$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/653a4574-339b-4bb5-9b34-5450c0c7e304.roa File: 653a4574-339b-4bb5-9b34-5450c0c7e304.roa (raw, json) Hash identifier: zgP98+AHZaSoIqRywwBN3fgnBFU2pXhScBoHsQrJtCQ= Subject key identifier: 4B:16:57:EC:0A:C1:BE:93:8C:D8:69:59:E5:E5:6D:BD:2F:8F:A1:29 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6557E59AC84A1435A49649D2A4E1FE8817C0F1CE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/653a4574-339b-4bb5-9b34-5450c0c7e304.roa Signing time: Tue 14 Jan 2025 00:00:00 +0000 ROA not before: Tue 14 Jan 2025 00:00:00 +0000 ROA not after: Tue 18 Feb 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.208.54.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:57:e5:9a:c8:4a:14:35:a4:96:49:d2:a4:e1:fe:88:17:c0:f1:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Jan 14 00:00:00 2025 GMT Not After : Feb 18 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:27:87:1f:35:26:c4:2d:5a:aa:7d:ca:e3:b6: 62:f9:da:62:50:01:d4:1a:3b:ea:12:23:38:ae:d0: 95:bb:15:bb:e6:d8:cf:8f:6c:95:f7:9d:b1:e6:44: 90:f1:7c:e8:3a:a8:e1:f3:0d:13:30:c4:59:e7:0e: 75:e5:60:db:41:5f:1b:76:2a:52:f1:9e:9e:96:46: 83:99:c5:b3:62:a4:53:13:ee:9c:95:56:ea:1b:75: 14:95:ac:09:36:aa:80:12:af:8c:58:1c:a3:9a:eb: a5:a2:dd:ab:c5:50:51:7b:6f:fa:cf:08:e4:8c:0c: e4:eb:e1:6c:b2:d6:3e:3d:43:0c:17:a1:99:bf:cd: b5:f1:d4:73:8e:e6:27:6a:d6:27:c5:5b:00:09:ab: 18:02:d2:da:09:15:20:e6:3a:0a:67:db:7a:3b:bf: ef:4a:fd:66:8e:d2:7f:d6:cb:17:6a:94:ad:2c:ee: 86:ea:ba:61:b0:6c:ac:b4:4d:66:31:19:3f:35:86: 6b:00:4b:a9:cb:98:1e:23:d1:fb:41:ab:7d:4c:78: 1f:a3:b9:aa:8f:a8:f0:b8:a1:d9:23:64:07:c9:cb: 8e:79:d2:f6:09:1b:43:d4:48:63:92:9b:15:af:3c: 51:4f:b2:ae:4a:00:23:b2:f5:aa:b0:de:59:fc:c7: 8f:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:16:57:EC:0A:C1:BE:93:8C:D8:69:59:E5:E5:6D:BD:2F:8F:A1:29 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/653a4574-339b-4bb5-9b34-5450c0c7e304.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.208.54.0/24 Signature Algorithm: sha256WithRSAEncryption c2:f3:c6:90:1e:c7:68:e6:8d:3d:f2:18:72:b3:97:a2:63:d9: ae:ae:9a:cd:7b:a1:d6:6e:54:e3:e2:0a:03:69:f8:ef:ad:03: 52:58:93:ff:23:3a:08:fd:b3:b4:2d:ba:7a:29:3a:bf:26:ed: 05:19:67:1e:a5:7e:4f:ae:1a:9a:08:5b:ef:ea:61:29:92:e8: a7:1e:40:c6:a9:fa:82:60:fd:30:d2:36:98:29:c0:ba:3c:23: 8c:16:80:7a:f2:35:24:d4:86:60:ae:db:5e:58:65:e9:02:25: 94:79:74:f8:90:ed:98:b5:39:c2:23:f5:d7:a1:e1:35:43:6d: b1:1b:b6:f8:68:a9:7a:75:f5:b9:d7:5c:f0:26:4f:ef:a7:dd: de:2c:d3:4f:be:4b:2b:c9:22:e5:e1:b2:48:3a:45:c9:5e:76: 3f:5d:9d:8d:6a:a1:41:f8:31:60:ac:cc:ac:0e:76:5f:a9:c4: 28:e2:dc:bc:73:b4:58:01:75:fe:13:86:2e:42:00:23:77:e7: 08:14:18:ac:42:5f:4a:20:fd:3b:21:83:0e:66:41:3f:1f:30: b9:bb:a3:bf:7d:ee:5a:7d:dc:75:a2:12:26:68:22:ca:92:dc: 33:f9:71:06:f1:c9:ac:86:a1:2c:5b:c7:1b:6c:b6:76:c2:af: 72:c7:c6:f8 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUZVflmshKFDWklknSpOH+iBfA8c4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDExNDAwMDAwMFoX DTI1MDIxODIzNTk1OVowejFJMEcGA1UEBRNAY2M2NzAyYjUyY2RmYWFkNmJkMjI0 ZDJiMzEzNmZhZjlmNGY1M2MwNGU0MzJjMzFiNGQxM2FmOTUxZjkxYmUzOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SeHHzUmxC1aqn3K47Zi+dpiUAHU GjvqEiM4rtCVuxW75tjPj2yV952x5kSQ8XzoOqjh8w0TMMRZ5w515WDbQV8bdipS 8Z6elkaDmcWzYqRTE+6clVbqG3UUlawJNqqAEq+MWByjmuulot2rxVBRe2/6zwjk jAzk6+FsstY+PUMMF6GZv8218dRzjuYnatYnxVsACasYAtLaCRUg5joKZ9t6O7/v Sv1mjtJ/1ssXapStLO6G6rphsGystE1mMRk/NYZrAEupy5geI9H7Qat9THgfo7mq j6jwuKHZI2QHycuOedL2CRtD1EhjkpsVrzxRT7KuSgAjsvWqsN5Z/MePmwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFEsWV+wKwb6TjNhpWeXlbb0vj6EpMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY1M2E0NTc0LTMzOWItNGJiNS05YjM0LTU0NTBjMGM3ZTMwNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK9A2MA0GCSqGSIb3DQEBCwUAA4IBAQDC88aQHsdo5o098hhys5ei Y9murprNe6HWblTj4goDafjvrQNSWJP/IzoI/bO0Lbp6KTq/Ju0FGWcepX5Prhqa CFvv6mEpkuinHkDGqfqCYP0w0jaYKcC6PCOMFoB68jUk1IZgrtteWGXpAiWUeXT4 kO2YtTnCI/XXoeE1Q22xG7b4aKl6dfW511zwJk/vp93eLNNPvksrySLl4bJIOkXJ XnY/XZ2NaqFB+DFgrMysDnZfqcQo4ty8c7RYAXX+E4YuQgAjd+cIFBisQl9KIP07 IYMOZkE/HzC5u6O/fe5afdx1ohImaCLKktwz+XEG8cmshqEsW8cbbLZ2wq9yx8b4 -----END CERTIFICATE-----Generated at Wed Feb 5 03:48:04 2025 by rpki-client