$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fbd3bc41-641b-4341-a138-cdb37dbe5b09.roa File: fbd3bc41-641b-4341-a138-cdb37dbe5b09.roa (raw, json) Hash identifier: NcVyzf7HqwS6LQOJGJqX7Oi/+XOy+lGoQaHUEPQdkfE= Subject key identifier: 1A:E2:CC:FF:2C:14:B8:64:B0:10:A6:E7:D9:B9:6E:D6:CF:55:75:53 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6AF281554302F15EC0F8307645611488CC0E7866 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fbd3bc41-641b-4341-a138-cdb37dbe5b09.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 43.221.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:f2:81:55:43:02:f1:5e:c0:f8:30:76:45:61:14:88:cc:0e:78:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:07:00:b2:6c:e0:4b:e4:55:6e:e6:ac:71:5c: 98:93:72:70:2f:6c:cc:0f:c9:4a:28:34:29:02:d7: b3:ce:10:94:7c:a7:dd:bd:d2:0e:23:a7:5b:b1:49: c9:f7:b5:d0:a4:37:40:69:ea:b7:b4:19:5e:a8:5a: 0e:91:76:da:f0:3e:1d:45:31:da:93:73:f6:f8:f6: 3f:a0:b4:f4:38:84:87:44:75:f7:30:18:53:80:4e: 83:f3:84:11:ba:b0:47:cb:ec:83:c1:68:32:fb:17: 3e:cb:84:94:02:2a:4f:27:b8:57:e2:bd:25:a4:ad: c2:85:82:49:fe:ae:4f:6b:bb:40:53:3a:8a:9d:51: 50:56:a1:d1:ac:21:01:44:e0:87:12:1e:2d:2c:39: 96:dc:cb:df:c7:ee:33:6a:bf:ed:05:a4:a4:61:76: ab:17:bb:32:6e:f1:1c:84:de:71:4d:3e:16:92:ba: 35:af:cb:27:58:1a:d8:45:5a:39:8d:f7:55:89:a7: 7a:d3:ea:29:34:69:81:4d:94:39:2a:80:4b:ee:a0: 17:c6:5c:71:20:8d:cf:0a:48:23:f4:22:e5:67:d8: 82:f1:92:5c:55:e3:79:96:9a:23:49:cb:fc:af:e1: 25:1d:4b:b9:6f:fb:25:a3:a6:ca:14:c8:6c:3e:c9: 2f:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:E2:CC:FF:2C:14:B8:64:B0:10:A6:E7:D9:B9:6E:D6:CF:55:75:53 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fbd3bc41-641b-4341-a138-cdb37dbe5b09.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.221.0.0/16 Signature Algorithm: sha256WithRSAEncryption a6:76:b8:c3:f6:52:7d:94:cb:7c:5b:fd:9e:0d:b7:b0:cb:cb: 94:63:c4:86:ee:43:24:72:ed:4e:27:fc:50:24:81:47:1a:8d: 91:df:6a:c2:16:6d:c5:c4:65:e9:28:b3:68:97:b1:51:45:08: 6c:fe:5f:0f:4a:c0:06:9f:6c:eb:5d:50:df:df:d2:f1:e7:f0: d2:c8:54:41:7e:cf:fd:2f:14:7f:ca:96:5c:40:db:ad:9f:83: 8b:51:2b:6f:73:63:db:07:d7:0a:52:4f:f5:54:8f:cf:12:64: 86:5e:98:80:8e:65:e4:cc:5e:59:d5:46:c7:c9:70:2f:3f:f1: 97:96:2b:04:20:7d:f4:f9:11:2d:5a:7f:52:f3:c0:5e:3f:e5: 35:f4:7b:6b:46:d8:0b:4c:2f:6f:cf:80:19:62:8d:b7:6c:60: f9:ac:f3:81:f2:f4:88:12:93:cf:e8:68:20:6e:c5:c5:c0:ad: bb:52:70:6f:49:1d:53:1f:4c:86:d8:05:11:2a:cc:ff:08:2a: 6d:3d:19:76:a9:54:34:32:d6:07:6e:86:d9:ba:40:df:43:41: 29:f2:a8:54:4a:5e:a7:5d:ef:ca:71:43:c6:ab:96:38:d7:f3: ae:89:91:ca:d2:f3:c5:8c:1e:8e:4e:5b:d2:3b:f8:10:0c:fa: 20:9c:b8:45 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUavKBVUMC8V7A+DB2RWEUiMwOeGYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMWE3MzYzMTA5YjllMTI0YWQ1NDhk NjEwNTA0MGM3MGEyNjhiODdlNWRhZWNhOGE1ZjRkZmVhZmY3ZDlmMmU0MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgcAsmzgS+RVbuascVyYk3JwL2zM D8lKKDQpAtezzhCUfKfdvdIOI6dbsUnJ97XQpDdAaeq3tBleqFoOkXba8D4dRTHa k3P2+PY/oLT0OISHRHX3MBhTgE6D84QRurBHy+yDwWgy+xc+y4SUAipPJ7hX4r0l pK3ChYJJ/q5Pa7tAUzqKnVFQVqHRrCEBROCHEh4tLDmW3Mvfx+4zar/tBaSkYXar F7sybvEchN5xTT4Wkro1r8snWBrYRVo5jfdViad60+opNGmBTZQ5KoBL7qAXxlxx II3PCkgj9CLlZ9iC8ZJcVeN5lpojScv8r+ElHUu5b/slo6bKFMhsPskvOQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFBrizP8sFLhksBCm59m5btbPVXVTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZiZDNiYzQxLTY0MWItNDM0MS1hMTM4LWNkYjM3ZGJlNWIwOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMAK90wDQYJKoZIhvcNAQELBQADggEBAKZ2uMP2Un2Uy3xb/Z4Nt7DL y5RjxIbuQyRy7U4n/FAkgUcajZHfasIWbcXEZekos2iXsVFFCGz+Xw9KwAafbOtd UN/f0vHn8NLIVEF+z/0vFH/KllxA262fg4tRK29zY9sH1wpST/VUj88SZIZemICO ZeTMXlnVRsfJcC8/8ZeWKwQgffT5ES1af1LzwF4/5TX0e2tG2AtML2/PgBlijbds YPms84Hy9IgSk8/oaCBuxcXArbtScG9JHVMfTIbYBREqzP8IKm09GXapVDQy1gdu htm6QN9DQSnyqFRKXqdd78pxQ8arljjX866JkcrS88WMHo5OW9I7+BAM+iCcuEU= -----END CERTIFICATE-----Generated at Wed Feb 5 03:55:18 2025 by rpki-client