$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fea7d622-0e4d-41d2-9eb3-c2bd37d8858e.roa File: fea7d622-0e4d-41d2-9eb3-c2bd37d8858e.roa (raw, json) Hash identifier: ITSO4bK9xQCAMCrWmUi22EXQeCGZ4Q/sEDrTPS9c4HA= Subject key identifier: B0:81:67:A9:D6:D6:6F:2A:F3:24:B2:CA:04:45:61:73:AC:59:26:B9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 01D40216DF6A52DFCCF001380EC54F6B2F5B97DF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fea7d622-0e4d-41d2-9eb3-c2bd37d8858e.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 43.249.47.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Apr 2024 00:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:d4:02:16:df:6a:52:df:cc:f0:01:38:0e:c5:4f:6b:2f:5b:97:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=5c3c2acd13dbb3fb3e3571b3bdc93d7ed3323a7f466710f0550e5a835d3d2e9a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:96:19:27:36:2d:b4:4d:fc:88:eb:b3:0f:fb: 84:32:7b:cc:64:d7:74:4d:54:e2:e8:f3:ee:b0:dc: 1d:b1:d5:10:cf:c9:c5:4f:a3:5a:22:07:e4:5d:cd: 91:ed:3a:1e:4b:7f:48:fb:d4:88:18:62:79:a3:41: a2:9a:ce:fc:1e:92:65:d0:4c:2b:7a:e1:65:4f:0d: 56:47:af:c5:d2:6a:72:33:83:28:a1:a8:00:f3:83: 92:35:1f:54:c3:c7:14:67:59:51:67:e1:be:43:90: 90:e5:7c:3d:1f:ca:ed:0e:72:d6:51:5b:8f:50:e1: 72:34:3d:5b:f9:8c:7f:0d:c0:80:83:c6:c4:43:87: 28:46:47:75:04:40:12:d4:dc:f9:b7:42:9f:73:a6: 17:99:68:0a:e1:cb:ba:64:bd:7a:60:d8:fd:8a:32: 29:ea:f3:45:e7:4a:62:10:b2:58:bd:e4:28:db:1a: 87:cb:1c:81:23:05:4f:2d:a7:6c:a0:3f:8f:8f:3d: de:b5:68:03:4c:9b:28:69:41:54:4a:1e:ae:1f:00: 5a:e6:6b:ea:ca:6a:2a:42:b3:54:9b:78:07:d8:3d: f7:64:1b:5a:6a:b4:8d:61:0f:ea:77:ac:4f:05:13: 8b:36:2c:93:40:19:cd:e7:7c:bd:0b:f9:ad:15:47: fb:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:81:67:A9:D6:D6:6F:2A:F3:24:B2:CA:04:45:61:73:AC:59:26:B9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fea7d622-0e4d-41d2-9eb3-c2bd37d8858e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.249.47.0/24 Signature Algorithm: sha256WithRSAEncryption 3f:17:03:fd:70:ea:30:9d:27:62:60:84:3a:73:6f:ef:09:b6: 15:55:24:7d:37:34:f3:cd:5d:7b:4a:45:72:04:1e:a5:ad:2e: d1:cf:cf:3e:95:65:9d:8c:6b:56:7c:45:a4:72:17:ce:3a:96: 3d:ea:bd:82:16:a4:dc:88:29:77:db:c4:e5:ea:25:ed:ba:ba: a7:ef:e7:8d:1c:45:3c:e0:03:b9:5a:55:85:fe:a4:63:3c:22: ee:d5:47:e0:b5:a9:de:ed:0f:ad:d3:c8:e0:b5:94:7a:cb:41: 1d:c4:2e:d2:23:e2:fb:74:c1:dd:b2:d7:c3:6d:64:75:d7:59: 1a:80:d3:44:7b:f9:83:03:22:15:53:f4:0d:c7:e7:d7:f5:4a: f4:53:2b:cb:38:6a:95:4e:7e:42:8a:c9:17:31:32:cf:d4:1d: 79:88:6b:73:e4:89:92:4b:84:62:0e:36:ee:ff:0f:85:85:50: 7d:d0:c5:fe:c2:a8:07:d8:4c:3a:49:2e:2c:30:96:bc:8e:12: 3e:db:9f:1c:81:6f:55:07:05:83:be:d9:da:d6:27:71:e2:1d: 07:57:a5:c9:38:1d:cf:d6:ba:0e:2a:48:0f:7d:ea:25:1f:c8: 7d:af:88:ab:87:7f:c9:85:04:96:5f:47:32:fe:49:18:d5:9f: 99:95:12:d6 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUAdQCFt9qUt/M8AE4DsVPay9bl98wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNANWMzYzJhY2QxM2RiYjNmYjNlMzU3 MWIzYmRjOTNkN2VkMzMyM2E3ZjQ2NjcxMGYwNTUwZTVhODM1ZDNkMmU5YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZYZJzYttE38iOuzD/uEMnvMZNd0 TVTi6PPusNwdsdUQz8nFT6NaIgfkXc2R7ToeS39I+9SIGGJ5o0Gims78HpJl0Ewr euFlTw1WR6/F0mpyM4MooagA84OSNR9Uw8cUZ1lRZ+G+Q5CQ5Xw9H8rtDnLWUVuP UOFyND1b+Yx/DcCAg8bEQ4coRkd1BEAS1Nz5t0Kfc6YXmWgK4cu6ZL16YNj9ijIp 6vNF50piELJYveQo2xqHyxyBIwVPLadsoD+Pjz3etWgDTJsoaUFUSh6uHwBa5mvq ymoqQrNUm3gH2D33ZBtaarSNYQ/qd6xPBROLNiyTQBnN53y9C/mtFUf7lQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFLCBZ6nW1m8q8ySyygRFYXOsWSa5MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZlYTdkNjIyLTBlNGQtNDFkMi05ZWIzLWMyYmQzN2Q4ODU4ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK/kvMA0GCSqGSIb3DQEBCwUAA4IBAQA/FwP9cOownSdiYIQ6c2/v CbYVVSR9NzTzzV17SkVyBB6lrS7Rz88+lWWdjGtWfEWkchfOOpY96r2CFqTciCl3 28Tl6iXturqn7+eNHEU84AO5WlWF/qRjPCLu1Ufgtane7Q+t08jgtZR6y0EdxC7S I+L7dMHdstfDbWR111kagNNEe/mDAyIVU/QNx+fX9Ur0UyvLOGqVTn5CiskXMTLP 1B15iGtz5ImSS4RiDjbu/w+FhVB90MX+wqgH2Ew6SS4sMJa8jhI+258cgW9VBwWD vtna1idx4h0HV6XJOB3P1roOKkgPfeolH8h9r4irh3/JhQSWX0cy/kkY1Z+ZlRLW -----END CERTIFICATE-----Generated at Thu Apr 25 00:30:40 2024 by rpki-client on console-fra.rpki-client.org