$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/df93f29a-3b81-476a-8435-a32bae736189.roa File: df93f29a-3b81-476a-8435-a32bae736189.roa (raw, json) Hash identifier: ut+UI2GkvmLDu8lxLhxp4fCj1sOu6xb/JLih1HA4WLc= Subject key identifier: 5B:E3:E0:C0:DA:CC:AB:2B:90:2B:E4:AF:5B:89:AA:55:95:08:F2:7E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 53BB0DDACD57E1A4D0062496CF75D3BE04461A06 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/df93f29a-3b81-476a-8435-a32bae736189.roa Signing time: Fri 03 May 2024 00:00:00 +0000 ROA not before: Fri 03 May 2024 00:00:00 +0000 ROA not after: Fri 07 Jun 2024 23:59:59 +0000 asID: 8987 IP address blocks: 43.249.44.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 12 May 2024 15:21:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:bb:0d:da:cd:57:e1:a4:d0:06:24:96:cf:75:d3:be:04:46:1a:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 3 00:00:00 2024 GMT Not After : Jun 7 23:59:59 2024 GMT Subject: serialNumber=6df9c9248f69a82cc4a3b76a2af61437422405bd9465c841085890dfe081bdf6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:e2:64:29:80:71:49:ad:fc:1d:c1:b0:65:c7: cb:93:0a:29:6d:39:b0:d8:31:76:40:b1:80:6f:ec: c3:9b:7a:6e:43:52:90:f9:ae:2f:79:50:d3:aa:dc: df:ee:b9:a4:93:6f:5e:8d:d8:54:68:9b:29:6f:e8: a3:e1:c4:0f:a4:e8:7f:ae:34:57:4d:47:9c:7b:a3: 63:62:82:1e:b2:1e:1b:b1:d9:18:1c:2f:aa:50:41: df:2f:9a:1a:3a:3e:1a:29:87:bc:a7:48:6b:78:5e: 9b:57:00:29:1e:bf:3c:a7:30:87:92:c6:32:52:ba: 7c:f1:c9:8d:68:dd:22:c1:5f:0a:dc:14:0c:f2:d8: d5:ca:85:01:7e:06:af:c3:26:b9:0a:3b:26:a6:6a: 94:ed:68:4c:e0:20:06:6e:4e:2d:58:b9:4f:95:46: d2:7d:6c:f2:44:69:9c:84:d1:99:19:fc:af:60:5f: be:ac:8e:2f:5e:ce:c7:b2:93:2b:db:fd:2b:ad:12: 38:45:93:54:cf:7d:00:75:36:fb:62:52:81:4e:80: d3:2f:58:80:ac:27:79:cb:46:01:f4:d3:c2:b1:17: 4d:ab:76:09:7f:05:60:5a:20:e8:cb:54:62:2b:40: 44:17:65:3a:d6:34:d8:b6:25:29:5e:e1:8e:a3:cf: 0a:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:E3:E0:C0:DA:CC:AB:2B:90:2B:E4:AF:5B:89:AA:55:95:08:F2:7E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/df93f29a-3b81-476a-8435-a32bae736189.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.249.44.0/22 Signature Algorithm: sha256WithRSAEncryption 93:44:a7:69:88:a8:b2:de:1e:ba:77:6b:f2:52:ff:a0:51:3a: 0a:46:65:cd:41:52:3c:03:9b:9a:af:06:87:8f:f9:6b:da:84: fc:a4:7d:df:b3:d0:97:e8:a9:42:06:3b:a8:de:b6:78:9b:d5: 35:72:21:ee:33:3f:9c:d5:2e:68:2a:84:35:2f:e4:25:01:2d: 95:c2:67:4d:16:be:77:51:d4:d2:5c:ec:ec:02:62:59:0c:32: 93:71:25:a3:19:27:f5:c9:ec:e4:8c:57:eb:80:58:05:7a:ab: f7:5c:f3:d5:c1:15:9b:36:c8:f0:01:3f:8d:52:e3:b5:f2:b6: 9c:1d:97:3e:d4:31:de:de:c2:d3:4c:34:1c:88:1b:7e:e6:77: 90:15:d1:c4:ce:98:79:ed:0e:84:f3:c1:75:6b:32:4d:66:be: a3:c5:d3:d5:6d:8e:86:8a:31:bf:cf:69:46:5a:7f:ed:de:62: 0c:79:a3:42:e4:2c:05:38:9a:fa:8c:77:80:3d:7b:f7:08:cd: 3b:08:ce:bd:f4:5c:7a:35:3e:4f:7c:36:6b:24:73:24:d5:36: 9f:76:ab:8b:2e:d5:75:ed:12:54:b9:b3:8d:41:b4:6e:4c:70: 8c:82:77:78:26:80:09:e7:4e:89:08:b0:8e:5f:03:76:22:59: 8e:53:4b:13 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUU7sN2s1X4aTQBiSWz3XTvgRGGgYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDUwMzAwMDAwMFoX DTI0MDYwNzIzNTk1OVowejFJMEcGA1UEBRNANmRmOWM5MjQ4ZjY5YTgyY2M0YTNi NzZhMmFmNjE0Mzc0MjI0MDViZDk0NjVjODQxMDg1ODkwZGZlMDgxYmRmNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+JkKYBxSa38HcGwZcfLkwopbTmw 2DF2QLGAb+zDm3puQ1KQ+a4veVDTqtzf7rmkk29ejdhUaJspb+ij4cQPpOh/rjRX TUece6NjYoIesh4bsdkYHC+qUEHfL5oaOj4aKYe8p0hreF6bVwApHr88pzCHksYy Urp88cmNaN0iwV8K3BQM8tjVyoUBfgavwya5CjsmpmqU7WhM4CAGbk4tWLlPlUbS fWzyRGmchNGZGfyvYF++rI4vXs7HspMr2/0rrRI4RZNUz30AdTb7YlKBToDTL1iA rCd5y0YB9NPCsRdNq3YJfwVgWiDoy1RiK0BEF2U61jTYtiUpXuGOo88KYQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFFvj4MDazKsrkCvkr1uJqlWVCPJ+MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RmOTNmMjlhLTNiODEtNDc2YS04NDM1LWEzMmJhZTczNjE4OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/ksMA0GCSqGSIb3DQEBCwUAA4IBAQCTRKdpiKiy3h66d2vyUv+g UToKRmXNQVI8A5uarwaHj/lr2oT8pH3fs9CX6KlCBjuo3rZ4m9U1ciHuMz+c1S5o KoQ1L+QlAS2VwmdNFr53UdTSXOzsAmJZDDKTcSWjGSf1yezkjFfrgFgFeqv3XPPV wRWbNsjwAT+NUuO18racHZc+1DHe3sLTTDQciBt+5neQFdHEzph57Q6E88F1azJN Zr6jxdPVbY6GijG/z2lGWn/t3mIMeaNC5CwFOJr6jHeAPXv3CM07CM699Fx6NT5P fDZrJHMk1TafdquLLtV17RJUubONQbRuTHCMgnd4JoAJ506JCLCOXwN2IlmOU0sT -----END CERTIFICATE-----Generated at Wed May 8 17:46:25 2024 by rpki-client on console-ams.rpki-client.org