$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e05f4504-bb83-4b18-bbd9-8d82e42913d5.roa File: e05f4504-bb83-4b18-bbd9-8d82e42913d5.roa (raw, json) Hash identifier: 6f/zp+03j++y3G7LXVDlnT5+qqthL3JTPoqZI5HQvKY= Subject key identifier: F0:27:32:8B:EC:A9:AE:6E:F3:42:0E:46:72:8D:A5:2B:D3:87:87:A4 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 48728E754213E7497BC17E368A7FAEACFF5C4502 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e05f4504-bb83-4b18-bbd9-8d82e42913d5.roa Signing time: Fri 04 Oct 2024 00:00:00 +0000 ROA not before: Fri 04 Oct 2024 00:00:00 +0000 ROA not after: Fri 08 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.200.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 00:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:72:8e:75:42:13:e7:49:7b:c1:7e:36:8a:7f:ae:ac:ff:5c:45:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Oct 4 00:00:00 2024 GMT Not After : Nov 8 23:59:59 2024 GMT Subject: serialNumber=fafbb7686e33bbbef49cba41e5cf6480fed5120de3e9c485a747bba752c0d607, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:31:a4:fa:8f:67:bc:8c:4a:40:5b:b7:75:16: 41:36:8b:36:22:7c:31:8a:66:c0:a0:cf:13:5a:b5: e7:17:fd:71:95:53:cd:a4:ed:c7:df:48:52:e2:bc: ca:98:be:52:fc:e1:5d:d9:4f:f7:33:3c:e7:23:40: f0:40:50:74:fc:72:1c:a0:04:2a:8e:93:f8:cd:fb: b8:02:27:dd:6c:90:8c:61:a0:28:a9:c3:39:71:87: 56:4d:14:9c:cb:dc:bb:71:17:57:29:f5:53:ca:74: f1:00:71:66:15:b2:b5:bc:36:ac:a2:75:0b:a7:81: 8a:b8:b3:db:25:de:dc:8e:3b:60:d1:8d:12:1c:cd: 26:a4:49:51:b7:33:1f:8b:2b:80:01:36:46:32:f9: ce:2e:0d:fa:b0:1c:e1:d7:14:b9:55:45:69:98:37: 90:8e:2f:b3:ed:7b:1a:33:4e:77:49:55:52:c3:ad: 21:36:f6:31:93:10:50:1c:c1:31:c2:d5:75:1d:1f: 99:94:c4:57:93:e1:eb:51:a0:b9:81:81:70:77:6a: d5:75:43:f3:c5:02:22:ce:98:89:a0:1f:30:8e:25: 07:34:60:cf:71:bd:9f:2d:bc:5b:38:dc:21:19:cd: 3c:97:c6:fb:a6:71:6d:2d:cc:0e:66:38:35:b8:88: 0f:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:27:32:8B:EC:A9:AE:6E:F3:42:0E:46:72:8D:A5:2B:D3:87:87:A4 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e05f4504-bb83-4b18-bbd9-8d82e42913d5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.200.0/21 Signature Algorithm: sha256WithRSAEncryption 04:24:d0:b2:e0:89:90:d5:cc:29:9a:f7:55:3d:6f:2c:59:d4: 5c:29:7a:5d:98:b1:5c:f6:20:30:8a:5c:a1:76:63:3a:85:86: 2e:26:c9:ab:b3:41:20:a5:e0:10:8b:10:c0:3b:cd:ca:db:37: 07:75:a3:d1:ed:34:45:c8:3a:d8:ec:ab:33:b0:3e:cf:17:d6: 72:a5:a8:97:6e:29:27:5a:a7:fe:d9:b7:4d:42:c4:50:7c:b9: e0:e2:64:ed:bf:9d:30:6b:ef:a1:54:cc:3d:34:a5:1a:91:36: 48:f0:6b:5a:e3:a3:ac:a9:25:92:0b:ed:e2:66:32:9e:35:b4: 4f:04:44:c7:47:be:a0:3c:c8:98:69:a4:b8:27:fe:e9:1e:e1: 09:eb:98:50:7a:df:7c:96:8a:b3:41:3f:6c:d3:c5:ab:1d:f2: 5c:e8:18:8c:e7:80:0e:62:4c:76:73:e6:a4:f7:dd:c6:64:69: ae:00:93:65:4a:20:90:ae:1f:e9:56:d4:0d:10:16:eb:bd:15: 19:98:55:51:25:6e:ee:24:ac:88:cd:0d:1b:57:04:00:84:54: 73:18:54:dd:c2:e4:2b:71:59:5f:aa:97:61:f5:8c:df:e7:a9: 0a:e4:92:f9:13:1a:dd:f0:98:b6:af:45:bc:6d:c2:1a:ee:09: 48:41:f6:5a -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUSHKOdUIT50l7wX42in+urP9cRQIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI0MTAwNDAwMDAwMFoX DTI0MTEwODIzNTk1OVowejFJMEcGA1UEBRNAZmFmYmI3Njg2ZTMzYmJiZWY0OWNi YTQxZTVjZjY0ODBmZWQ1MTIwZGUzZTljNDg1YTc0N2JiYTc1MmMwZDYwNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+DGk+o9nvIxKQFu3dRZBNos2Inwx imbAoM8TWrXnF/1xlVPNpO3H30hS4rzKmL5S/OFd2U/3MzznI0DwQFB0/HIcoAQq jpP4zfu4AifdbJCMYaAoqcM5cYdWTRScy9y7cRdXKfVTynTxAHFmFbK1vDasonUL p4GKuLPbJd7cjjtg0Y0SHM0mpElRtzMfiyuAATZGMvnOLg36sBzh1xS5VUVpmDeQ ji+z7XsaM053SVVSw60hNvYxkxBQHMExwtV1HR+ZlMRXk+HrUaC5gYFwd2rVdUPz xQIizpiJoB8wjiUHNGDPcb2fLbxbONwhGc08l8b7pnFtLcwOZjg1uIgPJQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPAnMovsqa5u80IORnKNpSvTh4ekMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UwNWY0NTA0LWJiODMtNGIxOC1iYmQ5LThkODJlNDI5MTNkNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jIMA0GCSqGSIb3DQEBCwUAA4IBAQAEJNCy4ImQ1cwpmvdVPW8s WdRcKXpdmLFc9iAwilyhdmM6hYYuJsmrs0EgpeAQixDAO83K2zcHdaPR7TRFyDrY 7KszsD7PF9ZypaiXbiknWqf+2bdNQsRQfLng4mTtv50wa++hVMw9NKUakTZI8Gta 46OsqSWSC+3iZjKeNbRPBETHR76gPMiYaaS4J/7pHuEJ65hQet98loqzQT9s08Wr HfJc6BiM54AOYkx2c+ak993GZGmuAJNlSiCQrh/pVtQNEBbrvRUZmFVRJW7uJKyI zQ0bVwQAhFRzGFTdwuQrcVlfqpdh9Yzf56kK5JL5Exrd8Ji2r0W8bcIa7glIQfZa -----END CERTIFICATE-----Generated at Fri Oct 25 16:44:27 2024 by rpki-client on console-ams.rpki-client.org