$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9787bdbe-f3f0-457d-8edc-d01a0d2e9001.roa File: 9787bdbe-f3f0-457d-8edc-d01a0d2e9001.roa (raw, json) Hash identifier: Igyfwc9vG2vEcEERiTZgouxQ/KLAgUnXRBFO0ypHPDY= Subject key identifier: CB:19:50:F5:B8:17:A3:87:C0:6A:B5:1D:40:44:AC:E6:69:7C:A3:BE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 45F84520361BCCABBC7C5C08A1EB4CC6B4B65E45 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9787bdbe-f3f0-457d-8edc-d01a0d2e9001.roa Signing time: Tue 30 Apr 2024 00:00:00 +0000 ROA not before: Tue 30 Apr 2024 00:00:00 +0000 ROA not after: Tue 04 Jun 2024 23:59:59 +0000 asID: 16509 IP address blocks: 43.208.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 07 May 2024 00:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:f8:45:20:36:1b:cc:ab:bc:7c:5c:08:a1:eb:4c:c6:b4:b6:5e:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 30 00:00:00 2024 GMT Not After : Jun 4 23:59:59 2024 GMT Subject: serialNumber=7b59a7667ca9032bfc5109907a64688fb5b37c879bdd411c74331d6913847719, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:81:4e:40:57:59:cb:10:3a:1e:2f:da:ba:96: 1f:cf:bc:36:d6:58:db:89:59:da:62:d6:c9:25:b9: 40:42:90:76:5b:14:69:55:6e:d4:5a:f2:df:8d:16: 05:40:30:4a:ad:e1:fa:07:f0:2f:16:a5:89:ef:dd: a4:e3:50:54:14:48:e9:f9:b1:63:6b:ae:72:71:64: 13:2b:98:8c:3b:a3:a2:a9:63:1c:cb:34:0c:44:96: 65:09:87:4d:ba:6e:a3:94:6a:0c:c9:d3:2f:9b:d1: 43:0e:9a:f1:45:83:b0:13:6b:fe:fc:5c:2c:23:b6: 9f:36:2b:73:d8:90:29:5d:c0:1d:d5:b0:b2:f5:eb: 0c:88:66:e4:13:58:4b:47:51:4d:69:e4:f5:cb:78: ba:dc:14:4f:0e:11:ff:3d:1d:50:0a:d1:1e:cb:f5: ae:81:4e:a7:1a:7a:6a:ce:29:45:4c:aa:a7:85:9a: 11:95:4e:15:4b:f7:ea:ba:3e:04:0a:fb:17:11:b7: ef:78:ec:43:2d:11:9b:3d:4e:d0:4e:c1:b1:d9:f3: 13:fb:62:26:d9:1e:2c:69:f9:52:2c:c6:7d:0a:d1: 98:01:d9:4a:95:27:9c:c2:89:61:0a:de:29:5b:a4: 89:55:c2:91:45:a4:2e:03:a7:83:4c:a5:2b:48:1a: 64:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:19:50:F5:B8:17:A3:87:C0:6A:B5:1D:40:44:AC:E6:69:7C:A3:BE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9787bdbe-f3f0-457d-8edc-d01a0d2e9001.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.208.0.0/15 Signature Algorithm: sha256WithRSAEncryption c2:0e:22:71:81:fe:c2:b7:a8:51:8e:d5:1f:99:be:af:73:42: 6e:0a:c3:5b:fc:20:d2:5e:66:e8:89:0e:81:74:b0:5c:46:96: c5:ea:b5:16:5b:f2:3f:91:35:85:89:f3:11:1b:55:11:ee:59: de:bd:5b:84:64:24:0b:08:56:c9:d0:ca:7e:7b:b2:6b:e0:52: de:a5:04:51:2f:fa:2f:4e:8b:67:15:22:9f:ff:06:98:5a:9e: de:e9:52:b2:81:5f:6c:a8:43:d9:ef:1a:5d:66:5f:33:19:8d: fc:d4:47:71:5c:e8:19:ea:15:73:e7:1d:3a:f7:6a:7a:ce:20: 68:0d:d1:5a:05:61:3c:4f:69:df:34:99:2d:7d:51:ff:e1:7e: 39:1c:9b:8e:9f:92:21:fc:a1:73:b9:a9:9b:f0:58:a3:6f:3c: 18:02:10:92:e9:93:bd:86:0f:00:0e:6a:bd:19:d6:70:23:31: 6e:eb:22:4c:bd:73:69:a1:c8:be:36:89:e0:be:f5:29:60:f4: 32:22:ef:62:ba:73:f0:de:ea:48:2b:f8:75:44:0d:9a:c4:af: a0:a2:23:b5:4a:25:71:6e:ff:60:f3:b4:33:89:21:2f:6f:a9: b4:00:d1:e0:d2:ef:e5:4a:6c:26:23:d2:f5:8c:b4:e7:24:86: d7:0c:a9:f0 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIURfhFIDYbzKu8fFwIoetMxrS2XkUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQzMDAwMDAwMFoX DTI0MDYwNDIzNTk1OVowejFJMEcGA1UEBRNAN2I1OWE3NjY3Y2E5MDMyYmZjNTEw OTkwN2E2NDY4OGZiNWIzN2M4NzliZGQ0MTFjNzQzMzFkNjkxMzg0NzcxOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYFOQFdZyxA6Hi/aupYfz7w21ljb iVnaYtbJJblAQpB2WxRpVW7UWvLfjRYFQDBKreH6B/AvFqWJ792k41BUFEjp+bFj a65ycWQTK5iMO6OiqWMcyzQMRJZlCYdNum6jlGoMydMvm9FDDprxRYOwE2v+/Fws I7afNitz2JApXcAd1bCy9esMiGbkE1hLR1FNaeT1y3i63BRPDhH/PR1QCtEey/Wu gU6nGnpqzilFTKqnhZoRlU4VS/fquj4ECvsXEbfveOxDLRGbPU7QTsGx2fMT+2Im 2R4saflSLMZ9CtGYAdlKlSecwolhCt4pW6SJVcKRRaQuA6eDTKUrSBpkhQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFMsZUPW4F6OHwGq1HUBErOZpfKO+MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk3ODdiZGJlLWYzZjAtNDU3ZC04ZWRjLWQwMWEwZDJlOTAwMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMBK9AwDQYJKoZIhvcNAQELBQADggEBAMIOInGB/sK3qFGO1R+Zvq9z Qm4Kw1v8INJeZuiJDoF0sFxGlsXqtRZb8j+RNYWJ8xEbVRHuWd69W4RkJAsIVsnQ yn57smvgUt6lBFEv+i9Oi2cVIp//Bphant7pUrKBX2yoQ9nvGl1mXzMZjfzUR3Fc 6BnqFXPnHTr3anrOIGgN0VoFYTxPad80mS19Uf/hfjkcm46fkiH8oXO5qZvwWKNv PBgCEJLpk72GDwAOar0Z1nAjMW7rIky9c2mhyL42ieC+9Slg9DIi72K6c/De6kgr +HVEDZrEr6CiI7VKJXFu/2DztDOJIS9vqbQA0eDS7+VKbCYj0vWMtOckhtcMqfA= -----END CERTIFICATE-----Generated at Fri May 3 00:27:27 2024 by rpki-client on console-fra.rpki-client.org