPW2Pqb/iM7jh20x13g677ncabxD/WL4NC+OPl BcXhh58fvFvYhX41cueeuDxAn/u3mSrAX0pIql8r4oB6MK/ol7RQQC6KSvRSCbeR 9QDiM9WVceELxDLuO74+uJ2IE9LEXRkkhzPpPMG+p6brkMHV1NOwrpHhIkrIYhU= -----END CERTIFICATE-----Generated at Thu May 9 00:37:39 2024 by rpki-client on console-fra.rpki-client.org