$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d1333e17-04fe-4e6d-bd71-2a9ac1fe867f.roa File: d1333e17-04fe-4e6d-bd71-2a9ac1fe867f.roa (raw, json) Hash identifier: QrNWeD25kNeK5TXrytzXjIMFPecG4aztCxzHay80+zM= Subject key identifier: 77:4C:7E:C2:28:73:60:B2:A1:2C:66:82:76:F7:21:A2:C9:15:F9:12 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 5E161465B73742CE7D1D62B210E1F902B84BD60C Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d1333e17-04fe-4e6d-bd71-2a9ac1fe867f.roa Signing time: Tue 30 Apr 2024 00:00:00 +0000 ROA not before: Tue 30 Apr 2024 00:00:00 +0000 ROA not after: Tue 04 Jun 2024 23:59:59 +0000 asID: 14618 IP address blocks: 159.248.128.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 06 May 2024 00:01:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:16:14:65:b7:37:42:ce:7d:1d:62:b2:10:e1:f9:02:b8:4b:d6:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Apr 30 00:00:00 2024 GMT Not After : Jun 4 23:59:59 2024 GMT Subject: serialNumber=32a10def1bf4e70d0526225471047349cb6188bcd321e907fdd49e46a890048d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:ef:63:a6:05:82:4c:5c:54:75:37:5d:f2:a8: c8:5c:96:4f:08:4f:09:ba:27:bc:c5:18:72:f8:c5: ca:c5:38:80:ab:00:ee:76:16:71:b4:fe:bc:e0:75: 1a:df:97:e5:0b:50:a7:de:2b:fc:af:9c:9e:68:e4: 1d:16:c3:ef:15:54:98:0b:11:8d:f8:54:fe:30:0f: 7b:a4:c6:ae:3b:58:47:7f:77:9f:dc:b1:75:8d:13: 57:62:fd:91:8b:97:72:55:3c:b8:fa:16:6f:99:a1: 7e:fc:6d:fc:80:dc:0b:40:6b:ca:f5:96:62:b3:75: 28:f3:85:f2:e9:ca:53:7e:9f:63:76:92:a9:37:a2: c6:9f:e4:8a:57:f2:64:22:55:90:f5:d1:39:b8:66: 7b:c4:61:b5:f7:47:8e:64:77:ff:ba:6c:ce:d1:b2: d7:39:a2:c2:20:70:d5:c3:f1:c8:9a:09:30:f2:a2: 12:4e:85:90:40:f8:be:be:86:d8:4b:aa:62:ff:13: cc:a8:c5:6e:66:43:4c:de:aa:56:73:14:e7:88:c3: af:0c:e5:50:33:c9:7c:f5:d2:2d:e5:00:f9:6b:13: 5b:e1:e8:03:85:c3:b4:1d:23:26:c4:22:32:46:2b: 49:aa:99:dc:e5:d8:9a:ca:14:22:17:29:ef:f0:ba: 2c:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:4C:7E:C2:28:73:60:B2:A1:2C:66:82:76:F7:21:A2:C9:15:F9:12 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d1333e17-04fe-4e6d-bd71-2a9ac1fe867f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.128.0/22 Signature Algorithm: sha256WithRSAEncryption 6d:fe:52:20:fe:05:e7:d9:ac:6f:85:91:80:34:9a:92:b4:f5: ff:6d:e4:b8:19:51:38:0c:51:2c:88:2f:8f:67:9c:ca:02:40: 7b:28:d4:5e:f4:39:ef:ed:ac:91:f8:a6:a0:e4:fd:86:71:19: 52:c1:13:c8:84:54:18:d2:8e:ce:1f:af:e5:39:73:32:9c:da: 91:f4:74:5b:a7:47:9c:d3:22:7d:89:0d:f7:ed:2d:6e:d4:10: 3f:b9:05:0e:ca:92:b9:c6:28:43:34:99:7c:1e:bf:8c:e4:61: 2b:68:98:4c:6d:5e:d1:ca:ef:6a:56:41:a6:22:32:52:30:d4: 5e:2e:1e:f1:6f:31:14:0d:b6:63:f4:ce:bb:a6:0e:e4:5c:40: e2:26:b1:c4:ed:d8:c5:a9:3f:b5:8d:12:1b:2a:ab:d0:19:ec: 72:03:ac:61:9a:73:6b:2a:1e:39:73:41:38:13:a9:91:6e:17: db:0e:51:8e:d5:00:b0:31:8a:32:78:5a:7c:b9:6c:ef:f2:4d: 89:5c:f7:0e:62:54:21:16:4e:f9:83:72:54:3b:e3:aa:b5:07: 2f:61:3f:3c:46:38:d9:49:c5:a7:c2:48:7c:10:a2:4a:41:1d: 1d:47:ef:ff:74:33:84:69:5f:64:99:72:18:71:8f:b4:5d:13: bb:26:23:0a -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUXhYUZbc3Qs59HWKyEOH5ArhL1gwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI0MDQzMDAwMDAwMFoX DTI0MDYwNDIzNTk1OVowejFJMEcGA1UEBRNAMzJhMTBkZWYxYmY0ZTcwZDA1MjYy MjU0NzEwNDczNDljYjYxODhiY2QzMjFlOTA3ZmRkNDllNDZhODkwMDQ4ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3O9jpgWCTFxUdTdd8qjIXJZPCE8J uie8xRhy+MXKxTiAqwDudhZxtP684HUa35flC1Cn3iv8r5yeaOQdFsPvFVSYCxGN +FT+MA97pMauO1hHf3ef3LF1jRNXYv2Ri5dyVTy4+hZvmaF+/G38gNwLQGvK9ZZi s3Uo84Xy6cpTfp9jdpKpN6LGn+SKV/JkIlWQ9dE5uGZ7xGG190eOZHf/umzO0bLX OaLCIHDVw/HImgkw8qISToWQQPi+vobYS6pi/xPMqMVuZkNM3qpWcxTniMOvDOVQ M8l89dIt5QD5axNb4egDhcO0HSMmxCIyRitJqpnc5diayhQiFynv8Los+QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFHdMfsIoc2CyoSxmgnb3IaLJFfkSMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QxMzMzZTE3LTA0ZmUtNGU2ZC1iZDcxLTJhOWFjMWZlODY3Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCn/iAMA0GCSqGSIb3DQEBCwUAA4IBAQBt/lIg/gXn2axvhZGANJqS tPX/beS4GVE4DFEsiC+PZ5zKAkB7KNRe9Dnv7ayR+Kag5P2GcRlSwRPIhFQY0o7O H6/lOXMynNqR9HRbp0ec0yJ9iQ337S1u1BA/uQUOypK5xihDNJl8Hr+M5GEraJhM bV7Ryu9qVkGmIjJSMNReLh7xbzEUDbZj9M67pg7kXEDiJrHE7djFqT+1jRIbKqvQ GexyA6xhmnNrKh45c0E4E6mRbhfbDlGO1QCwMYoyeFp8uWzv8k2JXPcOYlQhFk75 g3JUO+OqtQcvYT88RjjZScWnwkh8EKJKQR0dR+//dDOEaV9kmXIYcY+0XRO7JiMK -----END CERTIFICATE-----Generated at Thu May 2 04:02:24 2024 by rpki-client on console-fra.rpki-client.org