$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8efa1c97-6e5e-49c1-9dac-f350e3f73658.roa File: 8efa1c97-6e5e-49c1-9dac-f350e3f73658.roa (raw, json) Hash identifier: Kj6gf35PN+Fyzse8G7s3y19ezXavci0N3r25i04j6Jg= Subject key identifier: DC:44:7E:5B:DC:C6:32:C7:CB:68:55:EB:7F:7F:3B:54:DF:8F:BB:BF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 64EEDA8FA444A93F040A0E9E6DEFD91E647D593C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8efa1c97-6e5e-49c1-9dac-f350e3f73658.roa Signing time: Tue 19 Nov 2024 00:00:00 +0000 ROA not before: Tue 19 Nov 2024 00:00:00 +0000 ROA not after: Tue 24 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 43.249.44.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 00:37:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:ee:da:8f:a4:44:a9:3f:04:0a:0e:9e:6d:ef:d9:1e:64:7d:59:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 19 00:00:00 2024 GMT Not After : Dec 24 23:59:59 2024 GMT Subject: serialNumber=bf6288b6b800b9d887fb3ddee41dd3252e7a1bc89da498d15d5ab9176f9c9ffb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:29:b3:89:1d:1e:e5:0d:1c:96:78:1e:37:12: b2:00:b7:8b:ea:b6:eb:98:5d:95:95:58:4e:4b:bf: 3d:4d:9a:b2:ad:b2:08:ef:df:be:3f:53:ab:83:26: e6:5e:a1:60:4b:70:31:6c:3d:22:89:03:8b:0d:a5: 8e:2c:e1:9a:96:3f:13:2b:c6:b1:1d:93:51:ae:2c: 2d:4e:99:40:d3:d7:91:a8:62:79:1e:cb:89:5b:ab: 79:2d:ba:3d:5a:7e:2a:9e:30:6a:3f:3d:06:c2:55: 70:7f:68:98:4e:e6:c0:41:a4:69:d8:35:24:29:46: 72:a0:bd:0f:53:0b:76:a6:a0:52:00:2d:4a:16:0b: 16:89:6e:51:8d:59:44:8d:12:59:3e:2d:9a:f4:d4: 9f:72:ce:b1:5b:66:cf:a5:dd:e5:91:2f:39:f6:3f: 3e:ec:f8:a3:90:13:a7:d3:23:3e:ba:a3:32:d6:6c: 8d:74:8d:d6:43:b0:18:38:83:6f:a1:c7:05:4b:dd: f6:ef:9f:4a:08:fd:df:d3:e5:7a:f0:d8:6d:eb:9f: 90:b7:01:5a:0b:7e:2f:e4:cc:cc:fa:f8:67:31:79: 41:75:28:06:3e:b1:3b:ef:91:f5:b6:b7:3f:ec:cd: 17:18:51:67:7e:1b:3b:70:1b:b1:bf:a0:45:81:22: 67:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:44:7E:5B:DC:C6:32:C7:CB:68:55:EB:7F:7F:3B:54:DF:8F:BB:BF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8efa1c97-6e5e-49c1-9dac-f350e3f73658.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.249.44.0/24 Signature Algorithm: sha256WithRSAEncryption 53:62:d5:47:dd:f5:5c:3d:71:38:aa:77:be:8b:79:af:da:d9: f6:a4:12:88:73:b3:ec:a3:f1:70:36:a2:b1:36:f2:9b:0d:fa: 88:0a:fc:42:8f:ee:94:01:19:1d:66:16:53:8f:9c:cb:5a:8a: 08:25:26:79:84:52:b8:db:50:b1:ec:47:4b:96:5f:a5:f6:c9: a5:3a:10:70:2d:0f:68:40:8f:a6:7f:18:78:8c:9f:68:f9:10: 09:b3:45:40:db:d0:f0:22:61:c9:db:27:dd:e2:36:24:e4:41: fa:c2:72:fc:6a:eb:6a:84:00:7c:a5:d2:0b:f5:cc:1e:55:96: e9:74:4d:3b:39:d5:ed:4f:7b:86:70:8b:da:a6:47:2e:1d:99: 34:25:c1:f5:77:21:de:e0:ac:c4:09:24:52:71:7b:31:86:08: d7:b4:d0:50:2a:f2:b7:e6:7c:08:51:09:bd:5b:36:21:31:f6: f8:98:03:c3:01:55:05:ab:c6:40:d8:69:ef:4a:ca:e8:e9:40: 3d:73:a3:31:10:8f:5c:31:d1:d1:a6:b4:12:9c:75:f2:9b:82: 3f:0e:15:92:ba:74:b6:54:85:30:5c:52:be:8c:96:75:25:d9: 67:cc:f2:91:34:04:b0:c9:f1:4e:3e:55:09:69:5e:e0:8a:64: c1:c0:77:68 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUZO7aj6REqT8ECg6ebe/ZHmR9WTwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTExOTAwMDAwMFoX DTI0MTIyNDIzNTk1OVowejFJMEcGA1UEBRNAYmY2Mjg4YjZiODAwYjlkODg3ZmIz ZGRlZTQxZGQzMjUyZTdhMWJjODlkYTQ5OGQxNWQ1YWI5MTc2ZjljOWZmYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CmziR0e5Q0clngeNxKyALeL6rbr mF2VlVhOS789TZqyrbII79++P1OrgybmXqFgS3AxbD0iiQOLDaWOLOGalj8TK8ax HZNRriwtTplA09eRqGJ5HsuJW6t5Lbo9Wn4qnjBqPz0GwlVwf2iYTubAQaRp2DUk KUZyoL0PUwt2pqBSAC1KFgsWiW5RjVlEjRJZPi2a9NSfcs6xW2bPpd3lkS859j8+ 7PijkBOn0yM+uqMy1myNdI3WQ7AYOINvoccFS932759KCP3f0+V68Nht65+QtwFa C34v5MzM+vhnMXlBdSgGPrE775H1trc/7M0XGFFnfhs7cBuxv6BFgSJnWwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFNxEflvcxjLHy2hV639/O1Tfj7u/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhlZmExYzk3LTZlNWUtNDljMS05ZGFjLWYzNTBlM2Y3MzY1OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK/ksMA0GCSqGSIb3DQEBCwUAA4IBAQBTYtVH3fVcPXE4qne+i3mv 2tn2pBKIc7Pso/FwNqKxNvKbDfqICvxCj+6UARkdZhZTj5zLWooIJSZ5hFK421Cx 7EdLll+l9smlOhBwLQ9oQI+mfxh4jJ9o+RAJs0VA29DwImHJ2yfd4jYk5EH6wnL8 autqhAB8pdIL9cweVZbpdE07OdXtT3uGcIvapkcuHZk0JcH1dyHe4KzECSRScXsx hgjXtNBQKvK35nwIUQm9WzYhMfb4mAPDAVUFq8ZA2GnvSsro6UA9c6MxEI9cMdHR prQSnHXym4I/DhWSunS2VIUwXFK+jJZ1JdlnzPKRNASwyfFOPlUJaV7gimTBwHdo -----END CERTIFICATE-----Generated at Mon Nov 25 01:15:16 2024 by rpki-client on console-fra.rpki-client.org