$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/906a6ed0-3318-443d-9e2d-1940710be595.roa File: 906a6ed0-3318-443d-9e2d-1940710be595.roa (raw, json) Hash identifier: CtCy0r3krJvOXpUNiiQe6uRYWreclkLclS7CVO7Rys4= Subject key identifier: 84:D4:2F:85:39:08:7D:96:0A:AE:58:42:3B:86:12:7D:3A:D8:B6:76 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 55D0AC982D5C5F00B345DEEF9E6D464AB5E68381 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/906a6ed0-3318-443d-9e2d-1940710be595.roa Signing time: Fri 22 Sep 2023 00:00:00 +0000 ROA not before: Fri 22 Sep 2023 00:00:00 +0000 ROA not after: Fri 27 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.232.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Sep 2023 12:02:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:d0:ac:98:2d:5c:5f:00:b3:45:de:ef:9e:6d:46:4a:b5:e6:83:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Sep 22 00:00:00 2023 GMT Not After : Oct 27 23:59:59 2023 GMT Subject: serialNumber=7d16ab5749be1874a985b88b056fcfc2769900bf6ea1bbb6a2ed27821950bb87, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:98:a2:55:df:26:e1:3c:cc:45:b8:88:4e:22: 94:d1:a7:da:41:7e:df:1d:35:76:f4:f1:75:69:d9: 12:96:d7:0f:a7:60:66:42:4b:f6:d0:9f:8b:14:8e: f9:4f:4c:08:de:02:8b:0f:af:60:27:df:11:18:17: 75:50:c9:b7:4c:1e:7e:b0:65:3f:b1:d5:f3:2b:e8: fa:52:73:90:7e:79:39:c3:30:fd:bf:92:a5:f7:d8: 03:d2:78:98:c3:93:be:44:82:c1:40:aa:a3:34:87: c0:69:3e:cc:ff:ea:1b:ac:59:af:82:7e:93:ec:41: fb:db:42:e3:ef:6e:22:4f:2f:1e:da:23:99:90:1f: ad:5e:ba:45:33:e8:3c:a2:d5:35:f7:15:56:82:1d: 41:cd:69:d2:c6:c8:68:82:4e:57:de:46:6b:ca:ef: 57:31:98:58:26:26:50:e7:34:1c:8a:7c:40:0a:59: 20:59:f7:b6:c6:b1:7d:f7:48:71:f3:ae:a7:45:43: bf:1f:3e:30:65:e7:90:eb:8f:20:9f:32:be:80:8b: aa:d2:f8:03:0a:07:6b:c4:ab:fb:e9:b8:7c:68:45: 45:2a:b3:c3:02:86:1b:19:4a:4a:a4:8f:60:a9:24: c8:aa:2c:82:c7:a1:2f:bb:41:38:40:20:55:f1:8f: 90:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:D4:2F:85:39:08:7D:96:0A:AE:58:42:3B:86:12:7D:3A:D8:B6:76 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/906a6ed0-3318-443d-9e2d-1940710be595.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.232.0/21 Signature Algorithm: sha256WithRSAEncryption 66:83:db:fa:4e:44:06:ec:e9:a6:77:1a:e5:8d:c0:d8:63:f0: 6c:de:11:c6:f1:dc:a4:95:4c:5d:41:1f:b5:c0:c2:0c:6b:65: d2:ec:b5:c1:c6:e7:fb:44:0b:66:1c:8e:b9:0d:3b:4c:59:c3: 71:da:c0:6a:9f:fe:81:c3:8f:fd:3a:1d:55:53:dc:a6:72:dc: 86:c9:e9:23:82:f6:6b:83:7a:46:40:53:4f:ef:c8:c1:70:f6: 81:21:bb:b0:78:ce:2b:8e:97:9d:6f:f2:a8:52:6b:fa:08:12: 08:e4:8b:a2:72:a3:0a:4c:6a:af:ab:2b:fa:6a:b4:54:64:7c: 0f:88:f7:44:68:3f:bf:01:f5:7c:04:02:37:a6:ff:04:3d:2c: 64:99:44:ed:b5:1a:5f:79:0b:18:1d:28:16:70:e4:ae:83:48: a4:a9:7b:3c:30:d8:2e:0e:64:59:3e:b1:64:e5:0b:be:47:c8: 7b:2e:87:2a:c7:1a:05:cb:90:1a:bb:93:6c:5a:ed:2a:e2:24: 23:e0:60:e5:e4:82:c0:49:b1:1c:c8:bb:db:a6:10:9f:32:d2: 5a:16:ac:ec:51:7a:3f:44:e4:69:04:01:04:59:27:7a:ac:30: d8:9c:1b:53:90:a2:6a:d5:46:0e:8e:a7:8c:3e:77:c2:f7:b2: d0:cb:1b:6d -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUVdCsmC1cXwCzRd7vnm1GSrXmg4EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTIzMDkyMjAwMDAwMFoX DTIzMTAyNzIzNTk1OVowejFJMEcGA1UEBRNAN2QxNmFiNTc0OWJlMTg3NGE5ODVi ODhiMDU2ZmNmYzI3Njk5MDBiZjZlYTFiYmI2YTJlZDI3ODIxOTUwYmI4NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZiiVd8m4TzMRbiITiKU0afaQX7f HTV29PF1adkSltcPp2BmQkv20J+LFI75T0wI3gKLD69gJ98RGBd1UMm3TB5+sGU/ sdXzK+j6UnOQfnk5wzD9v5Kl99gD0niYw5O+RILBQKqjNIfAaT7M/+obrFmvgn6T 7EH720Lj724iTy8e2iOZkB+tXrpFM+g8otU19xVWgh1BzWnSxshogk5X3kZryu9X MZhYJiZQ5zQcinxAClkgWfe2xrF990hx866nRUO/Hz4wZeeQ648gnzK+gIuq0vgD CgdrxKv76bh8aEVFKrPDAoYbGUpKpI9gqSTIqiyCx6Evu0E4QCBV8Y+QKQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFITUL4U5CH2WCq5YQjuGEn062LZ2MB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkwNmE2ZWQwLTMzMTgtNDQzZC05ZTJkLTE5NDA3MTBiZTU5NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/joMA0GCSqGSIb3DQEBCwUAA4IBAQBmg9v6TkQG7OmmdxrljcDY Y/Bs3hHG8dyklUxdQR+1wMIMa2XS7LXBxuf7RAtmHI65DTtMWcNx2sBqn/6Bw4/9 Oh1VU9ymctyGyekjgvZrg3pGQFNP78jBcPaBIbuweM4rjpedb/KoUmv6CBII5Iui cqMKTGqvqyv6arRUZHwPiPdEaD+/AfV8BAI3pv8EPSxkmUTttRpfeQsYHSgWcOSu g0ikqXs8MNguDmRZPrFk5Qu+R8h7LocqxxoFy5Aau5NsWu0q4iQj4GDl5ILASbEc yLvbphCfMtJaFqzsUXo/RORpBAEEWSd6rDDYnBtTkKJq1UYOjqeMPnfC97LQyxtt -----END CERTIFICATE-----Generated at Fri Sep 22 00:30:05 2023 by rpki-client on console-fra.rpki-client.org