$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e0f25f76-9916-4274-8e75-fa724a3b50b7.roa File: e0f25f76-9916-4274-8e75-fa724a3b50b7.roa (raw, json) Hash identifier: c1d65Mnl2J/a1XC/V0BKzYaelI4dCuktPjYYjtKTMvk= Subject key identifier: F4:39:7E:4A:59:1F:3D:7D:21:F8:C5:A9:A6:09:2C:5A:C1:B6:89:95 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 13542A8824CC3E99B3681D13C16602D036E4D422 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e0f25f76-9916-4274-8e75-fa724a3b50b7.roa Signing time: Wed 17 Jul 2024 00:00:00 +0000 ROA not before: Wed 17 Jul 2024 00:00:00 +0000 ROA not after: Wed 21 Aug 2024 23:59:59 +0000 asID: 14618 IP address blocks: 43.249.44.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Jul 2024 00:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:54:2a:88:24:cc:3e:99:b3:68:1d:13:c1:66:02:d0:36:e4:d4:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Jul 17 00:00:00 2024 GMT Not After : Aug 21 23:59:59 2024 GMT Subject: serialNumber=d364ac3b59d01c03259d1a85f00e193d567598d6540df015fef35f3681ad06b6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:86:58:11:ae:ea:99:f2:cd:28:4e:0f:48:e6: e9:71:ce:8d:07:c0:6a:42:e9:0a:1c:ea:5f:8d:0d: 07:83:d6:e3:8c:1f:2b:8b:05:11:e6:e9:4f:48:0d: bb:a5:4a:74:30:7d:2d:32:3c:c8:92:88:42:6d:aa: 72:37:2d:a3:97:b5:58:f0:2b:f0:d3:1d:85:2b:73: 47:0f:9d:d8:27:c7:ba:83:03:cb:4d:2e:3e:4c:10: 4b:c2:d6:6b:66:83:e6:0a:2f:33:3b:d6:31:9c:d2: 7f:f5:cf:3e:a5:4a:26:e4:e4:15:61:9e:1f:2c:ba: bc:0d:61:5e:a1:e5:27:6c:c7:f9:dd:9f:9a:44:42: f0:6c:b0:1b:cd:d9:c1:2f:aa:04:ef:6a:d8:0c:05: 50:84:f7:5d:23:c5:cc:73:e4:30:31:b6:75:b7:07: c0:67:a7:e2:d2:be:f1:a4:eb:1f:03:8e:6c:b1:79: 1d:c1:63:44:1c:80:03:ce:58:8d:43:14:c6:f5:f1: 7d:2b:3d:bc:a1:3d:bc:c8:3c:b0:27:67:0c:6e:ce: 14:b1:80:f2:9b:bf:c4:a7:ad:1a:1b:2c:9f:74:cd: 0b:cd:53:8f:47:b6:4c:a9:1c:e1:44:08:a0:8a:6a: d7:0d:06:6e:c8:69:ec:a3:51:e6:dc:67:3a:cc:74: 89:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:39:7E:4A:59:1F:3D:7D:21:F8:C5:A9:A6:09:2C:5A:C1:B6:89:95 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e0f25f76-9916-4274-8e75-fa724a3b50b7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.249.44.0/22 Signature Algorithm: sha256WithRSAEncryption 12:0d:06:91:2a:c3:12:fd:bd:aa:c8:34:04:0e:87:5c:70:81: b9:e4:22:8a:63:02:ce:be:ed:dd:3b:be:ff:37:15:61:8f:32: 38:1f:58:ce:f2:0e:50:e6:80:00:b6:98:5d:22:7e:2b:d1:5e: d8:2d:9c:b8:e8:a2:d3:d5:7f:27:06:b3:4a:9a:b4:c1:fe:25: ee:1b:ac:6d:27:de:a0:bf:5f:9e:ff:64:c3:51:08:27:18:80: b3:51:80:f9:97:f4:e8:2a:8d:f6:c4:19:fb:88:14:50:7b:6f: a9:d4:67:0d:98:be:28:3c:c1:bb:bf:12:91:57:5d:c9:32:c8: bd:76:3e:97:12:db:81:4d:58:8a:b9:04:e1:20:b7:2c:a4:ef: 7e:0e:56:d2:9f:db:83:6a:f0:9a:8f:7d:90:48:df:6b:d6:f0: 0e:11:04:81:6b:c5:84:34:d7:13:61:86:92:99:f9:f4:2c:5f: d6:90:4a:b5:65:9a:4d:dd:d4:23:ba:5c:5e:c1:9b:59:d5:80: 91:f0:18:91:c0:b9:b3:6c:b5:3a:d8:2c:12:9a:a4:69:09:4a: 9b:ae:5f:1b:66:e8:31:3a:08:09:0f:e1:a1:92:06:86:56:c5: fd:99:01:66:05:51:7f:6c:96:99:88:b5:43:26:79:0b:83:bf: 06:63:3e:96 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUE1QqiCTMPpmzaB0TwWYC0Dbk1CIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDcxNzAwMDAwMFoX DTI0MDgyMTIzNTk1OVowejFJMEcGA1UEBRNAZDM2NGFjM2I1OWQwMWMwMzI1OWQx YTg1ZjAwZTE5M2Q1Njc1OThkNjU0MGRmMDE1ZmVmMzVmMzY4MWFkMDZiNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoZYEa7qmfLNKE4PSObpcc6NB8Bq QukKHOpfjQ0Hg9bjjB8riwUR5ulPSA27pUp0MH0tMjzIkohCbapyNy2jl7VY8Cvw 0x2FK3NHD53YJ8e6gwPLTS4+TBBLwtZrZoPmCi8zO9YxnNJ/9c8+pUom5OQVYZ4f LLq8DWFeoeUnbMf53Z+aRELwbLAbzdnBL6oE72rYDAVQhPddI8XMc+QwMbZ1twfA Z6fi0r7xpOsfA45ssXkdwWNEHIADzliNQxTG9fF9Kz28oT28yDywJ2cMbs4UsYDy m7/Ep60aGyyfdM0LzVOPR7ZMqRzhRAigimrXDQZuyGnso1Hm3Gc6zHSJQwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPQ5fkpZHz19IfjFqaYJLFrBtomVMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UwZjI1Zjc2LTk5MTYtNDI3NC04ZTc1LWZhNzI0YTNiNTBiNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/ksMA0GCSqGSIb3DQEBCwUAA4IBAQASDQaRKsMS/b2qyDQEDodc cIG55CKKYwLOvu3dO77/NxVhjzI4H1jO8g5Q5oAAtphdIn4r0V7YLZy46KLT1X8n BrNKmrTB/iXuG6xtJ96gv1+e/2TDUQgnGICzUYD5l/ToKo32xBn7iBRQe2+p1GcN mL4oPMG7vxKRV13JMsi9dj6XEtuBTViKuQThILcspO9+DlbSn9uDavCaj32QSN9r 1vAOEQSBa8WENNcTYYaSmfn0LF/WkEq1ZZpN3dQjulxewZtZ1YCR8BiRwLmzbLU6 2CwSmqRpCUqbrl8bZugxOggJD+GhkgaGVsX9mQFmBVF/bJaZiLVDJnkLg78GYz6W -----END CERTIFICATE-----Generated at Fri Jul 26 01:58:41 2024 by rpki-client on console-ams.rpki-client.org