$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e05f4504-bb83-4b18-bbd9-8d82e42913d5.roa File: e05f4504-bb83-4b18-bbd9-8d82e42913d5.roa (raw, json) Hash identifier: B7tnq8anvagDcpqfy04LQWKbzuPYQg8OWdowxt7GnUs= Subject key identifier: 99:5D:EC:3C:53:40:D4:99:14:DF:AA:8E:CE:F2:6B:90:92:8A:E9:69 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 2C84025864E62CCEA5FBC1A2191F435FA2F6289F Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e05f4504-bb83-4b18-bbd9-8d82e42913d5.roa Signing time: Sat 23 Nov 2024 00:00:00 +0000 ROA not before: Sat 23 Nov 2024 00:00:00 +0000 ROA not after: Sat 28 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.200.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 00:03:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:84:02:58:64:e6:2c:ce:a5:fb:c1:a2:19:1f:43:5f:a2:f6:28:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Nov 23 00:00:00 2024 GMT Not After : Dec 28 23:59:59 2024 GMT Subject: serialNumber=e59a4806c2189a2d0ca49c5f71c09272ba9ca7171bc1ce66097790b9bd501459, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:06:b1:a9:16:fc:47:0b:be:e3:f6:32:f5:b6: b1:de:3f:87:eb:41:45:28:d0:66:27:35:f7:59:01: f6:5d:9a:f5:13:2a:61:19:f2:34:e7:01:6e:3e:74: ee:0d:6e:ac:c5:35:76:a0:f3:dd:3a:ee:55:a6:c7: a3:29:cf:56:91:a3:a2:18:82:be:37:21:3f:6f:9c: f6:56:5f:3a:0f:de:66:68:f7:dd:76:41:e3:9d:fa: 82:17:fd:7a:a9:44:42:d4:2b:e7:14:de:be:16:01: 74:a4:9b:11:30:4d:ca:33:cc:53:c3:10:3c:cf:f0: 40:6e:ba:eb:07:bf:4a:36:1f:f1:fd:38:46:8b:a1: 3e:1a:e7:93:4b:e2:f7:00:52:fd:31:20:5d:18:1d: ef:9f:ce:44:30:fb:d7:6b:bc:2d:59:97:40:ec:56: a7:30:4f:30:e2:e3:e5:45:e5:b6:30:3d:85:e7:af: 24:ef:5c:9b:c9:41:0d:76:ca:c1:3d:8f:ca:92:41: c1:8a:71:4f:b6:96:46:f1:b1:d1:9d:67:33:75:69: 46:30:e9:4a:63:3f:5a:f7:d9:82:72:d0:c3:d1:00: 96:22:90:e3:ff:9e:09:33:51:a4:bf:fc:58:76:e3: fe:37:f1:ad:d9:c0:f4:d0:a3:6b:a6:15:3f:09:b7: eb:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:5D:EC:3C:53:40:D4:99:14:DF:AA:8E:CE:F2:6B:90:92:8A:E9:69 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e05f4504-bb83-4b18-bbd9-8d82e42913d5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.200.0/21 Signature Algorithm: sha256WithRSAEncryption 55:34:a0:c6:27:70:9c:f2:a4:8f:b2:18:bd:7e:c6:90:be:57: 14:3c:1b:bc:fa:d5:3c:36:21:d5:a9:45:ef:f9:f2:d4:59:a7: aa:24:ab:84:32:c4:93:b6:ed:29:be:d1:fc:44:13:54:92:ec: 7b:c8:6c:7c:65:b2:40:2b:24:50:93:be:fd:77:b0:9b:04:ab: 1b:6f:90:26:34:ce:d6:5f:5f:25:31:a4:fb:e2:38:cc:a0:c8: de:82:a6:88:ce:bf:a6:be:05:44:32:8c:6a:cf:37:95:cc:8a: c6:07:e4:87:4a:fc:4e:3e:62:7c:3f:25:57:03:66:71:7a:01: bd:20:80:46:ac:81:b0:61:4c:59:fe:2e:97:d3:70:7f:ec:2b: ca:eb:c5:ba:af:68:d4:4b:4c:96:28:1d:a9:d3:8c:17:4e:31: b4:83:16:4b:92:ce:d1:25:93:0f:7e:b3:e6:8d:1b:37:d5:14: 62:7f:23:7a:7d:6c:6c:9c:f2:19:a1:89:66:be:79:33:26:4f: c8:51:16:06:88:86:88:ad:a2:e1:4b:99:e0:4c:43:ea:2d:0a: 1a:24:e8:ac:19:b1:6a:b0:f4:7c:ab:21:1b:b5:29:36:c0:78: f2:df:e0:65:64:7c:cd:f3:e2:18:37:b7:5d:71:57:5e:66:d6: 72:41:53:5e -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIULIQCWGTmLM6l+8GiGR9DX6L2KJ8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI0MTEyMzAwMDAwMFoX DTI0MTIyODIzNTk1OVowejFJMEcGA1UEBRNAZTU5YTQ4MDZjMjE4OWEyZDBjYTQ5 YzVmNzFjMDkyNzJiYTljYTcxNzFiYzFjZTY2MDk3NzkwYjliZDUwMTQ1OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQaxqRb8Rwu+4/Yy9bax3j+H60FF KNBmJzX3WQH2XZr1EyphGfI05wFuPnTuDW6sxTV2oPPdOu5VpsejKc9WkaOiGIK+ NyE/b5z2Vl86D95maPfddkHjnfqCF/16qURC1CvnFN6+FgF0pJsRME3KM8xTwxA8 z/BAbrrrB79KNh/x/ThGi6E+GueTS+L3AFL9MSBdGB3vn85EMPvXa7wtWZdA7Fan ME8w4uPlReW2MD2F568k71ybyUENdsrBPY/KkkHBinFPtpZG8bHRnWczdWlGMOlK Yz9a99mCctDD0QCWIpDj/54JM1Gkv/xYduP+N/Gt2cD00KNrphU/CbfrbwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFJld7DxTQNSZFN+qjs7ya5CSiulpMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UwNWY0NTA0LWJiODMtNGIxOC1iYmQ5LThkODJlNDI5MTNkNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jIMA0GCSqGSIb3DQEBCwUAA4IBAQBVNKDGJ3Cc8qSPshi9fsaQ vlcUPBu8+tU8NiHVqUXv+fLUWaeqJKuEMsSTtu0pvtH8RBNUkux7yGx8ZbJAKyRQ k779d7CbBKsbb5AmNM7WX18lMaT74jjMoMjegqaIzr+mvgVEMoxqzzeVzIrGB+SH SvxOPmJ8PyVXA2ZxegG9IIBGrIGwYUxZ/i6X03B/7CvK68W6r2jUS0yWKB2p04wX TjG0gxZLks7RJZMPfrPmjRs31RRifyN6fWxsnPIZoYlmvnkzJk/IURYGiIaIraLh S5ngTEPqLQoaJOisGbFqsPR8qyEbtSk2wHjy3+BlZHzN8+IYN7ddcVdeZtZyQVNe -----END CERTIFICATE-----Generated at Mon Nov 25 01:01:16 2024 by rpki-client on console-ams.rpki-client.org