$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f60efe51-797b-4b40-95ef-52a2e036f36a.roa File: f60efe51-797b-4b40-95ef-52a2e036f36a.roa (raw, json) Hash identifier: Ovbbm+iXAkSBC3FR6OBWIHmHEISje+uBF3Y6/6KRkBk= Subject key identifier: 11:D7:32:7A:1C:82:23:61:10:CA:76:D9:29:48:C6:8F:07:13:81:8A Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 5618000F7E7BAF1E1F5C6B1837A064DE1BD30EF5 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f60efe51-797b-4b40-95ef-52a2e036f36a.roa Signing time: Sat 16 Mar 2024 00:00:00 +0000 ROA not before: Sat 16 Mar 2024 00:00:00 +0000 ROA not after: Sat 20 Apr 2024 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.240.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Mar 2024 12:04:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:18:00:0f:7e:7b:af:1e:1f:5c:6b:18:37:a0:64:de:1b:d3:0e:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Mar 16 00:00:00 2024 GMT Not After : Apr 20 23:59:59 2024 GMT Subject: serialNumber=661d205d5302b1a6b754c9ad3737a1ea8eca6eb6ee36a5518f3e621573ce06bf, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:08:72:b9:d4:e8:99:2c:60:07:50:e4:7e:e8: d7:62:87:6b:e6:1f:83:b8:fb:87:09:f5:c9:d5:c8: 35:5e:62:f2:3d:90:1e:26:ae:f8:a7:d7:ac:8b:1b: c7:8c:8d:e3:b2:f8:9b:94:bf:92:04:20:8b:86:4c: 0d:ea:fd:a0:93:a8:c9:3b:73:d9:86:1c:f3:7a:b1: f0:2c:5e:db:dd:db:1d:13:d8:1f:1d:0e:6c:71:28: 9d:d7:16:d4:5c:67:18:3e:5a:91:5e:6f:09:c5:d7: 08:ac:aa:dc:9e:d3:c3:9e:be:19:73:76:34:54:74: 9c:0d:47:83:47:40:fa:25:10:79:3e:c1:ea:2b:cc: fd:00:ca:c2:69:9a:c8:57:ba:17:8d:ea:ba:0b:0b: 53:5d:4c:14:3c:3d:d0:79:67:75:be:21:2a:4f:70: e1:46:fc:f5:a4:8f:ad:c9:e3:60:39:b3:7d:8e:0c: ea:72:8a:d0:92:6a:c5:6a:22:3d:df:4e:0f:91:aa: 73:5c:d7:a7:80:82:1e:44:2c:2c:c0:72:80:96:4a: 2a:67:15:31:39:80:7a:82:78:2a:6e:ff:e6:54:6b: 8c:cd:f5:ee:d2:9d:43:91:20:4c:ff:6a:6f:2a:02: c3:56:cb:59:50:ca:dd:b9:9d:b5:a5:62:da:4b:96: 79:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:D7:32:7A:1C:82:23:61:10:CA:76:D9:29:48:C6:8F:07:13:81:8A X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f60efe51-797b-4b40-95ef-52a2e036f36a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.240.0/21 Signature Algorithm: sha256WithRSAEncryption 11:18:a2:83:b9:13:c0:b7:fd:7d:08:98:2c:a6:58:8d:47:56: 63:4b:53:7f:64:7f:f2:96:16:6e:ae:d9:ba:65:8b:f8:f1:5d: 8f:aa:c1:d0:f3:bf:ae:55:5f:a6:3a:fd:a0:36:6f:5e:a4:6b: 4c:78:af:08:c1:05:3b:77:5d:6b:12:49:d8:e7:b6:f2:10:1b: 2b:c1:cf:e6:99:9b:81:ce:3a:19:b2:6a:65:56:3e:df:d3:10: 48:e7:d6:a6:56:1c:b3:f1:af:d7:4b:23:6f:19:5f:ed:52:d8: 00:ca:9d:f6:68:0c:7e:f7:c2:6e:9f:03:9b:ba:61:df:07:1b: 46:00:3f:04:cc:9a:fa:54:ab:b9:0e:f1:2f:ba:0c:e1:68:73: a6:3d:ce:c2:d9:ad:4d:ef:0f:5e:cc:78:9d:81:14:83:95:6c: 8f:53:88:30:ed:49:c5:8a:f4:e9:75:19:c0:84:90:6f:d0:f7: b4:32:a6:98:ff:88:00:a0:a4:08:e4:3f:66:88:02:b1:65:01: ca:cb:de:5f:72:b0:c0:c4:fc:bc:08:b3:9e:a6:4c:c7:91:b0: 5c:d9:8f:e7:36:81:9e:fa:64:cc:c2:53:9f:67:a2:fe:12:ea: 77:61:e0:c8:c2:be:84:14:e1:9b:31:39:9f:c9:83:87:41:73: c0:2b:87:9f -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUVhgAD357rx4fXGsYN6Bk3hvTDvUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI0MDMxNjAwMDAwMFoX DTI0MDQyMDIzNTk1OVowejFJMEcGA1UEBRNANjYxZDIwNWQ1MzAyYjFhNmI3NTRj OWFkMzczN2ExZWE4ZWNhNmViNmVlMzZhNTUxOGYzZTYyMTU3M2NlMDZiZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtghyudTomSxgB1DkfujXYodr5h+D uPuHCfXJ1cg1XmLyPZAeJq74p9esixvHjI3jsviblL+SBCCLhkwN6v2gk6jJO3PZ hhzzerHwLF7b3dsdE9gfHQ5scSid1xbUXGcYPlqRXm8JxdcIrKrcntPDnr4Zc3Y0 VHScDUeDR0D6JRB5PsHqK8z9AMrCaZrIV7oXjeq6CwtTXUwUPD3QeWd1viEqT3Dh Rvz1pI+tyeNgObN9jgzqcorQkmrFaiI9304PkapzXNengIIeRCwswHKAlkoqZxUx OYB6gngqbv/mVGuMzfXu0p1DkSBM/2pvKgLDVstZUMrduZ21pWLaS5Z5cwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFBHXMnocgiNhEMp22SlIxo8HE4GKMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y2MGVmZTUxLTc5N2ItNGI0MC05NWVmLTUyYTJlMDM2ZjM2YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jwMA0GCSqGSIb3DQEBCwUAA4IBAQARGKKDuRPAt/19CJgspliN R1ZjS1N/ZH/ylhZurtm6ZYv48V2PqsHQ87+uVV+mOv2gNm9epGtMeK8IwQU7d11r EknY57byEBsrwc/mmZuBzjoZsmplVj7f0xBI59amVhyz8a/XSyNvGV/tUtgAyp32 aAx+98JunwObumHfBxtGAD8EzJr6VKu5DvEvugzhaHOmPc7C2a1N7w9ezHidgRSD lWyPU4gw7UnFivTpdRnAhJBv0Pe0MqaY/4gAoKQI5D9miAKxZQHKy95fcrDAxPy8 CLOepkzHkbBc2Y/nNoGe+mTMwlOfZ6L+Eup3YeDIwr6EFOGbMTmfyYOHQXPAK4ef -----END CERTIFICATE-----Generated at Fri Mar 29 02:36:31 2024 by rpki-client on console-fra.rpki-client.org