$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/df93f29a-3b81-476a-8435-a32bae736189.roa File: df93f29a-3b81-476a-8435-a32bae736189.roa (raw, json) Hash identifier: ex88X48j/KOUsp6T4QMAi3DiB2iWQNCfex8NzdkUN+I= Subject key identifier: 00:CF:74:B0:1C:F3:1C:D4:16:DA:FC:85:3D:82:B8:2E:73:F1:B5:39 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 39714232375F6D84725B6C6F371AB4E72BEEAA89 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/df93f29a-3b81-476a-8435-a32bae736189.roa Signing time: Wed 17 Jul 2024 00:00:00 +0000 ROA not before: Wed 17 Jul 2024 00:00:00 +0000 ROA not after: Wed 21 Aug 2024 23:59:59 +0000 asID: 8987 IP address blocks: 43.249.44.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:71:42:32:37:5f:6d:84:72:5b:6c:6f:37:1a:b4:e7:2b:ee:aa:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 17 00:00:00 2024 GMT Not After : Aug 21 23:59:59 2024 GMT Subject: serialNumber=feaddafad24c50fa5d5805ad1a73b3672f84002c43a84e2da73276b3a67855d0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:ac:8c:bd:90:41:dc:c5:65:e8:68:60:6f:ef: 81:f6:f2:bb:d2:91:c3:91:85:5e:80:39:99:96:07: 4e:2a:45:59:6c:d4:19:79:30:77:fc:9a:00:1a:7e: 88:4b:a1:26:66:2f:00:54:d3:a2:4a:d6:35:f0:0b: 3e:13:c2:5c:e3:5f:f7:4e:5b:f6:d2:54:e5:02:7b: f4:fc:96:16:bb:d3:57:d3:85:e3:f0:05:3c:e2:c7: e5:4e:cd:0d:7e:bd:64:d0:ef:f2:c6:92:2c:02:d9: 82:50:a7:ab:db:ca:eb:5b:1a:0f:18:9a:34:9b:b0: 63:45:1e:db:95:ff:3e:63:45:c1:c5:a9:0c:50:b7: eb:49:6c:65:14:99:0f:6a:b7:2c:d9:bb:2f:d6:85: ec:09:c6:8c:69:88:da:36:b1:b1:9c:b0:6d:84:b3: 75:50:9e:57:7f:ed:cc:7f:77:a9:f7:0c:a6:81:52: 91:ee:81:c2:1c:07:b8:a3:2a:28:d4:17:ff:c2:76: aa:44:b5:eb:5a:1e:a1:1f:65:67:63:bb:10:b0:b3: 88:6b:de:83:fc:2c:da:19:ce:69:83:4f:c0:b4:7b: c3:47:21:96:6b:ff:91:69:33:e4:2a:ac:da:78:06: 9a:40:24:01:19:81:79:97:64:a9:85:5b:55:87:99: 43:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:CF:74:B0:1C:F3:1C:D4:16:DA:FC:85:3D:82:B8:2E:73:F1:B5:39 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/df93f29a-3b81-476a-8435-a32bae736189.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.249.44.0/22 Signature Algorithm: sha256WithRSAEncryption 93:4d:d7:2d:e4:45:7f:94:d9:19:60:8c:ee:1e:4d:97:fa:0f: 54:1a:03:0f:8a:e2:9a:4e:cd:4d:e8:9c:ce:53:1d:79:6e:a2: 23:f9:ef:49:eb:ac:00:d0:b4:40:16:37:74:ac:58:d2:c4:bc: b9:03:70:e0:f1:58:fa:f0:f5:3e:74:fc:3b:57:8a:f6:2d:09: 35:1d:ec:a4:13:c5:cb:de:bd:a3:b6:13:1b:e0:fd:15:60:1b: d6:61:3e:ce:e2:b1:d3:44:c6:de:f4:92:65:87:9a:16:7b:34: d1:71:5a:df:e2:1e:8b:88:8b:7e:a5:15:96:ac:ac:a2:4c:ed: 60:97:f6:35:d3:57:9e:c9:08:41:22:74:35:46:7b:e5:84:21: 74:f5:6b:8c:65:c8:17:69:6b:74:94:2a:7c:14:66:0a:2a:c9: 80:6b:b3:83:05:ba:b7:56:47:ef:3b:3f:3e:17:2c:fe:66:50: da:a9:2d:d1:71:57:0e:b2:51:97:84:c6:8c:17:e5:e2:26:9d: d7:87:77:e6:f6:41:3e:75:51:07:5a:ed:e8:7c:ba:89:52:60: 34:74:ff:e9:a4:14:9b:ae:1a:48:94:c1:f1:60:b0:10:4a:e9: 3d:3b:83:29:52:56:9e:1f:2f:84:56:86:ef:ab:46:9f:bb:b6: cf:16:50:27 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUOXFCMjdfbYRyW2xvNxq05yvuqokwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNzAwMDAwMFoX DTI0MDgyMTIzNTk1OVowejFJMEcGA1UEBRNAZmVhZGRhZmFkMjRjNTBmYTVkNTgw NWFkMWE3M2IzNjcyZjg0MDAyYzQzYTg0ZTJkYTczMjc2YjNhNjc4NTVkMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuayMvZBB3MVl6Ghgb++B9vK70pHD kYVegDmZlgdOKkVZbNQZeTB3/JoAGn6IS6EmZi8AVNOiStY18As+E8Jc41/3Tlv2 0lTlAnv0/JYWu9NX04Xj8AU84sflTs0Nfr1k0O/yxpIsAtmCUKer28rrWxoPGJo0 m7BjRR7blf8+Y0XBxakMULfrSWxlFJkParcs2bsv1oXsCcaMaYjaNrGxnLBthLN1 UJ5Xf+3Mf3ep9wymgVKR7oHCHAe4oyoo1Bf/wnaqRLXrWh6hH2VnY7sQsLOIa96D /CzaGc5pg0/AtHvDRyGWa/+RaTPkKqzaeAaaQCQBGYF5l2SphVtVh5lDlwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFADPdLAc8xzUFtr8hT2CuC5z8bU5MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RmOTNmMjlhLTNiODEtNDc2YS04NDM1LWEzMmJhZTczNjE4OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/ksMA0GCSqGSIb3DQEBCwUAA4IBAQCTTdct5EV/lNkZYIzuHk2X +g9UGgMPiuKaTs1N6JzOUx15bqIj+e9J66wA0LRAFjd0rFjSxLy5A3Dg8Vj68PU+ dPw7V4r2LQk1HeykE8XL3r2jthMb4P0VYBvWYT7O4rHTRMbe9JJlh5oWezTRcVrf 4h6LiIt+pRWWrKyiTO1gl/Y101eeyQhBInQ1RnvlhCF09WuMZcgXaWt0lCp8FGYK KsmAa7ODBbq3VkfvOz8+Fyz+ZlDaqS3RcVcOslGXhMaMF+XiJp3Xh3fm9kE+dVEH Wu3ofLqJUmA0dP/ppBSbrhpIlMHxYLAQSuk9O4MpUlaeHy+EVobvq0afu7bPFlAn -----END CERTIFICATE-----Generated at Fri Jul 26 02:06:17 2024 by rpki-client on console-fra.rpki-client.org