$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fea7d622-0e4d-41d2-9eb3-c2bd37d8858e.roa File: fea7d622-0e4d-41d2-9eb3-c2bd37d8858e.roa (raw, json) Hash identifier: wXqn4aivc+OXojgBHlyvPMRA+ykGJXx2JHLfgZVB0BQ= Subject key identifier: 4A:93:C3:B8:95:AE:EA:23:24:CA:C3:3B:F3:6A:EB:75:49:7A:36:F8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 389CAD4930282B8F9135BCDFAA6E728E9BD9ED97 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fea7d622-0e4d-41d2-9eb3-c2bd37d8858e.roa Signing time: Tue 01 Oct 2024 00:00:00 +0000 ROA not before: Tue 01 Oct 2024 00:00:00 +0000 ROA not after: Tue 05 Nov 2024 23:59:59 +0000 asID: 16509 IP address blocks: 43.249.47.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Oct 2024 15:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:9c:ad:49:30:28:2b:8f:91:35:bc:df:aa:6e:72:8e:9b:d9:ed:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Oct 1 00:00:00 2024 GMT Not After : Nov 5 23:59:59 2024 GMT Subject: serialNumber=4a7317acb1d45d9e3aefac633e35f089e27061b44cb9e3f51c2352ad84cdfad0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:7f:2e:d8:6e:23:df:dc:88:25:0a:57:9c:4b: b8:d4:17:3d:44:1b:dc:c7:a4:9a:27:19:66:05:95: cf:78:ad:29:6f:c0:57:3b:6b:13:30:dd:ef:56:ff: a6:cd:1b:ac:9e:de:7e:57:52:ef:ce:14:f7:a0:fe: e9:06:b0:54:57:bf:e1:85:77:d6:95:32:6f:1b:b7: 07:72:a8:b8:10:da:1a:66:73:3e:08:06:a2:9c:93: c9:28:6b:46:5a:9e:e0:0d:ca:81:1f:da:f6:24:c9: c7:3c:d4:59:db:12:18:42:57:c9:8c:66:0e:f0:be: 7f:1f:f5:45:bb:66:66:62:c1:f8:02:48:5b:0d:7b: a3:34:f0:6f:86:a0:d8:84:1a:16:3e:35:0f:cf:74: 56:e1:88:e6:20:d9:cf:b3:7a:00:74:1a:a9:12:f2: b8:02:0a:99:d1:1e:da:10:a6:8f:f4:9c:c5:eb:b1: 08:4a:b1:1d:68:cd:16:01:ca:54:89:29:5d:32:b9: 26:01:dd:ca:c3:17:b2:dc:15:e8:5c:18:d1:51:9f: 4a:c0:08:40:07:83:5b:8d:09:70:a7:75:db:65:02: 7a:9b:6d:6a:3a:7c:fe:df:12:6b:88:e1:02:a9:b1: 1f:d9:52:01:38:ff:ff:2b:db:73:50:ac:a2:57:f8: 19:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:93:C3:B8:95:AE:EA:23:24:CA:C3:3B:F3:6A:EB:75:49:7A:36:F8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fea7d622-0e4d-41d2-9eb3-c2bd37d8858e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.249.47.0/24 Signature Algorithm: sha256WithRSAEncryption 51:01:f5:4a:93:de:9c:3d:29:0c:46:ce:77:9c:0c:1c:10:d2: b8:a9:0c:56:09:15:36:91:39:02:67:b2:95:bc:56:18:65:c2: 8a:54:34:62:c8:c8:d1:c7:45:73:be:57:c6:e1:c2:af:5c:8f: 12:37:7b:29:1a:1b:45:59:8d:eb:78:04:17:66:ae:53:9b:df: cd:58:7e:f0:09:9f:7c:8b:f8:b2:e8:c5:ae:5d:f9:0f:f8:01: cf:84:95:af:9b:67:9d:5d:ee:6f:6d:4b:d4:82:cb:04:27:b2: 29:d1:73:03:11:6c:5f:96:57:e0:d9:e7:5b:b5:b9:f2:e9:0b: c3:68:40:4d:61:93:22:f5:77:51:50:df:93:e5:e9:a6:10:fa: c4:7a:96:61:8d:82:93:d5:c7:d3:a6:a8:0a:ca:5f:57:ed:2a: 72:85:b3:70:fc:26:98:38:fd:8a:21:ee:0f:0a:a6:81:68:46: 99:6f:00:95:9b:e6:f8:ac:e6:bb:4f:28:f2:40:3b:bf:00:27: c9:d8:59:66:64:ec:3f:9f:93:12:79:6b:4d:0e:2f:c4:0a:35: 17:dd:a4:2a:08:5c:e7:b9:6c:9d:0a:28:a3:39:42:6c:ee:05: ea:52:53:1b:87:f5:56:8b:d2:13:c6:aa:fd:98:9d:69:16:57: 4b:eb:41:17 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUOJytSTAoK4+RNbzfqm5yjpvZ7ZcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTAwMTAwMDAwMFoX DTI0MTEwNTIzNTk1OVowejFJMEcGA1UEBRNANGE3MzE3YWNiMWQ0NWQ5ZTNhZWZh YzYzM2UzNWYwODllMjcwNjFiNDRjYjllM2Y1MWMyMzUyYWQ4NGNkZmFkMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAon8u2G4j39yIJQpXnEu41Bc9RBvc x6SaJxlmBZXPeK0pb8BXO2sTMN3vVv+mzRusnt5+V1LvzhT3oP7pBrBUV7/hhXfW lTJvG7cHcqi4ENoaZnM+CAainJPJKGtGWp7gDcqBH9r2JMnHPNRZ2xIYQlfJjGYO 8L5/H/VFu2ZmYsH4AkhbDXujNPBvhqDYhBoWPjUPz3RW4YjmINnPs3oAdBqpEvK4 AgqZ0R7aEKaP9JzF67EISrEdaM0WAcpUiSldMrkmAd3Kwxey3BXoXBjRUZ9KwAhA B4NbjQlwp3XbZQJ6m21qOnz+3xJriOECqbEf2VIBOP//K9tzUKyiV/gZdwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFEqTw7iVruojJMrDO/Nq63VJejb4MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZlYTdkNjIyLTBlNGQtNDFkMi05ZWIzLWMyYmQzN2Q4ODU4ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK/kvMA0GCSqGSIb3DQEBCwUAA4IBAQBRAfVKk96cPSkMRs53nAwc ENK4qQxWCRU2kTkCZ7KVvFYYZcKKVDRiyMjRx0VzvlfG4cKvXI8SN3spGhtFWY3r eAQXZq5Tm9/NWH7wCZ98i/iy6MWuXfkP+AHPhJWvm2edXe5vbUvUgssEJ7Ip0XMD EWxfllfg2edbtbny6QvDaEBNYZMi9XdRUN+T5emmEPrEepZhjYKT1cfTpqgKyl9X 7SpyhbNw/CaYOP2KIe4PCqaBaEaZbwCVm+b4rOa7TyjyQDu/ACfJ2FlmZOw/n5MS eWtNDi/ECjUX3aQqCFznuWydCiijOUJs7gXqUlMbh/VWi9ITxqr9mJ1pFldL60EX -----END CERTIFICATE-----Generated at Fri Oct 25 17:02:36 2024 by rpki-client on console-fra.rpki-client.org