$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa File: ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa (raw, json) Hash identifier: uj2Ii2OLY6RUMB7NgmVyLBJQ887s2rQgVQ2hTJAyqsg= Subject key identifier: F7:64:3F:4A:FE:5D:4A:CF:2C:D9:EF:A0:3F:F1:22:1D:01:A2:65:A3 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 39D151C6AA0920CC721791E66083EB759E7B35FB Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa Signing time: Mon 04 Sep 2023 00:00:00 +0000 ROA not before: Mon 04 Sep 2023 00:00:00 +0000 ROA not after: Mon 09 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 103.8.172.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 06 Sep 2023 03:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:d1:51:c6:aa:09:20:cc:72:17:91:e6:60:83:eb:75:9e:7b:35:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Sep 4 00:00:00 2023 GMT Not After : Oct 9 23:59:59 2023 GMT Subject: serialNumber=4291cc51b55bb0dcbfa263e216ae23058cbbe2c4a193f64a5f1ec375aaf16b67, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:a1:66:83:67:03:73:7b:20:79:da:51:e1:26: e6:11:86:b1:8e:57:b0:af:ef:7d:6c:c6:e0:b2:c8: 47:5e:c5:b1:96:9f:b1:55:ec:7b:60:da:d8:fe:e9: 17:b6:73:6b:18:55:d9:f4:ca:e3:e8:41:b4:8c:4f: 06:30:9d:cf:ec:8d:2f:7f:3f:de:97:f3:90:96:18: 95:95:32:53:df:f2:7f:0e:fa:fd:80:e6:40:66:a1: 1f:00:e2:86:a4:5c:de:c8:04:6b:80:d9:26:7b:54: 66:44:df:9c:9e:fb:e9:12:ae:e7:9f:2e:66:8c:7a: 97:34:c1:df:35:da:ec:f9:41:bf:2f:5b:f5:c9:6e: f9:4a:bf:bd:47:0f:13:7d:6d:f7:2f:7f:09:40:48: 03:14:b7:d7:f9:ef:06:d7:7f:c9:3b:b4:5a:a6:c9: f1:65:0a:c3:eb:6d:1e:ae:5e:f7:81:70:4f:d5:be: 1d:04:c5:3e:9d:8c:91:04:05:f7:17:33:13:fe:7e: 7f:ce:1b:6c:8a:ca:49:f3:a2:29:25:78:2d:a8:be: 94:50:ae:99:2e:c2:0f:e1:66:b9:7b:fd:8f:f0:5c: 76:1a:5e:df:4c:c3:ec:b2:cf:c9:02:41:80:16:50: a4:78:37:f8:b7:9a:2b:4c:65:91:6c:1b:99:60:ba: 48:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:64:3F:4A:FE:5D:4A:CF:2C:D9:EF:A0:3F:F1:22:1D:01:A2:65:A3 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/ea1d02aa-6d25-4b36-b42e-ba837d49e261.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.8.172.0/22 Signature Algorithm: sha256WithRSAEncryption 73:95:d7:16:28:01:da:32:bc:a6:f6:15:9e:6b:e6:d4:e4:f1: ff:1f:e3:ed:15:95:cf:45:61:50:28:d6:6d:b0:ac:3e:57:b9: 37:d2:94:c8:77:b4:a3:c9:d9:d4:48:9e:b9:9c:94:9d:a7:e6: 51:88:cb:c3:fb:83:7d:dd:c8:f1:55:d6:6d:10:d1:2d:50:5d: 38:f3:a2:45:fb:4e:f4:c8:c2:7d:34:2c:5c:de:c0:69:94:17: 64:10:72:84:c8:dc:87:a8:9d:6e:5e:e2:0a:69:ff:7b:7f:29: d0:95:a8:94:c2:85:40:6b:06:c6:5e:c1:62:a5:cf:a9:d7:c9: 9f:2d:b7:4e:eb:57:65:a5:3b:17:b9:d7:55:30:9d:26:65:34: 9c:2c:cb:ac:f0:57:a1:bb:47:3b:dd:6a:e0:f7:84:11:37:38: e2:e2:40:43:8a:85:82:da:90:96:83:2e:83:33:f8:9f:30:10: 71:90:f1:da:fd:63:89:48:bb:4a:01:6e:a4:03:76:e6:cf:46: d5:4b:c2:8f:7e:92:4f:22:06:4d:71:ef:ab:58:0a:6c:8e:ab: fb:a1:2e:36:6c:a4:62:8a:1c:4b:79:df:ea:1d:7d:b5:c6:da: 3f:47:6e:06:00:be:d0:c4:0c:1c:a1:45:ab:42:90:a4:5f:b7: 73:cb:09:40 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUOdFRxqoJIMxyF5HmYIPrdZ57NfswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTIzMDkwNDAwMDAwMFoX DTIzMTAwOTIzNTk1OVowejFJMEcGA1UEBRNANDI5MWNjNTFiNTViYjBkY2JmYTI2 M2UyMTZhZTIzMDU4Y2JiZTJjNGExOTNmNjRhNWYxZWMzNzVhYWYxNmI2NzEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaFmg2cDc3sgedpR4SbmEYaxjlew r+99bMbgsshHXsWxlp+xVex7YNrY/ukXtnNrGFXZ9Mrj6EG0jE8GMJ3P7I0vfz/e l/OQlhiVlTJT3/J/Dvr9gOZAZqEfAOKGpFzeyARrgNkme1RmRN+cnvvpEq7nny5m jHqXNMHfNdrs+UG/L1v1yW75Sr+9Rw8TfW33L38JQEgDFLfX+e8G13/JO7Rapsnx ZQrD620erl73gXBP1b4dBMU+nYyRBAX3FzMT/n5/zhtsispJ86IpJXgtqL6UUK6Z LsIP4Wa5e/2P8Fx2Gl7fTMPsss/JAkGAFlCkeDf4t5orTGWRbBuZYLpI0wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPdkP0r+XUrPLNnvoD/xIh0BomWjMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi L2VhMWQwMmFhLTZkMjUtNGIzNi1iNDJlLWJhODM3ZDQ5ZTI2MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZwisMA0GCSqGSIb3DQEBCwUAA4IBAQBzldcWKAHaMrym9hWea+bU 5PH/H+PtFZXPRWFQKNZtsKw+V7k30pTId7SjydnUSJ65nJSdp+ZRiMvD+4N93cjx VdZtENEtUF0486JF+070yMJ9NCxc3sBplBdkEHKEyNyHqJ1uXuIKaf97fynQlaiU woVAawbGXsFipc+p18mfLbdO61dlpTsXuddVMJ0mZTScLMus8Fehu0c73Wrg94QR Nzji4kBDioWC2pCWgy6DM/ifMBBxkPHa/WOJSLtKAW6kA3bmz0bVS8KPfpJPIgZN ce+rWApsjqv7oS42bKRiihxLed/qHX21xto/R24GAL7QxAwcoUWrQpCkX7dzywlA -----END CERTIFICATE-----Generated at Mon Sep 4 15:17:37 2023 by rpki-client on console-ams.rpki-client.org