$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa File: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (raw, json) Hash identifier: 2fdPaiVLxJd7sGwVgT0sR/+DrP7xrOGLP3UpIprWEuU= Subject key identifier: 12:45:CE:72:45:ED:46:26:7F:16:48:DA:68:CD:10:47:C1:A9:28:F1 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 32A420AE5FD3A4C18F3ABA8E07D53FE370B5C66F Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa Signing time: Tue 05 Nov 2024 00:00:00 +0000 ROA not before: Tue 05 Nov 2024 00:00:00 +0000 ROA not after: Tue 10 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 103.8.172.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 15:11:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:a4:20:ae:5f:d3:a4:c1:8f:3a:ba:8e:07:d5:3f:e3:70:b5:c6:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Nov 5 00:00:00 2024 GMT Not After : Dec 10 23:59:59 2024 GMT Subject: serialNumber=e44c3bbbbecb502787810d2b5e1d80fe73e616ffc040df65836acc1cc8d70116, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:fd:1a:a9:38:e9:8f:04:97:90:32:c6:cf:38: bb:75:af:65:0c:25:f4:8e:22:19:39:ae:b0:cb:0d: d0:fc:08:75:54:45:cb:97:47:67:98:fd:b8:c5:81: 84:a3:67:41:ff:1c:79:55:be:ec:96:c4:89:10:34: 24:71:45:46:e9:ba:93:9a:dd:69:1c:bf:1d:e1:1a: ba:c6:6a:02:5a:5a:17:40:94:34:18:08:9a:65:af: c9:c5:3e:de:7a:43:3a:0e:f9:98:17:8a:cc:1c:84: db:84:46:ea:03:0f:b9:f7:85:76:a1:4d:48:a3:81: fb:45:ec:28:68:27:ae:3d:c1:9a:4c:bb:89:6c:3d: 03:65:6e:de:e3:41:65:6f:42:2b:1b:3b:7e:da:00: b9:c8:52:a9:eb:db:ba:1e:68:0d:50:64:68:a8:59: 2b:ba:84:d7:de:3e:64:20:df:1c:cc:cd:3f:0d:58: 7d:8b:b7:15:ae:70:b5:60:03:cd:39:c4:21:44:46: 33:c3:1c:46:38:8f:33:7b:c3:aa:4c:ee:29:8c:4f: 24:84:f0:c8:ab:d9:c7:b1:62:54:e1:89:ee:24:85: a3:96:e4:00:74:cf:5c:9c:06:f8:b0:bd:b3:5c:83: f2:d2:51:50:d3:48:4a:27:15:09:dd:fc:84:2b:cf: 50:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:45:CE:72:45:ED:46:26:7F:16:48:DA:68:CD:10:47:C1:A9:28:F1 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.8.172.0/22 Signature Algorithm: sha256WithRSAEncryption 8b:73:83:e0:01:0b:d9:fb:c9:76:e6:1d:f6:0a:b2:d5:83:cd: d9:f8:65:a7:43:f6:4a:f9:84:c2:0c:4c:f3:cf:8d:91:e5:19: 9a:93:1c:ff:33:a1:b5:28:23:94:1b:ee:54:64:58:36:c0:45: a0:34:cb:49:b1:db:2a:d6:68:e7:1d:6f:f1:6f:6d:7c:bc:1c: 52:6a:9d:be:c2:3f:2d:c4:e8:32:00:93:b9:fa:58:a6:00:97: 40:b1:cb:74:be:6f:0f:79:25:55:5e:15:87:e3:24:68:05:e5: 46:ea:41:5b:d2:a6:c3:33:4b:4f:ed:9e:f0:02:56:a3:bd:e7: a6:d0:6f:33:15:97:2b:05:a1:b6:02:e9:eb:61:b9:01:59:13: 83:b0:42:57:b0:76:05:60:14:f9:39:b1:65:79:b9:56:86:e6: ec:6f:c3:ce:69:7c:6e:49:3e:69:88:98:12:80:12:5c:3f:40: 9b:55:47:90:1e:df:13:e0:81:91:16:c5:ae:fe:9c:ac:0e:9f: 4f:60:af:69:b6:51:16:01:d3:29:7a:9e:65:39:d1:f1:e0:2e: 7b:aa:64:8f:4a:bb:fa:5a:84:c4:4a:18:81:a5:32:36:52:8a: c0:5f:a0:28:0d:b1:60:8d:4d:3a:69:50:5f:40:4a:7a:3e:ff: a7:25:ee:94 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUMqQgrl/TpMGPOrqOB9U/43C1xm8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MTEwNTAwMDAwMFoX DTI0MTIxMDIzNTk1OVowejFJMEcGA1UEBRNAZTQ0YzNiYmJiZWNiNTAyNzg3ODEw ZDJiNWUxZDgwZmU3M2U2MTZmZmMwNDBkZjY1ODM2YWNjMWNjOGQ3MDExNjEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/0aqTjpjwSXkDLGzzi7da9lDCX0 jiIZOa6wyw3Q/Ah1VEXLl0dnmP24xYGEo2dB/xx5Vb7slsSJEDQkcUVG6bqTmt1p HL8d4Rq6xmoCWloXQJQ0GAiaZa/JxT7eekM6DvmYF4rMHITbhEbqAw+594V2oU1I o4H7RewoaCeuPcGaTLuJbD0DZW7e40Flb0IrGzt+2gC5yFKp69u6HmgNUGRoqFkr uoTX3j5kIN8czM0/DVh9i7cVrnC1YAPNOcQhREYzwxxGOI8ze8OqTO4pjE8khPDI q9nHsWJU4YnuJIWjluQAdM9cnAb4sL2zXIPy0lFQ00hKJxUJ3fyEK89QDQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFBJFznJF7UYmfxZI2mjNEEfBqSjxMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi L2VhMWQwMmFhLTZkMjUtNGIzNi1iNDJlLWJhODM3ZDQ5ZTI2MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZwisMA0GCSqGSIb3DQEBCwUAA4IBAQCLc4PgAQvZ+8l25h32CrLV g83Z+GWnQ/ZK+YTCDEzzz42R5Rmakxz/M6G1KCOUG+5UZFg2wEWgNMtJsdsq1mjn HW/xb218vBxSap2+wj8txOgyAJO5+limAJdAsct0vm8PeSVVXhWH4yRoBeVG6kFb 0qbDM0tP7Z7wAlajveem0G8zFZcrBaG2AunrYbkBWRODsEJXsHYFYBT5ObFleblW hubsb8POaXxuST5piJgSgBJcP0CbVUeQHt8T4IGRFsWu/pysDp9PYK9ptlEWAdMp ep5lOdHx4C57qmSPSrv6WoTEShiBpTI2UorAX6AoDbFgjU06aVBfQEp6Pv+nJe6U -----END CERTIFICATE-----Generated at Thu Nov 21 17:28:40 2024 by rpki-client on console-fra.rpki-client.org