$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8dafa80e-23c0-4310-ae76-0199a9aafc6f.roa File: 8dafa80e-23c0-4310-ae76-0199a9aafc6f.roa (raw, json) Hash identifier: OObU7xdADKMTh0vHxdduwwaciuHyZv1UKJdxNoEpIQo= Subject key identifier: A7:D5:2F:34:EA:89:D9:76:9E:59:96:9F:8A:CB:F4:53:AC:62:FD:BB Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 76AF9AFC56A56B97D777EA09F0B6F2BC866B0FF5 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8dafa80e-23c0-4310-ae76-0199a9aafc6f.roa Signing time: Tue 30 Apr 2024 00:00:00 +0000 ROA not before: Tue 30 Apr 2024 00:00:00 +0000 ROA not after: Tue 04 Jun 2024 23:59:59 +0000 asID: 8987 IP address blocks: 159.248.128.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 13 May 2024 00:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:af:9a:fc:56:a5:6b:97:d7:77:ea:09:f0:b6:f2:bc:86:6b:0f:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Apr 30 00:00:00 2024 GMT Not After : Jun 4 23:59:59 2024 GMT Subject: serialNumber=1c30483bfdb9679671d5a1fce4b563fd49d010f8313672301186f4d1835dccfe, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:e7:57:0a:55:e2:bf:4e:4c:cd:a3:8e:b9:41: ec:cb:c4:13:98:6a:27:49:a8:93:42:bd:a2:8f:44: e7:5b:f4:ae:69:eb:1e:7e:fa:d3:39:43:5a:11:f8: d9:64:75:a4:49:b6:76:df:2b:4c:88:0e:e4:b8:6c: 47:e6:97:c0:ee:92:63:3d:0e:48:24:08:c3:b3:f9: 4b:b0:09:8d:4d:07:9a:a2:57:6b:84:6d:5e:dc:01: bd:03:75:13:76:ce:d3:4f:7f:3c:ca:71:0f:25:bb: 76:27:c7:27:95:3c:4b:08:29:e0:0a:e3:b9:f3:9c: 5b:12:93:fe:b0:35:86:c2:59:79:ac:bb:11:9f:70: 8e:19:b4:b5:b6:9e:63:08:a4:18:71:03:81:80:83: c5:f2:f3:f3:4e:b2:83:00:e8:b2:d9:0a:4d:df:a6: a7:a9:ad:71:5d:81:dd:a4:78:a7:41:af:ae:9e:62: 11:b6:13:3a:fa:07:ca:ca:88:2f:a1:6c:c1:31:45: 66:05:50:e9:89:ea:2d:43:3d:7f:a8:87:f9:b4:60: cc:c5:b3:0f:19:b8:c6:00:ed:da:d1:09:db:2f:a8: 33:65:bf:7c:3f:45:14:e9:5a:87:c6:53:d4:16:6d: 66:ce:dd:60:70:a8:c1:5e:f0:e9:0e:a1:dc:53:a8: 76:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:D5:2F:34:EA:89:D9:76:9E:59:96:9F:8A:CB:F4:53:AC:62:FD:BB X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8dafa80e-23c0-4310-ae76-0199a9aafc6f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.128.0/22 Signature Algorithm: sha256WithRSAEncryption 72:63:14:26:49:c5:12:7a:30:6e:c6:fb:b3:2b:50:f4:25:4f: f8:9d:4b:72:d2:e6:7e:3b:4b:22:b9:c3:35:00:82:dd:16:34: 62:a3:7f:02:f6:e5:01:d7:de:5a:58:30:4e:81:da:42:97:01: ae:93:02:b6:44:86:82:e5:dd:4c:f6:42:52:25:5f:7b:27:d2: 40:5a:6d:f4:bf:df:49:5b:d9:5e:b4:ae:a4:d9:11:e1:93:39: f1:20:78:37:b8:cc:ca:42:7e:3a:df:af:93:5a:9b:df:9f:0f: c8:7b:f8:af:db:32:89:49:4c:31:5a:68:e1:93:31:21:d3:ca: 73:29:5d:bf:20:3c:c9:50:9d:d6:e3:ca:cc:c8:77:fb:3d:28: d5:02:df:86:6a:e0:85:b2:77:9b:db:92:e6:3c:ae:3d:c8:a1: 8b:20:71:93:7b:a9:71:f0:b9:4e:a3:9f:ec:1a:fa:85:25:56: 03:e7:7d:20:c1:80:49:d3:94:1b:77:2e:ed:b3:83:44:69:fd: 07:24:a8:97:17:ba:d9:79:23:b8:f1:bb:48:26:e3:30:06:55: f1:16:60:6b:ec:62:67:76:e8:40:c7:94:fe:af:c6:af:ad:5b: ff:96:d5:a8:fc:ed:43:11:29:2d:a1:22:0e:27:2c:7c:35:a1: 9c:0e:d1:73 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUdq+a/Fala5fXd+oJ8LbyvIZrD/UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI0MDQzMDAwMDAwMFoX DTI0MDYwNDIzNTk1OVowejFJMEcGA1UEBRNAMWMzMDQ4M2JmZGI5Njc5NjcxZDVh MWZjZTRiNTYzZmQ0OWQwMTBmODMxMzY3MjMwMTE4NmY0ZDE4MzVkY2NmZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3udXClXiv05MzaOOuUHsy8QTmGon SaiTQr2ij0TnW/SuaesefvrTOUNaEfjZZHWkSbZ23ytMiA7kuGxH5pfA7pJjPQ5I JAjDs/lLsAmNTQeaoldrhG1e3AG9A3UTds7TT388ynEPJbt2J8cnlTxLCCngCuO5 85xbEpP+sDWGwll5rLsRn3COGbS1tp5jCKQYcQOBgIPF8vPzTrKDAOiy2QpN36an qa1xXYHdpHinQa+unmIRthM6+gfKyogvoWzBMUVmBVDpieotQz1/qIf5tGDMxbMP GbjGAO3a0QnbL6gzZb98P0UU6VqHxlPUFm1mzt1gcKjBXvDpDqHcU6h2oQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFKfVLzTqidl2nlmWn4rL9FOsYv27MB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhkYWZhODBlLTIzYzAtNDMxMC1hZTc2LTAxOTlhOWFhZmM2Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCn/iAMA0GCSqGSIb3DQEBCwUAA4IBAQByYxQmScUSejBuxvuzK1D0 JU/4nUty0uZ+O0siucM1AILdFjRio38C9uUB195aWDBOgdpClwGukwK2RIaC5d1M 9kJSJV97J9JAWm30v99JW9letK6k2RHhkznxIHg3uMzKQn4636+TWpvfnw/Ie/iv 2zKJSUwxWmjhkzEh08pzKV2/IDzJUJ3W48rMyHf7PSjVAt+GauCFsneb25LmPK49 yKGLIHGTe6lx8LlOo5/sGvqFJVYD530gwYBJ05Qbdy7ts4NEaf0HJKiXF7rZeSO4 8btIJuMwBlXxFmBr7GJnduhAx5T+r8avrVv/ltWo/O1DESktoSIOJyx8NaGcDtFz -----END CERTIFICATE-----Generated at Thu May 9 00:37:40 2024 by rpki-client on console-fra.rpki-client.org