$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa File: 49119734-9dbc-4bd4-98be-57e4ce078928.roa (raw, json) Hash identifier: D+s0s17vIem33/U/GW4iCbScAq+Nxa2dD04PHs8lnAs= Subject key identifier: A3:DC:40:CC:EF:88:EE:85:D6:CC:AB:91:7D:C2:5A:45:05:CA:DC:4E Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 5E11611C8BF0570238ADB1DEC1C7EE6C55CB5104 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa Signing time: Tue 05 Nov 2024 00:00:00 +0000 ROA not before: Tue 05 Nov 2024 00:00:00 +0000 ROA not after: Tue 10 Dec 2024 23:59:59 +0000 asID: 7224 IP address blocks: 43.224.76.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 15:11:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:11:61:1c:8b:f0:57:02:38:ad:b1:de:c1:c7:ee:6c:55:cb:51:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Nov 5 00:00:00 2024 GMT Not After : Dec 10 23:59:59 2024 GMT Subject: serialNumber=de793b880ef7465fc2f7b68f46f5575dd7e526af2f2789174445e502c651e508, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:90:cb:e4:96:31:f3:ec:d4:96:a6:ed:3f:d7: b2:25:d2:ad:cb:63:bb:b7:f5:13:05:8b:32:af:d3: a0:27:19:b1:be:ed:8b:04:66:c3:4d:83:df:a3:74: 41:96:c5:8a:9d:ad:77:2d:16:fa:8b:75:7a:c5:e7: 3f:b7:fb:80:b6:8e:fb:48:87:a4:70:29:2d:fa:39: 66:b9:13:0e:76:f1:20:b0:26:0c:6c:45:98:9e:b1: a9:fb:7a:ff:77:0a:e7:89:fc:56:f4:3f:60:f8:49: b1:70:8c:b6:fc:d7:e3:c5:3c:df:8b:c0:49:27:8e: e5:8f:0d:bd:69:db:76:42:ac:f6:e9:c9:cc:b0:e6: 24:66:3d:ac:fd:43:8f:6f:f5:90:48:fa:48:1f:b2: 89:bd:c1:7d:61:08:a9:f1:e4:12:68:74:ff:af:bf: 9c:bb:f7:08:a7:56:6e:43:9e:62:86:9a:e8:78:32: 1c:53:3b:13:a9:1b:de:31:45:de:69:87:09:ed:5d: d4:9e:95:fe:ec:56:c2:d0:f3:95:db:65:58:e1:97: 10:5d:f7:33:0b:57:17:ec:8b:c8:b8:0c:67:4f:dc: 82:eb:53:ea:f1:9e:5e:32:71:40:c0:aa:1c:16:ab: 10:19:c9:b2:c1:72:a8:01:ba:e0:3f:94:02:cb:e8: 31:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:DC:40:CC:EF:88:EE:85:D6:CC:AB:91:7D:C2:5A:45:05:CA:DC:4E X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/49119734-9dbc-4bd4-98be-57e4ce078928.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.76.0/22 Signature Algorithm: sha256WithRSAEncryption 71:65:dd:7b:81:b1:d6:b8:cf:95:80:6b:d8:c5:87:1d:db:a1: 1b:0a:bc:af:b4:a8:80:26:08:2b:fc:1a:8c:18:db:29:31:19: da:7d:3b:b9:21:e4:bf:e4:11:50:f0:ef:f3:8f:01:af:e6:97: 7c:36:26:98:b2:24:08:fa:26:14:6f:d1:a7:a8:2b:85:98:2b: 04:60:b1:38:9d:cf:8f:3f:3d:1e:17:1b:22:f5:15:f7:54:cf: d0:34:5f:69:c0:91:56:8f:0e:2c:81:36:11:32:53:3b:72:ea: 60:0f:a9:76:74:6b:34:79:a7:f9:a8:b2:7f:0a:d2:03:36:00: a8:f8:d1:1d:95:f2:08:68:f2:73:fe:c0:42:e0:6a:83:b9:14: 04:96:da:25:73:60:45:56:27:7f:a7:8a:32:b3:b5:ff:56:ae: fd:32:76:04:68:d2:5a:2e:68:98:c1:51:ff:dc:c2:fd:dd:80: 61:51:4f:59:ce:db:3a:85:e4:06:ae:87:5a:ef:8a:19:c8:42: 97:f1:40:8b:57:ea:98:1a:22:dd:d2:9b:41:01:c0:d6:f7:2f: ee:32:e6:59:7f:20:e6:56:14:25:f8:89:e1:b5:4a:33:4c:4e: 32:ce:fa:77:34:a4:55:2b:a1:8c:a3:97:67:5e:16:0d:af:fa: 48:67:75:f0 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUXhFhHIvwVwI4rbHewcfubFXLUQQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MTEwNTAwMDAwMFoX DTI0MTIxMDIzNTk1OVowejFJMEcGA1UEBRNAZGU3OTNiODgwZWY3NDY1ZmMyZjdi NjhmNDZmNTU3NWRkN2U1MjZhZjJmMjc4OTE3NDQ0NWU1MDJjNjUxZTUwODEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5DL5JYx8+zUlqbtP9eyJdKty2O7 t/UTBYsyr9OgJxmxvu2LBGbDTYPfo3RBlsWKna13LRb6i3V6xec/t/uAto77SIek cCkt+jlmuRMOdvEgsCYMbEWYnrGp+3r/dwrnifxW9D9g+EmxcIy2/NfjxTzfi8BJ J47ljw29adt2Qqz26cnMsOYkZj2s/UOPb/WQSPpIH7KJvcF9YQip8eQSaHT/r7+c u/cIp1ZuQ55ihproeDIcUzsTqRveMUXeaYcJ7V3UnpX+7FbC0POV22VY4ZcQXfcz C1cX7IvIuAxnT9yC61Pq8Z5eMnFAwKocFqsQGcmywXKoAbrgP5QCy+gxqQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFKPcQMzviO6F1syrkX3CWkUFytxOMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzQ5MTE5NzM0LTlkYmMtNGJkNC05OGJlLTU3ZTRjZTA3ODkyOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+BMMA0GCSqGSIb3DQEBCwUAA4IBAQBxZd17gbHWuM+VgGvYxYcd 26EbCryvtKiAJggr/BqMGNspMRnafTu5IeS/5BFQ8O/zjwGv5pd8NiaYsiQI+iYU b9GnqCuFmCsEYLE4nc+PPz0eFxsi9RX3VM/QNF9pwJFWjw4sgTYRMlM7cupgD6l2 dGs0eaf5qLJ/CtIDNgCo+NEdlfIIaPJz/sBC4GqDuRQEltolc2BFVid/p4oys7X/ Vq79MnYEaNJaLmiYwVH/3ML93YBhUU9Zzts6heQGroda74oZyEKX8UCLV+qYGiLd 0ptBAcDW9y/uMuZZfyDmVhQl+InhtUozTE4yzvp3NKRVK6GMo5dnXhYNr/pIZ3Xw -----END CERTIFICATE-----Generated at Thu Nov 21 17:28:40 2024 by rpki-client on console-fra.rpki-client.org