$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8dafa80e-23c0-4310-ae76-0199a9aafc6f.roa File: 8dafa80e-23c0-4310-ae76-0199a9aafc6f.roa (raw, json) Hash identifier: RxfO6R+ekuZTrUXwGfyUcMWsXgvEQODZUnbITfL5ZiE= Subject key identifier: 4C:F1:FC:0A:8B:EE:83:5D:69:45:2A:A9:DF:FE:35:66:64:6D:B2:02 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 2B049FBDF81CE8238E04ACC99D7E9DF5E0A66AB1 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8dafa80e-23c0-4310-ae76-0199a9aafc6f.roa Signing time: Mon 18 Nov 2024 00:00:00 +0000 ROA not before: Mon 18 Nov 2024 00:00:00 +0000 ROA not after: Mon 23 Dec 2024 23:59:59 +0000 asID: 8987 IP address blocks: 159.248.128.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 15:01:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:04:9f:bd:f8:1c:e8:23:8e:04:ac:c9:9d:7e:9d:f5:e0:a6:6a:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Nov 18 00:00:00 2024 GMT Not After : Dec 23 23:59:59 2024 GMT Subject: serialNumber=e6250a62d11d5e3a8e4089346d64223d0648b1953c19a7929b97dac6843c675e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:4d:18:22:75:3e:b6:c7:aa:27:ac:d6:e2:6c: 8d:70:c5:10:ed:dd:5f:e7:af:4c:2a:ad:f8:78:20: 81:53:d6:3e:92:e3:d6:83:28:72:d4:f3:48:7c:2b: 86:99:74:c7:72:a7:07:1b:b5:a1:56:1c:d3:27:1e: 83:b1:12:4c:0f:0f:c1:f5:81:14:24:f4:06:af:e4: 62:bf:03:0f:c6:62:bb:89:1f:11:88:24:dc:d8:47: 67:20:37:56:9c:02:22:9a:2b:4b:54:ec:ef:37:37: 56:2d:28:df:bf:93:6e:75:df:e8:38:67:e9:22:27: 53:80:78:0d:c7:1a:4c:b0:6b:1a:00:ba:d8:ff:a4: 3b:b2:7c:29:39:5d:b0:03:9b:81:d6:e6:5e:04:1d: dd:80:e0:b3:59:05:2d:54:6b:5e:34:91:fc:ad:01: b5:38:ac:18:37:2f:d0:59:91:aa:54:b3:05:07:ec: 2a:e9:05:17:bd:19:c3:4a:37:dd:60:8b:9e:e6:45: d3:72:3b:06:96:ea:6b:a7:77:02:6d:0f:1d:69:9d: 26:ab:27:f0:df:1b:37:9e:05:fb:e8:da:d1:b0:38: c9:93:78:80:9e:5a:f6:a4:47:ac:fa:5a:d4:7d:7a: 83:72:d9:92:2a:ec:c9:8f:59:94:83:7c:40:45:3a: e1:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:F1:FC:0A:8B:EE:83:5D:69:45:2A:A9:DF:FE:35:66:64:6D:B2:02 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8dafa80e-23c0-4310-ae76-0199a9aafc6f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.128.0/22 Signature Algorithm: sha256WithRSAEncryption 56:cd:43:8f:49:d4:f0:f7:7e:48:21:ea:27:60:db:8c:5b:64: 6e:44:36:df:50:c2:a4:a7:24:b5:86:a2:9c:ed:d9:f3:ec:26: 4b:9e:7e:8e:80:52:12:93:9b:bb:e1:00:13:38:af:5a:60:c1: c2:83:e6:88:7a:60:7c:ee:a3:aa:68:af:93:b9:65:a8:f3:28: 35:65:65:7f:d1:ac:e6:6c:b7:ad:95:11:96:1f:4f:b8:ea:d2: 51:10:82:7c:59:96:c9:f3:c3:4b:a0:81:29:7e:13:c4:45:81: 08:2c:d3:d9:a8:46:47:78:d7:73:7d:79:26:01:43:36:35:eb: 3f:a6:d6:cf:34:2c:32:d5:a2:73:60:99:2a:13:81:f3:51:10: 72:98:e0:a5:4c:90:bc:08:eb:ae:74:87:34:c3:14:d2:79:bd: c6:75:37:c4:6d:82:c0:92:00:3d:6e:7a:b3:30:42:22:04:2e: 8d:59:c0:3d:23:f3:5b:1f:3b:6f:1b:68:2b:29:d6:bc:4a:05: e3:da:76:69:04:4e:5e:17:77:cb:9c:de:a8:b5:27:d6:eb:0a: 4c:54:4b:f8:5b:57:e1:c8:87:0d:a0:77:e5:58:02:5f:ae:82: 9c:4c:6c:1a:75:19:3c:a6:e5:ee:b8:39:ca:c1:09:15:47:dc: e3:c5:7d:37 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUKwSfvfgc6COOBKzJnX6d9eCmarEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI0MTExODAwMDAwMFoX DTI0MTIyMzIzNTk1OVowejFJMEcGA1UEBRNAZTYyNTBhNjJkMTFkNWUzYThlNDA4 OTM0NmQ2NDIyM2QwNjQ4YjE5NTNjMTlhNzkyOWI5N2RhYzY4NDNjNjc1ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsU0YInU+tseqJ6zW4myNcMUQ7d1f 569MKq34eCCBU9Y+kuPWgyhy1PNIfCuGmXTHcqcHG7WhVhzTJx6DsRJMDw/B9YEU JPQGr+RivwMPxmK7iR8RiCTc2EdnIDdWnAIimitLVOzvNzdWLSjfv5Nudd/oOGfp IidTgHgNxxpMsGsaALrY/6Q7snwpOV2wA5uB1uZeBB3dgOCzWQUtVGteNJH8rQG1 OKwYNy/QWZGqVLMFB+wq6QUXvRnDSjfdYIue5kXTcjsGluprp3cCbQ8daZ0mqyfw 3xs3ngX76NrRsDjJk3iAnlr2pEes+lrUfXqDctmSKuzJj1mUg3xARTrh1wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFEzx/AqL7oNdaUUqqd/+NWZkbbICMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhkYWZhODBlLTIzYzAtNDMxMC1hZTc2LTAxOTlhOWFhZmM2Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCn/iAMA0GCSqGSIb3DQEBCwUAA4IBAQBWzUOPSdTw935IIeonYNuM W2RuRDbfUMKkpyS1hqKc7dnz7CZLnn6OgFISk5u74QATOK9aYMHCg+aIemB87qOq aK+TuWWo8yg1ZWV/0azmbLetlRGWH0+46tJREIJ8WZbJ88NLoIEpfhPERYEILNPZ qEZHeNdzfXkmAUM2Nes/ptbPNCwy1aJzYJkqE4HzURBymOClTJC8COuudIc0wxTS eb3GdTfEbYLAkgA9bnqzMEIiBC6NWcA9I/NbHztvG2grKda8SgXj2nZpBE5eF3fL nN6otSfW6wpMVEv4W1fhyIcNoHflWAJfroKcTGwadRk8puXuuDnKwQkVR9zjxX03 -----END CERTIFICATE-----Generated at Fri Nov 22 02:07:35 2024 by rpki-client on console-fra.rpki-client.org