$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c46353d6-f66a-4ac6-aeca-c8f320ebee9a.roa File: c46353d6-f66a-4ac6-aeca-c8f320ebee9a.roa (raw, json) Hash identifier: EhoWl8bNfcgiJ6avj7NjYumYDcGDu7RQXK+Py8z+wNE= Subject key identifier: 94:66:E2:08:02:EB:A3:C6:5B:7C:37:3B:AC:35:F1:52:92:11:FD:AE Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 17370E462EE04B4D956C705975291C11CCF53600 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c46353d6-f66a-4ac6-aeca-c8f320ebee9a.roa Signing time: Wed 13 Mar 2024 00:00:00 +0000 ROA not before: Wed 13 Mar 2024 00:00:00 +0000 ROA not after: Wed 17 Apr 2024 23:59:59 +0000 asID: 14618 IP address blocks: 159.248.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Mar 2024 12:04:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:37:0e:46:2e:e0:4b:4d:95:6c:70:59:75:29:1c:11:cc:f5:36:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Mar 13 00:00:00 2024 GMT Not After : Apr 17 23:59:59 2024 GMT Subject: serialNumber=7e10232611a70d446b5ca4c6babc4dde3942b355f80f66d18ee1d7a896d2936c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:f0:0a:a9:2e:b9:b5:30:81:6b:3c:d8:d6:c4: 4d:31:11:f6:06:20:f3:4a:dd:06:66:94:8c:0e:69: d1:45:01:96:0b:44:f5:a1:3b:5d:06:85:2d:37:64: aa:32:eb:44:23:a3:8f:6b:57:0b:b1:33:71:60:0b: 52:91:bf:79:de:ab:9d:4c:f4:55:49:bd:79:17:b3: b6:82:a6:c9:b5:62:b0:bb:f3:d0:2a:0e:16:60:21: dd:4e:7b:68:10:55:27:2a:2d:a4:a2:e2:29:47:fd: 1c:fe:9a:45:6e:33:14:71:98:86:c2:90:19:f5:9f: 8c:cc:2c:73:3c:5d:de:89:40:62:ad:44:9e:9f:12: d1:bb:c9:29:38:31:a2:51:41:f6:cd:72:ed:0f:2c: d9:7b:7b:85:0e:9a:48:02:6c:8a:85:21:5c:d6:b7: ce:38:0b:a4:f7:9c:24:e4:1f:2b:df:b2:02:b1:45: c7:9a:8b:ae:43:ab:37:e3:33:6c:fa:59:71:14:e0: 74:5c:67:04:e0:a1:d6:66:fe:eb:65:3a:45:7b:d4: 66:44:fe:50:3e:96:ca:61:a2:72:4f:40:dc:35:62: 48:59:b6:f1:d3:00:d3:b6:24:6f:1a:9e:d2:1e:9a: 3c:b8:73:cc:dc:32:7f:ed:e5:e1:23:88:8e:df:58: f6:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:66:E2:08:02:EB:A3:C6:5B:7C:37:3B:AC:35:F1:52:92:11:FD:AE X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c46353d6-f66a-4ac6-aeca-c8f320ebee9a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.0.0/16 Signature Algorithm: sha256WithRSAEncryption 36:3d:2f:06:72:79:83:84:b1:31:d2:81:f7:9d:07:b0:85:c7: 32:39:03:95:10:ec:37:bf:17:d9:37:11:62:22:a5:24:24:9f: e5:43:8c:82:ac:c7:ec:2d:30:77:9d:92:26:a6:db:99:46:9c: fd:b8:1b:f8:9e:e2:26:26:6e:a4:88:f7:1d:2d:3f:e5:68:02: a7:01:6d:78:d0:c9:7f:04:55:6b:86:5a:f3:4f:22:9d:3d:21: fe:e2:33:27:20:67:71:f5:25:7d:07:b0:6a:99:ed:a1:e8:50: 64:61:7a:62:be:a9:9e:32:93:06:a5:cf:7f:9a:87:34:c3:98: 5a:1c:e5:60:3c:6c:04:02:48:3d:76:4e:f6:f6:a6:09:71:37: 4e:32:fb:42:54:2b:56:40:dd:8f:cd:91:ef:9a:1c:00:50:8e: 20:6f:52:6e:e2:e5:4e:c0:fd:c6:9c:f5:e0:27:e9:1f:34:e6: 62:eb:9d:9c:28:4a:15:87:89:be:87:1d:b5:12:f0:cf:fb:58: 7e:a4:36:f2:56:ec:4c:58:5e:8d:10:6a:9f:d7:9f:9d:20:15: 62:04:60:b1:45:d5:f3:95:e7:4c:f6:dc:b9:33:b5:6c:58:6a: 34:9a:d9:7f:33:bb:96:86:ea:56:2b:d1:b5:36:9f:a7:44:b0: fb:73:7b:ee -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUFzcORi7gS02VbHBZdSkcEcz1NgAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI0MDMxMzAwMDAwMFoX DTI0MDQxNzIzNTk1OVowejFJMEcGA1UEBRNAN2UxMDIzMjYxMWE3MGQ0NDZiNWNh NGM2YmFiYzRkZGUzOTQyYjM1NWY4MGY2NmQxOGVlMWQ3YTg5NmQyOTM2YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/AKqS65tTCBazzY1sRNMRH2BiDz St0GZpSMDmnRRQGWC0T1oTtdBoUtN2SqMutEI6OPa1cLsTNxYAtSkb953qudTPRV Sb15F7O2gqbJtWKwu/PQKg4WYCHdTntoEFUnKi2kouIpR/0c/ppFbjMUcZiGwpAZ 9Z+MzCxzPF3eiUBirUSenxLRu8kpODGiUUH2zXLtDyzZe3uFDppIAmyKhSFc1rfO OAuk95wk5B8r37ICsUXHmouuQ6s34zNs+llxFOB0XGcE4KHWZv7rZTpFe9RmRP5Q PpbKYaJyT0DcNWJIWbbx0wDTtiRvGp7SHpo8uHPM3DJ/7eXhI4iO31j2nQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFJRm4ggC66PGW3w3O6w18VKSEf2uMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M0NjM1M2Q2LWY2NmEtNGFjNi1hZWNhLWM4ZjMyMGViZWU5YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMAn/gwDQYJKoZIhvcNAQELBQADggEBADY9LwZyeYOEsTHSgfedB7CF xzI5A5UQ7De/F9k3EWIipSQkn+VDjIKsx+wtMHedkiam25lGnP24G/ie4iYmbqSI 9x0tP+VoAqcBbXjQyX8EVWuGWvNPIp09If7iMycgZ3H1JX0HsGqZ7aHoUGRhemK+ qZ4ykwalz3+ahzTDmFoc5WA8bAQCSD12Tvb2pglxN04y+0JUK1ZA3Y/Nke+aHABQ jiBvUm7i5U7A/cac9eAn6R805mLrnZwoShWHib6HHbUS8M/7WH6kNvJW7ExYXo0Q ap/Xn50gFWIEYLFF1fOV50z23LkztWxYajSa2X8zu5aG6lYr0bU2n6dEsPtze+4= -----END CERTIFICATE-----Generated at Fri Mar 29 02:36:31 2024 by rpki-client on console-fra.rpki-client.org