$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9208ca37-666c-46cf-adea-072bc5bb150d.roa File: 9208ca37-666c-46cf-adea-072bc5bb150d.roa (raw, json) Hash identifier: fpwyBkrxiD7mOYFV1EvB3A9JU+QejSGXLGjanzk5kjw= Subject key identifier: 3D:19:44:F4:D6:06:47:7E:30:A8:E4:FD:0C:F4:DF:0C:83:48:34:F6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 31F97D5C086796FF8BD075683B332380D115B68A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9208ca37-666c-46cf-adea-072bc5bb150d.roa Signing time: Mon 13 Jan 2025 00:00:00 +0000 ROA not before: Mon 13 Jan 2025 00:00:00 +0000 ROA not after: Mon 17 Feb 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.218.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:f9:7d:5c:08:67:96:ff:8b:d0:75:68:3b:33:23:80:d1:15:b6:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Jan 13 00:00:00 2025 GMT Not After : Feb 17 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:80:3b:e6:b3:98:55:d5:90:55:36:ef:95:82: 1a:c3:7a:b2:53:27:3c:99:d2:6c:1e:51:fa:9c:7c: 6a:15:9c:99:a7:93:02:04:0c:ef:16:d9:14:31:65: 49:9e:7c:6c:b4:1a:ee:14:4f:f9:22:e2:b0:85:ab: 86:8d:cd:aa:02:64:9e:12:a5:31:b4:ea:ea:a7:c9: ce:58:c8:6d:35:7e:c1:f6:39:bf:15:06:10:4f:db: 92:33:40:7b:23:8f:2c:de:42:f8:66:73:42:79:fa: 19:ee:dd:00:d4:3d:d8:b4:27:13:0d:1f:91:6d:a8: c2:4c:a6:e0:4c:f3:5a:82:fe:8e:00:6e:2f:f3:29: b5:59:f6:f3:0d:b8:57:d9:c7:fb:3e:6a:7e:a9:a1: 30:4c:35:ce:58:a5:2a:cb:b8:de:15:61:a2:6d:20: 38:af:ac:20:9f:f4:ef:1d:98:03:ae:27:99:7d:98: 85:20:e5:f6:9f:98:46:7f:71:a7:7e:9f:0f:d5:79: 77:fa:fc:70:64:ed:98:cd:22:ac:bb:18:8f:d0:ce: 82:5e:17:48:ed:31:a5:ec:ba:a7:40:da:45:ad:46: 70:b3:46:01:73:b7:ee:b6:63:cc:0c:6b:25:84:c6: 44:c3:5a:5f:d4:db:8a:a1:82:65:51:0b:4b:20:7f: 14:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:19:44:F4:D6:06:47:7E:30:A8:E4:FD:0C:F4:DF:0C:83:48:34:F6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9208ca37-666c-46cf-adea-072bc5bb150d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.218.0.0/16 Signature Algorithm: sha256WithRSAEncryption c9:42:21:a7:ae:fc:37:92:6f:c4:4f:e2:dc:3a:44:c4:ea:5e: 22:59:ea:b1:cb:c6:b2:32:40:52:61:33:d1:ab:2a:c8:83:1f: 03:24:06:86:7f:72:25:2a:08:00:6e:1c:d2:33:6b:82:cc:cd: f0:00:1c:86:c6:e6:af:d7:74:23:f4:4e:22:2f:0a:e8:1f:d9: 39:f8:ad:40:f3:61:7b:d8:75:fa:51:9b:97:02:1f:a2:42:3f: ff:72:0c:0f:88:d3:93:6c:04:5b:b8:39:d9:cd:44:4c:90:bb: 32:ad:9e:c7:a2:21:c8:9b:f7:49:73:66:d9:b2:5d:51:82:30: 96:c5:65:47:2c:da:e6:e7:c8:08:5d:83:6a:29:cb:f5:75:01: 87:96:c9:2d:1c:85:1c:c1:09:62:19:85:17:20:76:b6:29:f6: dd:b6:90:b1:24:2b:17:02:13:4b:d2:68:a9:e5:1c:1a:67:e6: cd:8e:66:b9:08:42:07:05:7a:40:de:b5:ff:f6:89:f8:f3:8e: c9:97:a7:52:f1:f0:68:79:a8:2c:68:6b:a5:35:0a:07:7c:72: 10:63:4f:83:29:3c:89:69:05:52:e5:14:33:be:c1:af:89:2d: d6:f1:9b:91:85:71:6e:42:00:34:a6:13:0c:72:14:94:11:52: c2:7b:4e:1d -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUMfl9XAhnlv+L0HVoOzMjgNEVtoowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDExMzAwMDAwMFoX DTI1MDIxNzIzNTk1OVowejFJMEcGA1UEBRNAM2U2YTdhMTg1N2VkZDVhMGQ4OTY2 NTY5NDZlMzBiNWY2NDg5MjhjNDAwNDVmMjYzZDhhNWJkNWY2MjY5ODA1MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoA75rOYVdWQVTbvlYIaw3qyUyc8 mdJsHlH6nHxqFZyZp5MCBAzvFtkUMWVJnnxstBruFE/5IuKwhauGjc2qAmSeEqUx tOrqp8nOWMhtNX7B9jm/FQYQT9uSM0B7I48s3kL4ZnNCefoZ7t0A1D3YtCcTDR+R bajCTKbgTPNagv6OAG4v8ym1WfbzDbhX2cf7Pmp+qaEwTDXOWKUqy7jeFWGibSA4 r6wgn/TvHZgDrieZfZiFIOX2n5hGf3Gnfp8P1Xl3+vxwZO2YzSKsuxiP0M6CXhdI 7TGl7LqnQNpFrUZws0YBc7futmPMDGslhMZEw1pf1NuKoYJlUQtLIH8UgQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFD0ZRPTWBkd+MKjk/Qz03wyDSDT2MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkyMDhjYTM3LTY2NmMtNDZjZi1hZGVhLTA3MmJjNWJiMTUwZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMAK9owDQYJKoZIhvcNAQELBQADggEBAMlCIaeu/DeSb8RP4tw6RMTq XiJZ6rHLxrIyQFJhM9GrKsiDHwMkBoZ/ciUqCABuHNIza4LMzfAAHIbG5q/XdCP0 TiIvCugf2Tn4rUDzYXvYdfpRm5cCH6JCP/9yDA+I05NsBFu4OdnNREyQuzKtnsei Icib90lzZtmyXVGCMJbFZUcs2ubnyAhdg2opy/V1AYeWyS0chRzBCWIZhRcgdrYp 9t22kLEkKxcCE0vSaKnlHBpn5s2OZrkIQgcFekDetf/2ifjzjsmXp1Lx8Gh5qCxo a6U1Cgd8chBjT4MpPIlpBVLlFDO+wa+JLdbxm5GFcW5CADSmEwxyFJQRUsJ7Th0= -----END CERTIFICATE-----Generated at Wed Feb 5 04:03:18 2025 by rpki-client