$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ead4ddb0-c257-495f-afa7-48a907cd2857.roa File: ead4ddb0-c257-495f-afa7-48a907cd2857.roa (raw, json) Hash identifier: YfqhpeKqI8Bw6ZQ4Y+e7yAWzljBmu8Z8PM0S7twcHKM= Subject key identifier: 86:DE:54:20:0E:1F:D4:1C:B7:79:ED:7B:D4:A2:5A:09:E2:6A:18:EF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 12A2A46F88A2902033B6311ABF3C88BD9D56AD8D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ead4ddb0-c257-495f-afa7-48a907cd2857.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 43.249.46.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Apr 2024 00:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:a2:a4:6f:88:a2:90:20:33:b6:31:1a:bf:3c:88:bd:9d:56:ad:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=0498cade3f9868c69c4abb72b3ff0e098fa1cbb8aa72dcaf76dae9b1cae80c47, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:e5:44:16:a7:87:e6:aa:6c:32:ae:82:18:a3: 72:c7:34:dc:6c:b4:0c:06:86:f4:4c:14:77:04:89: 4a:53:e8:ee:8e:96:d0:77:17:5c:71:2e:be:da:a8: 3e:fa:40:5c:18:33:6a:96:94:27:3a:e6:4a:e5:71: e8:8d:f8:e6:5c:50:03:38:70:d1:e7:0f:08:56:e1: dd:7b:71:30:ef:8d:d6:04:d7:8d:3f:cc:14:b6:2d: 35:41:2e:66:28:a0:e7:21:4c:d3:f4:e9:73:da:a9: 89:5c:73:9a:7e:1b:75:e4:1e:fd:60:e0:5c:28:e9: 06:a4:01:11:b9:e2:05:4d:aa:0c:12:0d:0c:59:59: 76:b7:05:b2:d3:6f:50:8c:d8:f7:e0:23:57:4f:39: 8a:81:93:1c:1d:70:6e:e9:db:b4:62:1f:a0:03:cb: 72:16:f4:40:e5:12:fd:d7:0e:d4:85:82:16:80:42: d5:22:43:c7:cb:48:be:e2:31:73:0f:90:f2:6f:21: 99:16:99:d0:44:21:01:d7:2f:c7:49:fc:07:a0:24: ab:2c:4d:3c:d9:e9:73:3c:8a:75:5c:ad:83:24:03: ed:31:15:7b:c7:fb:e7:0c:46:81:89:45:00:50:a8: 9d:62:38:f4:e6:77:7a:49:f8:93:de:8b:89:de:b4: 12:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:DE:54:20:0E:1F:D4:1C:B7:79:ED:7B:D4:A2:5A:09:E2:6A:18:EF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ead4ddb0-c257-495f-afa7-48a907cd2857.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.249.46.0/24 Signature Algorithm: sha256WithRSAEncryption a8:a9:ad:68:5f:12:77:e1:bd:60:46:d3:dd:33:d5:a5:08:fc: 50:97:fd:da:a7:dd:05:c1:3e:7b:1a:5f:9a:1c:a2:35:86:9c: 54:4f:1c:4b:df:e6:2f:14:37:6d:1e:d5:10:13:31:78:56:86: c9:4e:9a:7a:53:fa:db:74:c7:7f:4f:62:92:c4:ea:f7:86:8d: 70:d3:f7:03:c5:de:6e:9a:e7:47:9d:a2:3e:48:c0:52:a4:be: 7b:91:5d:f8:94:02:93:93:98:60:61:75:41:54:f5:e9:6d:04: b2:a2:e4:e6:df:13:f4:16:b7:4a:ef:d4:f2:0b:d6:e7:38:2e: 0c:1c:4d:55:eb:84:15:50:6f:e6:96:b7:ff:6f:7f:68:ee:89: 02:7d:b4:2d:10:70:8e:1f:21:51:9c:18:bb:29:d6:8f:35:2b: f3:b6:69:68:c8:1b:86:4f:ab:8d:a2:53:cc:72:0b:45:29:50: 6f:09:42:2d:4d:a6:1e:5a:6e:0b:21:64:92:56:76:22:32:a3: f7:9d:51:95:34:5e:85:a5:4e:cc:28:79:fb:85:95:35:4c:ef: f4:5f:a8:c8:64:7a:8d:f1:ae:a2:8d:02:63:0a:6c:38:56:3a: 6d:0e:0c:1b:07:70:86:2d:4e:a4:71:26:30:23:01:22:9b:ad: ce:6d:2d:f6 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUEqKkb4iikCAztjEavzyIvZ1WrY0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNAMDQ5OGNhZGUzZjk4NjhjNjljNGFi YjcyYjNmZjBlMDk4ZmExY2JiOGFhNzJkY2FmNzZkYWU5YjFjYWU4MGM0NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+VEFqeH5qpsMq6CGKNyxzTcbLQM Bob0TBR3BIlKU+jujpbQdxdccS6+2qg++kBcGDNqlpQnOuZK5XHojfjmXFADOHDR 5w8IVuHde3Ew743WBNeNP8wUti01QS5mKKDnIUzT9Olz2qmJXHOafht15B79YOBc KOkGpAERueIFTaoMEg0MWVl2twWy029QjNj34CNXTzmKgZMcHXBu6du0Yh+gA8ty FvRA5RL91w7UhYIWgELVIkPHy0i+4jFzD5DybyGZFpnQRCEB1y/HSfwHoCSrLE08 2elzPIp1XK2DJAPtMRV7x/vnDEaBiUUAUKidYjj05nd6SfiT3ouJ3rQS1wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFIbeVCAOH9Qct3nte9SiWgniahjvMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VhZDRkZGIwLWMyNTctNDk1Zi1hZmE3LTQ4YTkwN2NkMjg1Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK/kuMA0GCSqGSIb3DQEBCwUAA4IBAQCoqa1oXxJ34b1gRtPdM9Wl CPxQl/3ap90FwT57Gl+aHKI1hpxUTxxL3+YvFDdtHtUQEzF4VobJTpp6U/rbdMd/ T2KSxOr3ho1w0/cDxd5umudHnaI+SMBSpL57kV34lAKTk5hgYXVBVPXpbQSyouTm 3xP0FrdK79TyC9bnOC4MHE1V64QVUG/mlrf/b39o7okCfbQtEHCOHyFRnBi7KdaP NSvztmloyBuGT6uNolPMcgtFKVBvCUItTaYeWm4LIWSSVnYiMqP3nVGVNF6FpU7M KHn7hZU1TO/0X6jIZHqN8a6ijQJjCmw4VjptDgwbB3CGLU6kcSYwIwEim63ObS32 -----END CERTIFICATE-----Generated at Fri Apr 19 00:30:58 2024 by rpki-client on console-fra.rpki-client.org