$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf289da6-3eab-42c8-9297-c9a682f901df.roa File: cf289da6-3eab-42c8-9297-c9a682f901df.roa (raw, json) Hash identifier: YPufHXxToGhXowdG9n/7GEHpCVK+9szSqufMqELWEvo= Subject key identifier: BE:33:6F:B4:DC:17:4C:84:D8:2C:D7:02:50:C0:6E:D7:9C:F2:B4:7C Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 5D384DE99ACA3C44CBDA3DFE0AFF30B28B1903DB Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf289da6-3eab-42c8-9297-c9a682f901df.roa Signing time: Tue 29 Oct 2024 00:00:00 +0000 ROA not before: Tue 29 Oct 2024 00:00:00 +0000 ROA not after: Tue 03 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.216.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 15:01:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:38:4d:e9:9a:ca:3c:44:cb:da:3d:fe:0a:ff:30:b2:8b:19:03:db Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Oct 29 00:00:00 2024 GMT Not After : Dec 3 23:59:59 2024 GMT Subject: serialNumber=5413311c0f676e17245f758313d04d7a39f256c8560179e1c1e41bb46d2193c6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:5a:87:59:71:52:0e:b7:54:35:8e:81:fe:aa: 40:5e:b8:a5:72:3a:7a:00:b5:ea:ff:e1:60:99:dd: a9:fa:7d:6b:70:4b:49:c7:43:9a:a8:5b:78:2c:e9: 23:7b:0a:e1:63:57:a2:55:59:ac:df:47:df:04:56: 4e:f1:8f:e6:f6:66:15:34:68:87:b2:3b:d0:87:f1: c7:d2:16:a1:6c:41:63:be:2f:f9:a2:bd:18:47:3d: 27:1c:7b:cb:7c:7f:c6:a3:7c:f3:f2:e9:77:8e:f1: 52:a1:b2:05:ac:99:25:3a:99:50:bc:cf:63:eb:42: 96:b7:22:a2:c7:4f:d6:37:9b:2b:be:aa:87:4f:c9: f3:c4:a7:91:05:3d:e0:84:f5:ef:6c:30:bc:3f:d8: d2:03:28:26:1d:ae:86:56:51:65:3b:77:9c:9b:be: bc:98:ef:f2:43:42:8d:c9:b6:5e:ba:21:84:b8:7b: 88:75:62:d6:c6:00:86:2e:3a:20:85:10:e8:94:e2: 12:37:5a:3a:54:b1:91:96:61:b6:a5:7e:8c:27:98: cf:6f:04:16:c2:7d:8d:06:03:52:9c:63:1c:ea:31: f1:47:9d:ac:42:36:7e:73:6c:df:38:2b:05:0f:6c: ea:69:28:3d:89:a1:18:75:34:53:f2:4c:5e:55:08: d7:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:33:6F:B4:DC:17:4C:84:D8:2C:D7:02:50:C0:6E:D7:9C:F2:B4:7C X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf289da6-3eab-42c8-9297-c9a682f901df.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.216.0/21 Signature Algorithm: sha256WithRSAEncryption 12:e4:e9:31:00:19:28:3a:41:49:dc:cb:93:a0:42:c7:49:ed: e6:2f:d8:1e:66:e6:83:28:42:e6:3d:1a:b0:53:c1:eb:6a:ac: 87:73:22:16:4e:e7:ab:ec:eb:1f:ae:9f:c1:00:8a:3f:ea:75: b5:fb:75:fa:00:39:1d:1e:15:99:2c:42:3c:b1:b6:f9:01:d6: bc:8d:c5:fd:7f:e7:29:b9:69:7a:2f:fa:9d:b6:01:ed:71:5b: e6:d2:23:dd:fd:77:92:b0:5f:65:18:c4:5f:45:8a:a4:04:18: 97:e6:40:e6:ff:a2:93:f9:32:52:6e:e4:08:3e:13:fc:c7:f0: 3b:18:02:3b:1c:14:17:33:30:88:29:67:ec:0c:4c:3c:56:1f: c7:9a:d3:0f:7e:0c:61:df:8a:53:4f:7d:03:8d:28:6b:ed:af: 59:fd:ee:1e:87:41:74:b9:bc:28:18:89:6a:85:e3:e5:ac:77: 8d:e5:46:c7:6a:b2:fb:ba:b9:f0:2b:94:a6:7b:d7:f8:da:79: 0a:52:41:e3:2f:cc:bc:15:8b:56:53:29:46:8b:f1:fc:37:54: b5:3a:a1:06:be:22:36:22:6b:3a:8a:46:5f:59:43:9f:9c:49: 4a:c0:d1:02:fd:c0:36:96:c2:b0:73:1d:b4:81:d1:ea:28:1d: 35:06:ce:e6 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUXThN6ZrKPETL2j3+Cv8wsosZA9swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI0MTAyOTAwMDAwMFoX DTI0MTIwMzIzNTk1OVowejFJMEcGA1UEBRNANTQxMzMxMWMwZjY3NmUxNzI0NWY3 NTgzMTNkMDRkN2EzOWYyNTZjODU2MDE3OWUxYzFlNDFiYjQ2ZDIxOTNjNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVqHWXFSDrdUNY6B/qpAXrilcjp6 ALXq/+Fgmd2p+n1rcEtJx0OaqFt4LOkjewrhY1eiVVms30ffBFZO8Y/m9mYVNGiH sjvQh/HH0hahbEFjvi/5or0YRz0nHHvLfH/Go3zz8ul3jvFSobIFrJklOplQvM9j 60KWtyKix0/WN5srvqqHT8nzxKeRBT3ghPXvbDC8P9jSAygmHa6GVlFlO3ecm768 mO/yQ0KNybZeuiGEuHuIdWLWxgCGLjoghRDolOISN1o6VLGRlmG2pX6MJ5jPbwQW wn2NBgNSnGMc6jHxR52sQjZ+c2zfOCsFD2zqaSg9iaEYdTRT8kxeVQjX2wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFL4zb7TcF0yE2CzXAlDAbtec8rR8MB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NmMjg5ZGE2LTNlYWItNDJjOC05Mjk3LWM5YTY4MmY5MDFkZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jYMA0GCSqGSIb3DQEBCwUAA4IBAQAS5OkxABkoOkFJ3MuToELH Se3mL9geZuaDKELmPRqwU8HraqyHcyIWTuer7Osfrp/BAIo/6nW1+3X6ADkdHhWZ LEI8sbb5Ada8jcX9f+cpuWl6L/qdtgHtcVvm0iPd/XeSsF9lGMRfRYqkBBiX5kDm /6KT+TJSbuQIPhP8x/A7GAI7HBQXMzCIKWfsDEw8Vh/HmtMPfgxh34pTT30DjShr 7a9Z/e4eh0F0ubwoGIlqhePlrHeN5UbHarL7urnwK5Sme9f42nkKUkHjL8y8FYtW UylGi/H8N1S1OqEGviI2Ims6ikZfWUOfnElKwNEC/cA2lsKwcx20gdHqKB01Bs7m -----END CERTIFICATE-----Generated at Fri Nov 22 01:33:39 2024 by rpki-client on console-ams.rpki-client.org