$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d18856ee-503c-4c21-86dd-30078f2c3aee.roa File: d18856ee-503c-4c21-86dd-30078f2c3aee.roa (raw, json) Hash identifier: 85KqTlXtCDdyoeMHtyQMmEdaN2S8QlKACDX8b3tjUvg= Subject key identifier: 50:15:4E:57:E6:23:70:5E:53:D8:76:F2:2B:01:04:25:E2:49:6A:7C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 36D722A2ED05FED63113D957C2CCF28B248042F9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d18856ee-503c-4c21-86dd-30078f2c3aee.roa Signing time: Mon 18 Nov 2024 00:00:00 +0000 ROA not before: Mon 18 Nov 2024 00:00:00 +0000 ROA not after: Mon 23 Dec 2024 23:59:59 +0000 asID: 8987 IP address blocks: 43.208.0.0/13 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:27:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:d7:22:a2:ed:05:fe:d6:31:13:d9:57:c2:cc:f2:8b:24:80:42:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 18 00:00:00 2024 GMT Not After : Dec 23 23:59:59 2024 GMT Subject: serialNumber=0037195b3019daf217ce662783e8dffda475cbf582f4b00ad70ff4e93b51479d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:28:fb:fa:8d:75:f4:5f:af:99:c1:7f:65:ed: 75:8b:bc:1d:f5:d1:c7:3c:b2:9a:c6:e4:cc:49:80: a8:47:0e:8a:f6:9a:98:c4:84:0d:b7:79:b5:23:bf: 5f:52:0e:6c:e0:5a:10:bc:5d:fb:af:ef:e4:ed:99: 7c:a6:b5:11:8f:47:dd:a5:0c:26:9b:5b:88:55:82: d3:19:0e:20:8a:78:af:ef:1f:37:af:eb:23:31:1d: b5:29:99:d5:cc:25:6c:14:04:4f:e4:5d:5c:4e:42: e4:e0:b3:1b:28:72:57:0a:f3:64:ce:81:6a:84:dd: 6b:a4:a3:b2:bf:ef:20:f1:ee:a7:c0:10:b7:8b:86: 52:3a:ef:19:05:ca:7d:0a:a0:f8:bc:ae:8d:ab:cb: 03:68:b7:7f:85:17:62:d4:46:69:9b:2c:57:68:d8: 20:a8:9b:e8:01:ef:50:66:bd:93:3d:08:b5:ac:00: fb:f4:fa:fa:d5:ef:89:05:c6:d5:4d:99:28:84:ef: bf:8d:4e:5a:8e:e0:40:ad:97:d3:6a:11:30:c6:cf: af:6a:e7:4d:f8:a9:68:51:30:3d:42:1f:a4:f1:86: ae:c7:c2:0b:8c:69:a1:b5:ae:b0:5f:0b:88:6b:8e: f9:7c:c4:f9:4c:20:69:41:ce:12:2c:71:87:67:2e: c7:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:15:4E:57:E6:23:70:5E:53:D8:76:F2:2B:01:04:25:E2:49:6A:7C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d18856ee-503c-4c21-86dd-30078f2c3aee.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.208.0.0/13 Signature Algorithm: sha256WithRSAEncryption 8a:65:95:b8:27:0a:8f:d3:21:cd:25:d1:ea:45:33:33:3e:33: 58:ac:b8:84:59:d0:1e:a9:8d:be:8f:12:df:e6:94:b1:9d:6c: 79:51:6b:e3:dc:f3:08:66:35:7b:67:a3:d8:91:f7:a8:05:6b: 42:08:df:38:21:2e:bb:af:94:7c:9c:70:49:fa:73:bf:45:aa: 5c:6f:7e:84:38:81:05:28:12:d4:7f:58:eb:69:e5:ca:78:ea: ca:0d:00:94:b0:66:e9:56:c2:69:09:63:ff:b8:60:4e:dd:fd: 3e:4a:c0:bb:ac:e2:52:90:5d:33:b5:b8:62:43:87:bc:7d:31: 17:e1:52:0e:3f:7c:40:dd:1f:98:87:9f:24:64:ea:11:d7:41: a7:13:db:17:12:0e:b7:07:a8:43:67:e9:80:89:1d:0d:17:5f: 3c:f5:53:97:87:48:8f:70:ad:42:5a:7d:9a:cc:39:ba:1a:55: 93:0f:aa:ad:7c:44:76:8d:b5:99:2d:8c:90:cc:c8:84:33:c9: 4b:cd:f7:61:1c:ca:af:e3:24:7f:6a:cf:b9:c6:b1:a8:f2:d8: 67:5f:3c:e5:54:2b:fc:39:0e:a5:d4:8a:4e:70:84:ba:1a:1f: 58:f5:e6:e7:cf:db:87:f3:f7:74:ac:f3:ca:5e:ed:b5:aa:af: 33:37:75:c7 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUNtciou0F/tYxE9lXwszyiySAQvkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTExODAwMDAwMFoX DTI0MTIyMzIzNTk1OVowejFJMEcGA1UEBRNAMDAzNzE5NWIzMDE5ZGFmMjE3Y2U2 NjI3ODNlOGRmZmRhNDc1Y2JmNTgyZjRiMDBhZDcwZmY0ZTkzYjUxNDc5ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSj7+o119F+vmcF/Ze11i7wd9dHH PLKaxuTMSYCoRw6K9pqYxIQNt3m1I79fUg5s4FoQvF37r+/k7Zl8prURj0fdpQwm m1uIVYLTGQ4giniv7x83r+sjMR21KZnVzCVsFARP5F1cTkLk4LMbKHJXCvNkzoFq hN1rpKOyv+8g8e6nwBC3i4ZSOu8ZBcp9CqD4vK6Nq8sDaLd/hRdi1EZpmyxXaNgg qJvoAe9QZr2TPQi1rAD79Pr61e+JBcbVTZkohO+/jU5ajuBArZfTahEwxs+vaudN +KloUTA9Qh+k8Yaux8ILjGmhta6wXwuIa475fMT5TCBpQc4SLHGHZy7HSwIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFFAVTlfmI3BeU9h28isBBCXiSWp8MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QxODg1NmVlLTUwM2MtNGMyMS04NmRkLTMwMDc4ZjJjM2FlZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMDK9AwDQYJKoZIhvcNAQELBQADggEBAIpllbgnCo/TIc0l0epFMzM+ M1isuIRZ0B6pjb6PEt/mlLGdbHlRa+Pc8whmNXtno9iR96gFa0II3zghLruvlHyc cEn6c79FqlxvfoQ4gQUoEtR/WOtp5cp46soNAJSwZulWwmkJY/+4YE7d/T5KwLus 4lKQXTO1uGJDh7x9MRfhUg4/fEDdH5iHnyRk6hHXQacT2xcSDrcHqENn6YCJHQ0X Xzz1U5eHSI9wrUJafZrMOboaVZMPqq18RHaNtZktjJDMyIQzyUvN92Ecyq/jJH9q z7nGsajy2GdfPOVUK/w5DqXUik5whLoaH1j15ufP24fz93Ss88pe7bWqrzM3dcc= -----END CERTIFICATE-----Generated at Fri Nov 22 02:07:37 2024 by rpki-client on console-fra.rpki-client.org