$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/906a6ed0-3318-443d-9e2d-1940710be595.roa File: 906a6ed0-3318-443d-9e2d-1940710be595.roa (raw, json) Hash identifier: tXKi2KaKEsfxWkqHxECNilX1tDZT7OMAEo62dyGAbJc= Subject key identifier: F1:E2:17:0E:22:5E:0A:90:72:28:5B:D1:25:B4:7C:B6:24:9E:13:C9 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 4CFFD517A3674F5E848981F12B7CEC6F29767516 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/906a6ed0-3318-443d-9e2d-1940710be595.roa Signing time: Wed 10 Apr 2024 00:00:00 +0000 ROA not before: Wed 10 Apr 2024 00:00:00 +0000 ROA not after: Wed 15 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.232.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 22 Apr 2024 00:01:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:ff:d5:17:a3:67:4f:5e:84:89:81:f1:2b:7c:ec:6f:29:76:75:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Apr 10 00:00:00 2024 GMT Not After : May 15 23:59:59 2024 GMT Subject: serialNumber=fe3f86bcc9d68a3cbef2ed58dd1d2e735603ae70e85611ff57c1c4ab703dc2ae, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:3e:03:22:2a:48:c5:29:11:4d:89:bb:01:f2: 97:70:cb:27:aa:5c:10:be:71:cd:51:6e:d0:f9:64: 61:a6:48:64:ee:84:9c:8d:b4:95:4e:67:97:8d:42: 62:2d:b0:b0:ac:62:cc:12:73:43:8e:95:d0:d1:39: 2c:b3:ea:f3:46:dc:13:7b:3c:55:0d:ba:d0:18:2e: d6:59:69:a7:a9:79:dd:21:45:e6:0a:4b:47:37:ec: 5b:e9:5a:dc:c5:39:e0:60:6e:17:d2:00:5b:ce:27: 34:b0:4d:23:b5:2b:89:86:03:1c:8b:39:65:e3:10: e0:1c:24:9a:b4:93:80:a5:cf:bd:60:65:e1:a9:dc: 71:e8:ec:31:79:33:f4:be:18:41:19:46:c5:4f:05: dc:6b:54:07:7c:0d:13:83:05:74:48:54:7f:b4:02: 94:b4:4f:82:9f:80:2b:4e:27:9b:ec:46:5f:93:58: f8:40:49:3c:62:61:b8:f7:f9:61:49:d9:5a:c7:6e: ff:aa:d1:3b:45:04:cb:39:db:a8:5d:68:d3:f2:c4: 74:51:a4:0a:9b:d6:cd:d8:08:67:fd:7b:7f:51:69: c6:ad:82:28:6c:00:4d:a9:98:14:5b:d1:6c:f7:3a: 93:f3:fe:b3:c2:7b:c7:38:52:2b:94:66:bc:dd:91: 89:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:E2:17:0E:22:5E:0A:90:72:28:5B:D1:25:B4:7C:B6:24:9E:13:C9 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/906a6ed0-3318-443d-9e2d-1940710be595.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.232.0/21 Signature Algorithm: sha256WithRSAEncryption 69:8d:17:58:97:9e:1f:e7:d5:96:f7:74:d6:3c:f9:37:91:ac: a5:1d:98:2d:a0:d0:48:b2:fc:f3:8a:42:af:91:b6:d6:9a:0a: a4:4e:db:0b:57:ec:88:89:0f:89:9e:cd:21:26:4f:10:9b:08: 05:2b:94:7c:96:b0:85:68:67:90:d6:eb:d2:7c:30:94:78:c1: 8e:78:6e:03:71:90:ba:bb:55:1a:d1:f7:58:15:c6:2a:c3:f7: cb:46:ac:05:b6:09:6b:d4:2a:a0:9a:65:3d:f5:bc:c1:2f:b1: 3f:70:67:ba:34:66:9b:55:06:c4:3e:0b:63:d8:d0:4d:4e:36: 23:e8:25:1e:04:c1:d2:dc:13:cd:94:9c:1a:3f:b3:7a:53:d3: 57:d8:b4:e9:1e:24:b3:29:c1:1a:7e:a1:7b:d8:bc:31:f1:72: d9:96:64:ea:90:a2:a3:51:80:f4:4e:49:df:d1:fa:75:c5:b5: d3:70:89:32:c0:ed:c7:08:0b:d2:b4:9c:5e:c3:38:06:53:18: 64:fc:5e:53:7c:66:d8:79:44:10:7d:db:fb:43:06:85:65:f7: 07:e6:39:c0:5c:19:95:04:5c:75:70:3d:8b:93:1e:7f:91:94: c4:0d:e7:58:3c:69:b4:e2:5b:8f:f1:e2:3e:da:b8:6b:56:c2: ed:71:78:26 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUTP/VF6NnT16EiYHxK3zsbyl2dRYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI0MDQxMDAwMDAwMFoX DTI0MDUxNTIzNTk1OVowejFJMEcGA1UEBRNAZmUzZjg2YmNjOWQ2OGEzY2JlZjJl ZDU4ZGQxZDJlNzM1NjAzYWU3MGU4NTYxMWZmNTdjMWM0YWI3MDNkYzJhZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnz4DIipIxSkRTYm7AfKXcMsnqlwQ vnHNUW7Q+WRhpkhk7oScjbSVTmeXjUJiLbCwrGLMEnNDjpXQ0Tkss+rzRtwTezxV DbrQGC7WWWmnqXndIUXmCktHN+xb6VrcxTngYG4X0gBbzic0sE0jtSuJhgMcizll 4xDgHCSatJOApc+9YGXhqdxx6OwxeTP0vhhBGUbFTwXca1QHfA0TgwV0SFR/tAKU tE+Cn4ArTieb7EZfk1j4QEk8YmG49/lhSdlax27/qtE7RQTLOduoXWjT8sR0UaQK m9bN2Ahn/Xt/UWnGrYIobABNqZgUW9Fs9zqT8/6zwnvHOFIrlGa83ZGJGQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPHiFw4iXgqQcihb0SW0fLYknhPJMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkwNmE2ZWQwLTMzMTgtNDQzZC05ZTJkLTE5NDA3MTBiZTU5NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/joMA0GCSqGSIb3DQEBCwUAA4IBAQBpjRdYl54f59WW93TWPPk3 kaylHZgtoNBIsvzzikKvkbbWmgqkTtsLV+yIiQ+Jns0hJk8QmwgFK5R8lrCFaGeQ 1uvSfDCUeMGOeG4DcZC6u1Ua0fdYFcYqw/fLRqwFtglr1CqgmmU99bzBL7E/cGe6 NGabVQbEPgtj2NBNTjYj6CUeBMHS3BPNlJwaP7N6U9NX2LTpHiSzKcEafqF72Lwx 8XLZlmTqkKKjUYD0Tknf0fp1xbXTcIkywO3HCAvStJxewzgGUxhk/F5TfGbYeUQQ fdv7QwaFZfcH5jnAXBmVBFx1cD2Lkx5/kZTEDedYPGm04luP8eI+2rhrVsLtcXgm -----END CERTIFICATE-----Generated at Thu Apr 18 03:48:26 2024 by rpki-client on console-fra.rpki-client.org