$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a9d7c5f5-36de-4340-a315-95bb96771dbe.roa File: a9d7c5f5-36de-4340-a315-95bb96771dbe.roa (raw, json) Hash identifier: kNhWhIg4uXLJoN6cE9cm/Oly7cOCutHVolkGLiiwENk= Subject key identifier: A7:45:86:A4:3A:65:23:7A:FD:1E:05:3A:16:3A:BD:C7:0E:E5:6C:C9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4D8B781A0A8E2B0B7959E3DA86F625AD3465AAE7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a9d7c5f5-36de-4340-a315-95bb96771dbe.roa Signing time: Wed 20 Nov 2024 00:00:00 +0000 ROA not before: Wed 20 Nov 2024 00:00:00 +0000 ROA not after: Wed 25 Dec 2024 23:59:59 +0000 asID: 14618 IP address blocks: 27.0.0.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:27:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:8b:78:1a:0a:8e:2b:0b:79:59:e3:da:86:f6:25:ad:34:65:aa:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 20 00:00:00 2024 GMT Not After : Dec 25 23:59:59 2024 GMT Subject: serialNumber=7ab22915dc80f780856597ee0fe9fa036e5974d90e2f384c606bd7ddead187d3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:be:08:c6:74:af:0c:41:4d:3e:0f:40:40:78: 2c:69:1c:40:3d:3d:ed:10:de:13:4e:5c:2e:7f:07: 05:ad:2c:0f:35:ee:25:e5:da:aa:5d:67:98:56:01: 86:3d:c2:b7:7d:25:40:60:ab:07:9c:a8:78:2d:73: 3a:7d:67:b4:fc:67:26:b9:1c:54:dd:2d:3c:a7:56: 55:b1:eb:dc:56:2d:7a:54:58:b8:9b:73:e7:f6:e3: 06:7c:22:0b:5f:5e:f3:1b:d4:dc:0f:cd:3f:29:d9: fb:88:75:e3:bc:0e:08:f3:ae:3a:e7:d0:1e:aa:fb: 0e:2a:c6:c4:8b:4d:c5:90:48:28:27:9a:e0:f7:60: 2f:8b:0f:61:9b:2f:8d:3c:fd:a6:06:97:61:a2:1e: 3c:01:44:9f:87:de:69:a1:b6:94:a3:07:94:a0:77: ad:6d:2c:f5:7e:ea:c4:77:f7:ac:ec:ed:7a:c6:b4: c3:f2:8d:34:01:dd:bc:6d:15:6d:24:5d:68:f2:cb: b6:39:cc:71:47:7d:51:19:1a:27:39:7c:2a:6f:af: 5c:f7:a6:b8:84:0b:0d:4b:db:bc:42:80:26:b9:8b: 93:ca:bb:82:16:ec:73:2a:37:bd:34:a3:ff:4e:e9: 0c:75:56:0e:d3:64:31:25:40:cb:ed:00:67:fd:43: 13:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:45:86:A4:3A:65:23:7A:FD:1E:05:3A:16:3A:BD:C7:0E:E5:6C:C9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a9d7c5f5-36de-4340-a315-95bb96771dbe.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 27.0.0.0/22 Signature Algorithm: sha256WithRSAEncryption b1:9a:14:a0:46:c3:cd:29:b6:09:5f:2d:0e:c1:19:23:04:b1: c0:f1:b8:ff:77:66:ac:49:64:d9:65:cb:f9:3c:d7:8a:50:d7: ae:bd:f6:b0:b3:96:f8:d7:83:50:97:15:2f:49:95:1b:31:47: 45:cd:b5:56:c1:3e:20:60:2e:f8:f6:38:45:ab:5b:61:d3:5e: fe:0e:52:0c:ff:4b:fc:30:e8:06:d4:f9:68:63:0c:6d:24:c0: e0:a0:c5:59:9f:fd:05:ae:85:5a:6a:1b:b4:a7:0c:9c:5e:7b: 47:36:b3:3b:5d:6d:09:e9:30:32:5a:19:cf:5a:71:6d:90:b8: 00:a8:f3:a7:6c:8a:cb:62:62:a4:f7:2f:1f:5e:f3:cb:09:28: f1:49:1a:88:6d:61:ff:3b:db:d0:46:93:e9:c8:69:16:5f:00: 45:5f:29:4a:0f:a6:2f:d4:5f:22:3b:2c:71:a9:f1:a3:81:1d: 39:d5:7d:ab:d7:69:59:af:e9:27:5f:d0:5a:a9:27:2c:94:4d: e1:de:71:18:2f:a5:c4:15:90:72:66:e7:8c:40:3c:2b:cd:45: a2:a0:89:e9:74:7b:ed:dc:83:da:07:fb:59:2a:c7:70:f4:62: a9:10:b2:f0:bb:d8:75:48:ed:e4:31:a8:86:25:3f:f1:31:15: 99:b5:0e:06 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUTYt4GgqOKwt5WePahvYlrTRlqucwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTEyMDAwMDAwMFoX DTI0MTIyNTIzNTk1OVowejFJMEcGA1UEBRNAN2FiMjI5MTVkYzgwZjc4MDg1NjU5 N2VlMGZlOWZhMDM2ZTU5NzRkOTBlMmYzODRjNjA2YmQ3ZGRlYWQxODdkMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsr4IxnSvDEFNPg9AQHgsaRxAPT3t EN4TTlwufwcFrSwPNe4l5dqqXWeYVgGGPcK3fSVAYKsHnKh4LXM6fWe0/GcmuRxU 3S08p1ZVsevcVi16VFi4m3Pn9uMGfCILX17zG9TcD80/Kdn7iHXjvA4I864659Ae qvsOKsbEi03FkEgoJ5rg92Aviw9hmy+NPP2mBpdhoh48AUSfh95pobaUoweUoHet bSz1furEd/es7O16xrTD8o00Ad28bRVtJF1o8su2OcxxR31RGRonOXwqb69c96a4 hAsNS9u8QoAmuYuTyruCFuxzKje9NKP/TukMdVYO02QxJUDL7QBn/UMTPQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFKdFhqQ6ZSN6/R4FOhY6vccO5WzJMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E5ZDdjNWY1LTM2ZGUtNDM0MC1hMzE1LTk1YmI5Njc3MWRiZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCGwAAMA0GCSqGSIb3DQEBCwUAA4IBAQCxmhSgRsPNKbYJXy0OwRkj BLHA8bj/d2asSWTZZcv5PNeKUNeuvfaws5b414NQlxUvSZUbMUdFzbVWwT4gYC74 9jhFq1th017+DlIM/0v8MOgG1PloYwxtJMDgoMVZn/0FroVaahu0pwycXntHNrM7 XW0J6TAyWhnPWnFtkLgAqPOnbIrLYmKk9y8fXvPLCSjxSRqIbWH/O9vQRpPpyGkW XwBFXylKD6Yv1F8iOyxxqfGjgR051X2r12lZr+knX9BaqScslE3h3nEYL6XEFZBy ZueMQDwrzUWioInpdHvt3IPaB/tZKsdw9GKpELLwu9h1SO3kMaiGJT/xMRWZtQ4G -----END CERTIFICATE-----Generated at Fri Nov 22 02:07:36 2024 by rpki-client on console-fra.rpki-client.org