$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fea7d622-0e4d-41d2-9eb3-c2bd37d8858e.roa File: fea7d622-0e4d-41d2-9eb3-c2bd37d8858e.roa (raw, json) Hash identifier: gclXuBEBKRSWmdFAKzimlGzYR/MKeEK6DvS1uWOzlFg= Subject key identifier: D2:6C:F6:26:54:01:8C:3A:59:D6:7D:14:75:88:08:C2:5E:C3:B0:04 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 70F8ABA556B54F2B2E65FAE8CB077889BC1FC1D0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fea7d622-0e4d-41d2-9eb3-c2bd37d8858e.roa Signing time: Wed 20 Nov 2024 00:00:00 +0000 ROA not before: Wed 20 Nov 2024 00:00:00 +0000 ROA not after: Wed 25 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 43.249.47.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Nov 2024 00:37:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:f8:ab:a5:56:b5:4f:2b:2e:65:fa:e8:cb:07:78:89:bc:1f:c1:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Nov 20 00:00:00 2024 GMT Not After : Dec 25 23:59:59 2024 GMT Subject: serialNumber=fdf6bd64d9eb3019f78f4ce35049bf03a1fd4f4f2465b0e5d2099ca84eda4534, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:ca:24:ec:81:10:3b:24:33:07:a7:67:7e:47: 41:29:b2:4b:03:25:14:41:e1:54:1b:72:8f:ad:1a: d6:2e:dd:c8:71:f2:c9:fe:77:a1:8c:ca:e4:b3:e8: da:9f:a2:d0:4d:0f:81:32:95:6f:8b:03:07:16:34: 08:bd:16:53:79:12:b5:e4:1c:95:fa:c4:8c:d7:96: 4f:97:de:f6:de:db:06:56:22:74:40:3d:64:6f:de: 28:ad:fb:d5:b0:6b:72:03:47:36:bc:ab:18:df:f1: 9c:d9:67:1a:0d:93:63:40:34:6a:26:09:13:58:ef: c6:d1:8a:84:4a:14:4d:b1:bc:36:87:a8:4f:ef:01: 2b:53:05:f5:7e:a4:37:d9:52:69:e9:cc:22:c1:20: 39:cd:43:8a:a8:d1:31:3c:34:9e:86:22:e0:6c:c9: 3a:cd:6a:08:c6:55:81:9b:a5:83:1e:15:ec:49:53: a6:4b:4c:1a:e1:0b:8c:24:c6:30:86:4c:cb:ee:ca: 19:a5:93:24:43:d1:60:7d:59:f3:80:58:b2:11:f3: f9:0b:cb:2f:0b:4e:d6:0d:d3:f9:6f:c1:b6:68:f0: 5e:15:1c:d0:02:61:9f:f9:b1:4a:68:e7:92:35:30: c4:49:43:89:e5:9b:dc:af:73:97:bc:c3:d2:7c:e1: c6:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:6C:F6:26:54:01:8C:3A:59:D6:7D:14:75:88:08:C2:5E:C3:B0:04 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fea7d622-0e4d-41d2-9eb3-c2bd37d8858e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.249.47.0/24 Signature Algorithm: sha256WithRSAEncryption 09:b4:a6:2e:87:a0:c7:52:6b:49:c5:9a:d4:92:9b:ca:0d:b5: 5c:20:43:96:41:12:35:fb:3f:58:8f:7f:94:45:0c:86:d7:cd: 39:20:43:9d:5e:c0:73:25:a4:6b:35:37:ec:34:6e:ae:6d:16: ab:db:1d:64:82:1b:35:2e:c5:79:46:e2:c4:17:10:84:99:18: 0b:5f:92:1e:c6:91:41:df:98:d9:b7:82:1a:71:90:00:54:3e: cb:9c:28:e9:a9:57:0c:dc:f9:ec:97:d9:05:95:c3:53:5b:f1: 87:73:04:7c:93:2b:ce:7a:11:83:17:d2:86:ef:95:6d:98:4b: 56:1f:a4:94:22:65:fd:bb:04:5c:22:33:d9:2f:09:79:94:92: 56:c9:8e:31:3a:e9:6d:40:cc:74:21:2f:bb:19:a7:54:cc:5f: 4e:92:af:cb:4c:4b:a9:21:78:f8:e5:80:fe:a9:26:1a:25:15: c7:88:f0:ee:1f:66:fa:6f:4b:0a:4f:ad:85:b8:76:03:af:85: b1:fe:ee:51:61:d0:72:08:2a:bc:57:88:c9:d6:5a:f1:69:86: 2d:7b:30:17:08:c4:7d:61:3e:04:fa:26:c7:31:71:d2:62:e4: 34:63:e2:7c:3a:34:1d:2b:45:8e:38:c9:2a:90:fa:96:09:c6: b8:f6:ab:b9 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUcPirpVa1TysuZfroywd4ibwfwdAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTEyMDAwMDAwMFoX DTI0MTIyNTIzNTk1OVowejFJMEcGA1UEBRNAZmRmNmJkNjRkOWViMzAxOWY3OGY0 Y2UzNTA0OWJmMDNhMWZkNGY0ZjI0NjViMGU1ZDIwOTljYTg0ZWRhNDUzNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8ok7IEQOyQzB6dnfkdBKbJLAyUU QeFUG3KPrRrWLt3IcfLJ/nehjMrks+jan6LQTQ+BMpVviwMHFjQIvRZTeRK15ByV +sSM15ZPl9723tsGViJ0QD1kb94orfvVsGtyA0c2vKsY3/Gc2WcaDZNjQDRqJgkT WO/G0YqEShRNsbw2h6hP7wErUwX1fqQ32VJp6cwiwSA5zUOKqNExPDSehiLgbMk6 zWoIxlWBm6WDHhXsSVOmS0wa4QuMJMYwhkzL7soZpZMkQ9FgfVnzgFiyEfP5C8sv C07WDdP5b8G2aPBeFRzQAmGf+bFKaOeSNTDESUOJ5Zvcr3OXvMPSfOHGqwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFNJs9iZUAYw6WdZ9FHWICMJew7AEMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZlYTdkNjIyLTBlNGQtNDFkMi05ZWIzLWMyYmQzN2Q4ODU4ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK/kvMA0GCSqGSIb3DQEBCwUAA4IBAQAJtKYuh6DHUmtJxZrUkpvK DbVcIEOWQRI1+z9Yj3+URQyG1805IEOdXsBzJaRrNTfsNG6ubRar2x1kghs1LsV5 RuLEFxCEmRgLX5IexpFB35jZt4IacZAAVD7LnCjpqVcM3Pnsl9kFlcNTW/GHcwR8 kyvOehGDF9KG75VtmEtWH6SUImX9uwRcIjPZLwl5lJJWyY4xOultQMx0IS+7GadU zF9Okq/LTEupIXj45YD+qSYaJRXHiPDuH2b6b0sKT62FuHYDr4Wx/u5RYdByCCq8 V4jJ1lrxaYYtezAXCMR9YT4E+ibHMXHSYuQ0Y+J8OjQdK0WOOMkqkPqWCca49qu5 -----END CERTIFICATE-----Generated at Mon Nov 25 01:15:17 2024 by rpki-client on console-fra.rpki-client.org