$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c29c3a7e-a7ae-4418-af26-16585304f365.roa File: c29c3a7e-a7ae-4418-af26-16585304f365.roa (raw, json) Hash identifier: TSIH/nFgAEL7LYsPUDQF+4XxEiRK53gGozH8AGhe6hw= Subject key identifier: 3C:A0:DF:FA:B1:A9:D1:FB:A1:B6:8D:61:C0:65:CC:E8:9C:93:B3:62 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 4E73D5D3CF1C97828A4CDB332FFED8F275DC1DDE Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c29c3a7e-a7ae-4418-af26-16585304f365.roa Signing time: Mon 18 Nov 2024 00:00:00 +0000 ROA not before: Mon 18 Nov 2024 00:00:00 +0000 ROA not after: Mon 23 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 15:01:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:73:d5:d3:cf:1c:97:82:8a:4c:db:33:2f:fe:d8:f2:75:dc:1d:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Nov 18 00:00:00 2024 GMT Not After : Dec 23 23:59:59 2024 GMT Subject: serialNumber=bf31b75b895b43963d264f4e7a46396c7fa625b3044b7b41e24612e2eabf3909, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:b5:93:48:45:01:f9:1a:f9:2a:4d:c6:fd:7f: 1e:9f:28:66:60:f7:06:29:ce:56:91:b1:bf:e3:f7: dc:45:c4:08:d7:d2:10:7a:25:25:2f:f7:ae:b2:ef: a4:39:72:02:46:0e:86:1b:3c:63:26:8f:d2:2b:4d: 6b:a2:55:e2:d5:f1:ed:84:c5:71:5f:6c:ca:56:65: cc:ef:5f:ca:4f:fc:4b:42:78:6e:ee:4d:6f:20:bb: 23:a9:1d:fd:59:69:c3:5e:52:a7:8c:bd:48:65:0c: ac:f7:3f:78:61:99:56:73:3e:be:e9:8d:c8:3d:89: 61:c7:fb:e5:17:b4:5d:62:45:dc:e9:1e:6a:00:aa: d8:75:0a:91:e6:8b:fb:93:c8:a3:f0:50:f5:1e:97: ff:dc:02:f0:61:0e:ed:b8:08:43:17:bf:53:ec:a5: 06:64:eb:cf:7b:a9:ba:8e:90:09:ae:dd:9e:10:36: 19:ab:1a:69:85:57:29:c5:25:e3:f8:01:62:7d:74: 0e:96:ec:dc:9f:1c:11:6d:59:38:12:bd:31:73:0b: f5:c5:b4:da:a7:55:9b:05:37:bf:15:1f:46:cd:5f: 3b:fc:80:02:52:25:0a:2e:65:d8:cb:fc:0d:28:30: 53:51:90:5c:92:17:1d:42:40:f9:6d:60:9e:e6:ef: 09:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:A0:DF:FA:B1:A9:D1:FB:A1:B6:8D:61:C0:65:CC:E8:9C:93:B3:62 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c29c3a7e-a7ae-4418-af26-16585304f365.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.0.0/16 Signature Algorithm: sha256WithRSAEncryption 0f:a2:88:17:de:95:b1:a2:25:f8:bd:45:87:43:28:fb:a1:88: 23:d8:00:e6:63:d6:ca:70:0b:9d:34:80:c0:a5:6b:9c:f9:17: 50:f7:63:98:99:e7:4e:f7:8f:6c:bd:2f:ca:30:17:77:47:b9: a7:43:de:de:1f:41:ee:61:d5:a9:37:c1:3b:89:1c:2b:0c:81: 9e:d7:a8:ab:60:bf:21:e7:92:e0:47:cb:94:bd:c3:fa:8d:3d: a5:a9:93:cc:b8:a9:1a:ce:4a:0b:d7:5a:24:3f:da:b4:b2:3b: 1e:d6:8d:96:87:bc:d9:2d:0e:e5:42:67:90:40:e1:29:df:86: d5:6e:88:c0:ba:5a:9b:46:50:ce:b9:1d:35:5e:1b:15:42:48: a0:f1:ab:86:0d:81:68:5e:7a:28:71:b0:73:a7:9b:5f:53:78: a1:e2:43:f4:6f:4d:4c:70:8b:6e:6e:39:1a:ee:8c:a6:f5:9f: 3e:79:ef:56:86:5a:f7:02:c4:7a:a2:38:a7:e0:d1:9b:1a:6d: 3b:0f:06:9c:9c:c6:e1:08:1f:2a:c2:73:da:30:21:36:78:2d: 61:7f:b2:c0:42:c9:5d:d1:ae:d9:24:b9:dd:e6:ea:94:69:0a: 01:a0:b5:db:93:b6:82:4c:9d:1e:92:c1:74:d0:d2:d0:24:c2: 86:46:bb:ba -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUTnPV088cl4KKTNszL/7Y8nXcHd4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI0MTExODAwMDAwMFoX DTI0MTIyMzIzNTk1OVowejFJMEcGA1UEBRNAYmYzMWI3NWI4OTViNDM5NjNkMjY0 ZjRlN2E0NjM5NmM3ZmE2MjViMzA0NGI3YjQxZTI0NjEyZTJlYWJmMzkwOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrWTSEUB+Rr5Kk3G/X8enyhmYPcG Kc5WkbG/4/fcRcQI19IQeiUlL/eusu+kOXICRg6GGzxjJo/SK01rolXi1fHthMVx X2zKVmXM71/KT/xLQnhu7k1vILsjqR39WWnDXlKnjL1IZQys9z94YZlWcz6+6Y3I PYlhx/vlF7RdYkXc6R5qAKrYdQqR5ov7k8ij8FD1Hpf/3ALwYQ7tuAhDF79T7KUG ZOvPe6m6jpAJrt2eEDYZqxpphVcpxSXj+AFifXQOluzcnxwRbVk4Er0xcwv1xbTa p1WbBTe/FR9GzV87/IACUiUKLmXYy/wNKDBTUZBckhcdQkD5bWCe5u8JKQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFDyg3/qxqdH7obaNYcBlzOick7NiMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MyOWMzYTdlLWE3YWUtNDQxOC1hZjI2LTE2NTg1MzA0ZjM2NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMAn/gwDQYJKoZIhvcNAQELBQADggEBAA+iiBfelbGiJfi9RYdDKPuh iCPYAOZj1spwC500gMCla5z5F1D3Y5iZ5073j2y9L8owF3dHuadD3t4fQe5h1ak3 wTuJHCsMgZ7XqKtgvyHnkuBHy5S9w/qNPaWpk8y4qRrOSgvXWiQ/2rSyOx7WjZaH vNktDuVCZ5BA4SnfhtVuiMC6WptGUM65HTVeGxVCSKDxq4YNgWheeihxsHOnm19T eKHiQ/RvTUxwi25uORrujKb1nz5571aGWvcCxHqiOKfg0ZsabTsPBpycxuEIHyrC c9owITZ4LWF/ssBCyV3Rrtkkud3m6pRpCgGgtduTtoJMnR6SwXTQ0tAkwoZGu7o= -----END CERTIFICATE-----Generated at Fri Nov 22 02:07:36 2024 by rpki-client on console-fra.rpki-client.org