$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ead4ddb0-c257-495f-afa7-48a907cd2857.roa File: ead4ddb0-c257-495f-afa7-48a907cd2857.roa (raw, json) Hash identifier: 8p9UNdXQejN8IOj72NlY+1HdkGyePAgzThLpUuzcT2Q= Subject key identifier: 88:8D:C6:6E:6C:0F:8D:B0:0D:77:10:FC:23:14:56:54:1D:1A:2C:21 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1A019098C8865EEC3AD77C811E83F6CDEF6FA974 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ead4ddb0-c257-495f-afa7-48a907cd2857.roa Signing time: Mon 18 Sep 2023 00:00:00 +0000 ROA not before: Mon 18 Sep 2023 00:00:00 +0000 ROA not after: Mon 23 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 43.249.46.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 20 Sep 2023 03:07:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:01:90:98:c8:86:5e:ec:3a:d7:7c:81:1e:83:f6:cd:ef:6f:a9:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Sep 18 00:00:00 2023 GMT Not After : Oct 23 23:59:59 2023 GMT Subject: serialNumber=55a451e0cee9c2a07c4eb6587683416716f1ba9bd79f125fa7010ed4021e7792, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:f3:91:b2:02:5b:bf:1e:0d:76:d5:53:e4:b2: 3e:6b:5e:d5:81:00:48:5b:c8:c0:37:19:82:7d:15: 13:7f:1a:b8:8e:95:d3:d0:38:f0:f2:f5:04:1d:ee: 38:d5:1d:35:c0:31:bf:72:2c:ff:7a:e5:44:0f:62: c9:a2:3c:f1:5e:5b:52:a9:3d:88:3e:0f:0e:28:56: 76:a3:7c:e0:1d:55:22:3b:ae:94:c9:b4:d3:43:07: 9f:ce:be:3c:2f:25:a5:d7:22:fe:d1:35:b5:4c:a6: 31:b8:ae:1c:c9:30:82:55:22:83:a9:f0:6b:ee:05: 3b:0f:56:d5:e6:73:6b:7e:ca:ac:bd:a4:92:e8:71: d6:03:4c:35:28:d9:25:93:8c:e0:fe:92:f8:7e:a3: 3c:b4:a6:22:09:c7:d3:c5:6d:90:0f:c7:eb:9e:ae: 42:08:f5:4d:13:e0:b2:02:70:3d:22:b8:9c:b4:c1: 82:8c:32:68:ab:95:24:eb:a4:3c:76:c7:0e:ee:f1: 52:e7:79:8b:85:5e:03:4d:18:4e:f2:c8:ed:45:fa: d2:6c:92:84:1c:b8:73:5e:c3:a3:fe:b9:b7:65:91: 95:9e:b1:9b:41:83:43:d7:3a:41:6f:87:bf:40:14: c4:f6:c0:e8:28:ba:fd:a7:aa:a5:0d:6f:82:11:42: 61:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:8D:C6:6E:6C:0F:8D:B0:0D:77:10:FC:23:14:56:54:1D:1A:2C:21 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ead4ddb0-c257-495f-afa7-48a907cd2857.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.249.46.0/24 Signature Algorithm: sha256WithRSAEncryption a3:7e:80:7a:eb:a1:5e:89:22:17:cc:1b:ad:f5:77:68:79:de: e1:8d:17:8c:17:9c:30:58:3a:ab:48:5a:9b:e3:26:fe:e3:36: d5:49:58:1d:66:99:45:81:4d:ad:0f:a0:e6:6c:a6:39:53:0e: 8b:4e:4b:f3:c9:16:00:13:4b:ba:59:3c:58:69:f2:ed:58:6c: c5:bf:5f:53:59:f3:e2:c3:1e:20:6d:67:7d:0b:1d:2f:33:f5: e0:a6:e9:96:8d:72:31:40:68:e5:b3:c1:29:24:21:00:28:cb: f1:77:04:88:c7:0e:66:9a:5a:dd:7a:95:92:c5:12:c3:d7:40: 34:71:9f:e7:5e:fd:31:68:04:4e:b8:7b:e6:42:92:75:1d:b7: 1a:a0:ce:ca:95:54:3a:ea:fc:b4:20:d4:2d:7d:e2:a4:3e:df: 7e:5e:6b:e8:0c:27:d4:82:60:8f:62:1f:f4:45:37:84:b7:a5: f2:6f:b9:5f:21:43:2e:bd:24:17:ab:43:fb:41:bb:da:a1:5b: ac:96:1e:15:24:55:1d:56:44:12:e1:f6:dc:98:0a:12:86:97: ad:72:99:2e:57:63:d1:59:93:d8:15:dc:aa:3a:32:e6:27:ed: 54:57:c9:4e:f8:1e:c9:c9:fe:c4:36:8e:7f:f2:81:c1:0c:c9: aa:4e:05:5b -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUGgGQmMiGXuw613yBHoP2ze9vqXQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDkxODAwMDAwMFoX DTIzMTAyMzIzNTk1OVowejFJMEcGA1UEBRNANTVhNDUxZTBjZWU5YzJhMDdjNGVi NjU4NzY4MzQxNjcxNmYxYmE5YmQ3OWYxMjVmYTcwMTBlZDQwMjFlNzc5MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+PORsgJbvx4NdtVT5LI+a17VgQBI W8jANxmCfRUTfxq4jpXT0Djw8vUEHe441R01wDG/ciz/euVED2LJojzxXltSqT2I Pg8OKFZ2o3zgHVUiO66UybTTQwefzr48LyWl1yL+0TW1TKYxuK4cyTCCVSKDqfBr 7gU7D1bV5nNrfsqsvaSS6HHWA0w1KNklk4zg/pL4fqM8tKYiCcfTxW2QD8frnq5C CPVNE+CyAnA9IrictMGCjDJoq5Uk66Q8dscO7vFS53mLhV4DTRhO8sjtRfrSbJKE HLhzXsOj/rm3ZZGVnrGbQYND1zpBb4e/QBTE9sDoKLr9p6qlDW+CEUJhbQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFIiNxm5sD42wDXcQ/CMUVlQdGiwhMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VhZDRkZGIwLWMyNTctNDk1Zi1hZmE3LTQ4YTkwN2NkMjg1Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK/kuMA0GCSqGSIb3DQEBCwUAA4IBAQCjfoB666FeiSIXzBut9Xdo ed7hjReMF5wwWDqrSFqb4yb+4zbVSVgdZplFgU2tD6DmbKY5Uw6LTkvzyRYAE0u6 WTxYafLtWGzFv19TWfPiwx4gbWd9Cx0vM/XgpumWjXIxQGjls8EpJCEAKMvxdwSI xw5mmlrdepWSxRLD10A0cZ/nXv0xaAROuHvmQpJ1HbcaoM7KlVQ66vy0INQtfeKk Pt9+XmvoDCfUgmCPYh/0RTeEt6Xyb7lfIUMuvSQXq0P7QbvaoVuslh4VJFUdVkQS 4fbcmAoShpetcpkuV2PRWZPYFdyqOjLmJ+1UV8lO+B7Jyf7ENo5/8oHBDMmqTgVb -----END CERTIFICATE-----Generated at Mon Sep 18 15:24:46 2023 by rpki-client on console-fra.rpki-client.org