$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8efa1c97-6e5e-49c1-9dac-f350e3f73658.roa File: 8efa1c97-6e5e-49c1-9dac-f350e3f73658.roa (raw, json) Hash identifier: 8kWm11UAXINw6EoL1qkEouE/s+ZSwKpvFYSxfM8D2ps= Subject key identifier: B7:72:F6:64:14:BD:FB:7B:75:DF:E2:92:95:4F:1A:96:0B:B9:73:5A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4B16199D4E2EE20A4F4C6A4932464E9170EC058C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8efa1c97-6e5e-49c1-9dac-f350e3f73658.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 43.249.44.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Apr 2024 00:02:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:16:19:9d:4e:2e:e2:0a:4f:4c:6a:49:32:46:4e:91:70:ec:05:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=32c139ce0272c5b6066050f8e42dacc5d76b2662e7b8a481acd741940bbe5316, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:ea:c3:6c:02:12:f1:86:60:64:aa:bc:39:98: d8:32:3a:a4:c5:cc:d0:a8:28:9a:08:75:d5:e4:86: 2c:cc:c9:f4:73:84:14:f9:ed:0e:c4:46:99:eb:3f: 8a:76:7f:c7:3a:ab:af:30:5b:8e:94:be:e9:a0:3e: be:6b:ef:4f:22:59:a6:42:c6:4b:71:1d:dc:6b:f9: 18:ce:34:fd:58:6a:65:ae:88:8b:95:e3:79:45:4a: b0:e9:6a:b2:be:12:86:fe:d7:6b:c6:18:9a:35:43: 19:33:f6:25:53:4d:52:25:2d:8a:1d:c9:38:b2:b9: 4b:18:89:a7:35:cc:9d:73:ee:99:ce:f7:08:77:0d: 8a:94:0a:0c:6d:8e:1b:0a:bd:38:16:31:fa:46:fb: 72:4f:51:d5:89:88:7d:b5:7b:e4:9b:88:92:0a:a4: 6b:38:99:24:b2:ee:a3:09:04:e9:1f:94:d4:29:fd: e4:e5:df:04:ba:2a:b1:a0:40:14:7b:e9:b7:db:eb: cd:f5:34:28:84:be:9e:ba:93:8d:dd:1c:1a:78:c1: fb:46:9c:64:c7:a4:2c:ee:70:af:25:96:42:ac:d1: 68:bf:81:aa:5c:ae:0f:bd:5c:62:63:df:c4:d4:53: fe:4a:bf:eb:87:76:ad:db:80:3d:12:9c:b9:16:78: 01:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:72:F6:64:14:BD:FB:7B:75:DF:E2:92:95:4F:1A:96:0B:B9:73:5A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8efa1c97-6e5e-49c1-9dac-f350e3f73658.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.249.44.0/24 Signature Algorithm: sha256WithRSAEncryption 08:35:1e:8f:32:23:2f:68:e4:22:62:db:4d:99:52:48:11:46: 62:58:d3:8a:fd:e4:a0:7d:a7:2f:f6:93:c6:78:1d:69:26:f3: 8c:57:22:53:c0:12:c5:74:b1:a2:12:26:9e:16:ce:4f:71:b9: 59:c0:89:d2:a5:97:8a:1b:42:50:22:c2:f3:54:04:6e:7b:14: 77:11:4a:d7:3c:7c:2e:5e:be:1e:0b:79:fb:24:eb:03:f0:fd: 00:c1:cf:7e:f6:54:89:96:0f:79:08:05:0c:8f:f5:42:77:3f: 7f:d5:d1:1d:f2:87:87:48:80:c0:50:69:bd:ca:9e:0a:22:84: 77:24:dc:46:4c:3b:f8:81:80:10:6d:af:d9:09:98:ea:4a:84: 14:c5:46:50:f9:68:f6:34:4a:16:37:dc:7a:8e:c3:d7:20:8e: bf:80:1d:b4:1f:01:ca:f6:11:53:8e:7e:2a:51:fc:af:f4:b2: e5:31:04:f8:9d:2d:9e:cf:23:9d:f0:09:06:22:8d:f5:e5:98: 94:7f:88:65:8e:0f:4b:bf:5f:2b:cb:8f:e9:64:b6:ba:1f:67: d8:ba:2b:23:9d:3a:c6:da:29:cd:fb:ec:a5:19:69:ec:9c:61: 90:21:ad:5c:38:1f:9b:98:e8:56:6a:5e:8e:bc:ce:63:38:ea: 3b:de:dd:3c -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUSxYZnU4u4gpPTGpJMkZOkXDsBYwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNAMzJjMTM5Y2UwMjcyYzViNjA2NjA1 MGY4ZTQyZGFjYzVkNzZiMjY2MmU3YjhhNDgxYWNkNzQxOTQwYmJlNTMxNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOrDbAIS8YZgZKq8OZjYMjqkxczQ qCiaCHXV5IYszMn0c4QU+e0OxEaZ6z+Kdn/HOquvMFuOlL7poD6+a+9PIlmmQsZL cR3ca/kYzjT9WGplroiLleN5RUqw6WqyvhKG/tdrxhiaNUMZM/YlU01SJS2KHck4 srlLGImnNcydc+6ZzvcIdw2KlAoMbY4bCr04FjH6RvtyT1HViYh9tXvkm4iSCqRr OJkksu6jCQTpH5TUKf3k5d8EuiqxoEAUe+m32+vN9TQohL6eupON3RwaeMH7Rpxk x6Qs7nCvJZZCrNFov4GqXK4PvVxiY9/E1FP+Sr/rh3at24A9Epy5FngB8QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFLdy9mQUvft7dd/ikpVPGpYLuXNaMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhlZmExYzk3LTZlNWUtNDljMS05ZGFjLWYzNTBlM2Y3MzY1OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK/ksMA0GCSqGSIb3DQEBCwUAA4IBAQAINR6PMiMvaOQiYttNmVJI EUZiWNOK/eSgfacv9pPGeB1pJvOMVyJTwBLFdLGiEiaeFs5PcblZwInSpZeKG0JQ IsLzVARuexR3EUrXPHwuXr4eC3n7JOsD8P0Awc9+9lSJlg95CAUMj/VCdz9/1dEd 8oeHSIDAUGm9yp4KIoR3JNxGTDv4gYAQba/ZCZjqSoQUxUZQ+Wj2NEoWN9x6jsPX II6/gB20HwHK9hFTjn4qUfyv9LLlMQT4nS2ezyOd8AkGIo315ZiUf4hljg9Lv18r y4/pZLa6H2fYuisjnTrG2inN++ylGWnsnGGQIa1cOB+bmOhWal6OvM5jOOo73t08 -----END CERTIFICATE-----Generated at Fri Apr 26 08:25:22 2024 by rpki-client on console-ams.rpki-client.org