$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e05f4504-bb83-4b18-bbd9-8d82e42913d5.roa File: e05f4504-bb83-4b18-bbd9-8d82e42913d5.roa (raw, json) Hash identifier: fMLkfyJoXY6/WU8V/1tumg0T/kT99QzF1REVOz+ZLpI= Subject key identifier: 88:FA:38:D0:C4:91:1D:F7:A5:30:9A:58:B9:04:DA:B2:1B:CC:0B:CF Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 33BE1FBBD57F4D3219F681E4F48BEC7DC09EF83D Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e05f4504-bb83-4b18-bbd9-8d82e42913d5.roa Signing time: Wed 10 Apr 2024 00:00:00 +0000 ROA not before: Wed 10 Apr 2024 00:00:00 +0000 ROA not after: Wed 15 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.200.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Apr 2024 00:27:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:be:1f:bb:d5:7f:4d:32:19:f6:81:e4:f4:8b:ec:7d:c0:9e:f8:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Apr 10 00:00:00 2024 GMT Not After : May 15 23:59:59 2024 GMT Subject: serialNumber=4ce029d1d759aa168bf29d65f8347179ddea979150dfe259296fca0ba8297f04, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:d2:73:b0:5b:20:1c:73:29:2f:82:f1:ea:4e: d3:fc:b8:ab:40:67:cd:89:52:56:28:c4:fb:5a:fe: 9b:b2:e7:c2:75:63:c8:a0:91:a9:b1:b5:b0:34:fb: 40:eb:a5:94:cd:e3:44:a8:ca:20:94:b4:f7:27:c3: a4:3c:67:d8:5a:30:6a:d7:c0:73:21:ff:60:71:0b: 48:8d:ea:32:9c:81:ed:00:d3:74:a8:0e:17:18:cc: d6:8e:23:a5:f4:e5:b5:a2:c4:3a:d6:e9:81:97:ef: 4c:ea:4e:9d:08:28:2d:9c:85:7d:c6:b8:a8:38:ba: a6:6a:19:fb:b0:7f:ec:51:a3:76:48:36:b6:9b:01: 5f:72:a3:37:9b:de:97:af:b9:77:82:a0:67:2a:63: 70:94:76:be:25:4d:9b:43:c9:68:16:8b:c8:6c:64: e5:be:b3:9e:57:14:49:08:a9:7c:16:1e:c4:a0:66: 9c:67:15:cb:1d:9a:53:59:de:2d:40:be:06:a3:2a: 67:6e:da:cf:35:31:9c:39:10:1f:f7:ed:8c:68:09: e5:74:f9:ad:bc:43:9f:b9:3b:a9:cc:f5:4c:51:3d: a4:a3:d6:37:61:47:be:c1:0f:22:cc:01:e5:1d:4d: 3d:25:cf:d4:8a:5a:d5:80:c7:69:91:34:d8:aa:e0: 55:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:FA:38:D0:C4:91:1D:F7:A5:30:9A:58:B9:04:DA:B2:1B:CC:0B:CF X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e05f4504-bb83-4b18-bbd9-8d82e42913d5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.200.0/21 Signature Algorithm: sha256WithRSAEncryption 14:8c:75:8d:8b:8b:ef:7e:8d:f9:d1:c6:2e:eb:8a:3e:6e:5b: 83:77:77:08:01:fd:e9:b4:0a:fb:8a:89:87:6a:38:8f:4f:a5: a6:6d:41:2b:fd:ca:66:d9:ac:67:db:9d:cc:62:f9:53:89:ed: 4a:2e:1d:d5:0f:e4:3c:4d:56:91:a8:fd:fc:ec:ae:0e:83:2b: 8c:86:31:29:8b:c5:aa:6b:bd:a1:2f:3d:83:16:e0:d5:ee:3e: 09:08:16:e5:88:32:fd:14:57:a3:c1:a9:91:58:ca:c0:8e:53: 8a:7a:86:d4:c1:b9:1e:c9:63:63:2f:f6:3d:f9:28:de:2a:c1: fb:f6:18:68:60:e6:64:11:b2:70:a0:98:0a:9b:b3:af:bd:c3: 99:a0:b5:2b:c8:4a:0c:b7:33:a1:d0:84:fa:8d:c8:70:f6:d3: 55:74:ad:3a:be:a9:25:b7:11:d9:b5:18:a1:4e:41:10:c3:6f: 06:f3:0f:6b:80:08:1d:d6:12:02:c7:a3:27:14:ff:2d:32:c0: eb:0f:51:33:f8:43:4c:d4:54:b3:f2:f5:8a:a5:03:8e:0c:d5: 68:6f:4c:b6:d1:db:00:44:aa:b7:ca:99:96:b7:28:a4:f5:13: de:a5:0b:c3:12:ce:35:70:41:03:c0:a0:aa:e9:8d:9b:64:20: 17:98:1c:c7 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUM74fu9V/TTIZ9oHk9IvsfcCe+D0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI0MDQxMDAwMDAwMFoX DTI0MDUxNTIzNTk1OVowejFJMEcGA1UEBRNANGNlMDI5ZDFkNzU5YWExNjhiZjI5 ZDY1ZjgzNDcxNzlkZGVhOTc5MTUwZGZlMjU5Mjk2ZmNhMGJhODI5N2YwNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9JzsFsgHHMpL4Lx6k7T/LirQGfN iVJWKMT7Wv6bsufCdWPIoJGpsbWwNPtA66WUzeNEqMoglLT3J8OkPGfYWjBq18Bz If9gcQtIjeoynIHtANN0qA4XGMzWjiOl9OW1osQ61umBl+9M6k6dCCgtnIV9xrio OLqmahn7sH/sUaN2SDa2mwFfcqM3m96Xr7l3gqBnKmNwlHa+JU2bQ8loFovIbGTl vrOeVxRJCKl8Fh7EoGacZxXLHZpTWd4tQL4GoypnbtrPNTGcORAf9+2MaAnldPmt vEOfuTupzPVMUT2ko9Y3YUe+wQ8izAHlHU09Jc/UilrVgMdpkTTYquBV0wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFIj6ONDEkR33pTCaWLkE2rIbzAvPMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UwNWY0NTA0LWJiODMtNGIxOC1iYmQ5LThkODJlNDI5MTNkNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jIMA0GCSqGSIb3DQEBCwUAA4IBAQAUjHWNi4vvfo350cYu64o+ bluDd3cIAf3ptAr7iomHajiPT6WmbUEr/cpm2axn253MYvlTie1KLh3VD+Q8TVaR qP387K4OgyuMhjEpi8Wqa72hLz2DFuDV7j4JCBbliDL9FFejwamRWMrAjlOKeobU wbkeyWNjL/Y9+SjeKsH79hhoYOZkEbJwoJgKm7OvvcOZoLUryEoMtzOh0IT6jchw 9tNVdK06vqkltxHZtRihTkEQw28G8w9rgAgd1hICx6MnFP8tMsDrD1Ez+ENM1FSz 8vWKpQOODNVob0y20dsARKq3ypmWtyik9RPepQvDEs41cEEDwKCq6Y2bZCAXmBzH -----END CERTIFICATE-----Generated at Fri Apr 26 06:07:25 2024 by rpki-client on console-ams.rpki-client.org