$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/58ba68d3-9488-476b-8d44-5ecf1f0018e8.roa File: 58ba68d3-9488-476b-8d44-5ecf1f0018e8.roa (raw, json) Hash identifier: cq1y5eYW7ZES8vWilDx2kj+O5yWNNbrqQ0LeuvCJquA= Subject key identifier: 26:EE:68:65:28:2B:8D:F7:A6:28:0C:52:A8:48:B3:67:81:18:77:26 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 0C3719F9299E077EA38079A016789E7A65F60621 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/58ba68d3-9488-476b-8d44-5ecf1f0018e8.roa Signing time: Wed 17 Apr 2024 00:00:00 +0000 ROA not before: Wed 17 Apr 2024 00:00:00 +0000 ROA not after: Wed 22 May 2024 23:59:59 +0000 asID: 14618 IP address blocks: 43.224.76.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Apr 2024 00:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:37:19:f9:29:9e:07:7e:a3:80:79:a0:16:78:9e:7a:65:f6:06:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Apr 17 00:00:00 2024 GMT Not After : May 22 23:59:59 2024 GMT Subject: serialNumber=d7cd222e4eea085f91328a930b8d0a670bfda9ee3236529fa0de2d79952611c6, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:78:44:8d:d4:73:e5:0a:71:8a:09:28:9f:1c: c9:ff:87:71:66:de:ac:b7:9c:47:25:08:c2:da:f9: 37:c4:05:00:92:91:e3:92:b9:ba:66:c8:ce:cc:d0: 7e:89:92:b0:6e:04:45:94:7e:bc:c5:55:b6:55:39: 43:5c:d0:71:e1:a3:21:64:7f:e8:82:c5:c1:8e:50: 45:64:dc:13:7d:57:df:95:34:48:9d:9c:a0:33:20: 87:c5:da:23:e6:8e:08:30:38:d7:d5:c6:76:22:49: d7:f7:64:a4:f3:ea:22:08:15:ed:59:24:99:0e:dc: d0:05:07:81:8f:5a:b8:49:f3:88:62:85:72:2e:10: 8a:a1:fc:30:e4:96:8c:59:9c:ef:6e:95:dd:a7:31: 14:db:70:93:cd:49:7a:22:2b:a0:8f:3e:68:db:ae: 61:b6:c7:77:eb:8b:6e:ca:c1:2e:88:65:b0:6e:ab: 46:0d:6e:5c:27:2e:76:39:cf:62:eb:4d:61:a0:eb: 80:86:ca:57:e4:4f:20:93:3b:62:5d:2a:18:8f:ec: ab:4c:9a:2a:6e:2d:e7:4b:51:2c:34:83:2c:16:5d: 4a:bc:e6:38:2d:94:35:1d:6b:b3:1b:72:b5:a3:a9: 02:e7:96:e6:fc:62:c0:0e:83:b5:70:14:04:6c:4f: 52:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:EE:68:65:28:2B:8D:F7:A6:28:0C:52:A8:48:B3:67:81:18:77:26 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/58ba68d3-9488-476b-8d44-5ecf1f0018e8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.76.0/22 Signature Algorithm: sha256WithRSAEncryption 50:9f:fc:96:fc:c4:f5:34:92:80:ae:b6:e9:ce:61:26:2f:d2: 1e:1f:48:bd:6a:21:8d:6a:8a:9c:97:14:0f:30:89:a7:a8:bf: 74:b1:cc:a2:34:ac:e5:f3:ba:5e:e0:0a:49:e4:33:ad:cc:b9: b9:dc:32:e4:29:4f:f2:c5:c7:f3:7f:62:0a:5e:14:8b:9d:93: 3f:18:8f:b4:c8:ea:86:2b:7e:de:ae:ff:fa:80:3a:94:54:24: 28:a8:8f:d7:07:be:2b:b3:9b:f7:e0:f5:4c:33:2d:e0:6c:e4: 02:4a:cc:e0:b6:b0:11:ff:0e:71:b6:a6:0a:9f:d6:1d:95:a8: ee:86:c6:a7:df:e6:3f:a9:09:50:94:a9:cf:33:2d:87:89:8f: 93:4c:5f:61:f1:91:25:3b:af:f1:c4:d4:10:eb:f1:0e:17:30: 45:d2:76:f6:ad:93:af:ed:31:8a:ac:61:a1:cb:8b:94:52:1b: 8e:0a:2f:1f:88:e4:6c:b3:b0:05:5e:b0:0e:be:b9:28:d9:a1: 06:09:c5:d1:b6:d0:a3:1d:16:9f:15:47:0e:6f:fe:5e:91:1b: a4:af:be:eb:06:62:23:2b:6a:9a:42:23:bb:5f:73:bf:33:cc: 44:0f:78:46:ca:f9:c9:29:d1:35:99:26:d0:bb:db:a5:b2:b7: 18:99:b4:af -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUDDcZ+SmeB36jgHmgFnieemX2BiEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MDQxNzAwMDAwMFoX DTI0MDUyMjIzNTk1OVowejFJMEcGA1UEBRNAZDdjZDIyMmU0ZWVhMDg1ZjkxMzI4 YTkzMGI4ZDBhNjcwYmZkYTllZTMyMzY1MjlmYTBkZTJkNzk5NTI2MTFjNjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3hEjdRz5QpxigkonxzJ/4dxZt6s t5xHJQjC2vk3xAUAkpHjkrm6ZsjOzNB+iZKwbgRFlH68xVW2VTlDXNBx4aMhZH/o gsXBjlBFZNwTfVfflTRInZygMyCHxdoj5o4IMDjX1cZ2IknX92Sk8+oiCBXtWSSZ DtzQBQeBj1q4SfOIYoVyLhCKofww5JaMWZzvbpXdpzEU23CTzUl6Iiugjz5o265h tsd364tuysEuiGWwbqtGDW5cJy52Oc9i601hoOuAhspX5E8gkztiXSoYj+yrTJoq bi3nS1EsNIMsFl1KvOY4LZQ1HWuzG3K1o6kC55bm/GLADoO1cBQEbE9SaQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFCbuaGUoK433pigMUqhIs2eBGHcmMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi LzU4YmE2OGQzLTk0ODgtNDc2Yi04ZDQ0LTVlY2YxZjAwMThlOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+BMMA0GCSqGSIb3DQEBCwUAA4IBAQBQn/yW/MT1NJKArrbpzmEm L9IeH0i9aiGNaoqclxQPMImnqL90scyiNKzl87pe4ApJ5DOtzLm53DLkKU/yxcfz f2IKXhSLnZM/GI+0yOqGK37erv/6gDqUVCQoqI/XB74rs5v34PVMMy3gbOQCSszg trAR/w5xtqYKn9Ydlajuhsan3+Y/qQlQlKnPMy2HiY+TTF9h8ZElO6/xxNQQ6/EO FzBF0nb2rZOv7TGKrGGhy4uUUhuOCi8fiORss7AFXrAOvrko2aEGCcXRttCjHRaf FUcOb/5ekRukr77rBmIjK2qaQiO7X3O/M8xED3hGyvnJKdE1mSbQu9ulsrcYmbSv -----END CERTIFICATE-----Generated at Thu Apr 25 02:00:19 2024 by rpki-client on console-ams.rpki-client.org