$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/fda62ac0-bc2c-4d57-a69e-8a7c469cd2d8.roa File: fda62ac0-bc2c-4d57-a69e-8a7c469cd2d8.roa (raw, json) Hash identifier: 1KqlC6vwHwziIbxJKceFjkAVG6na+iMxHfYRS5YN3hM= Subject key identifier: FA:77:58:05:B9:53:0B:DA:A3:E0:99:F0:03:0C:EF:36:A5:E2:3E:1D Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 18F547CFE6E1CDD2C64A43A46E3CA78663298EB3 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/fda62ac0-bc2c-4d57-a69e-8a7c469cd2d8.roa Signing time: Mon 04 Sep 2023 00:00:00 +0000 ROA not before: Mon 04 Sep 2023 00:00:00 +0000 ROA not after: Mon 09 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 43.224.76.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 06 Sep 2023 03:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:f5:47:cf:e6:e1:cd:d2:c6:4a:43:a4:6e:3c:a7:86:63:29:8e:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Sep 4 00:00:00 2023 GMT Not After : Oct 9 23:59:59 2023 GMT Subject: serialNumber=7f340f437e68c427f4ac6d8d8c95e73eaca47c2879fe08020d87a42714ddd417, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:0d:01:1a:df:e9:aa:1e:5b:d0:fb:e7:56:d7: db:f7:29:bf:c3:aa:6b:5f:2b:5c:eb:f2:43:e1:45: b2:8f:3d:f9:d7:f7:0a:cb:46:a8:34:c8:83:09:39: 99:e4:66:76:5d:41:e9:dd:5b:ee:ac:7d:c7:39:da: 75:9b:e7:f8:ba:35:62:72:71:85:f4:e0:a4:39:fe: 16:dc:98:01:36:b3:69:f3:33:68:b8:ff:a4:49:a1: b5:f9:e6:9f:b0:f4:96:c6:43:61:74:3d:3b:03:2d: 7d:ba:91:34:25:b5:c2:43:2f:9e:5b:20:6c:c0:cb: b1:84:3c:8a:10:2b:9d:35:f6:60:0e:71:c2:c9:28: ce:63:ba:3c:98:48:f0:73:de:53:30:7f:43:75:2e: 86:d6:8c:f7:09:cb:37:0e:d6:8e:9e:49:0a:1c:9f: b7:99:28:f1:ad:23:3c:47:b0:1f:86:3d:e6:4d:4a: 05:6a:95:a3:9c:64:78:51:2d:0e:f9:9b:fb:d8:52: 60:d0:36:ca:e9:d7:78:b2:2d:5c:75:b8:69:b5:26: 56:e5:7e:56:87:42:d8:34:41:43:a3:c8:49:04:46: 11:a2:ef:4e:49:a3:4f:92:71:39:85:16:a2:e4:88: 01:fc:7f:a4:dc:df:93:a2:44:a9:45:da:a5:92:9a: a5:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:77:58:05:B9:53:0B:DA:A3:E0:99:F0:03:0C:EF:36:A5:E2:3E:1D X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/fda62ac0-bc2c-4d57-a69e-8a7c469cd2d8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.76.0/22 Signature Algorithm: sha256WithRSAEncryption 8f:16:77:84:4c:86:70:97:24:e8:94:1e:cf:52:8b:3c:63:08: 34:e8:ca:5e:24:58:4a:ff:a1:be:ef:7e:59:b9:b0:08:91:1f: 52:00:64:24:83:3d:74:3a:c8:bb:54:1a:94:5c:4e:94:ee:16: f7:5f:0b:98:10:89:bf:f2:eb:70:3c:e5:32:55:35:8c:8a:bc: ba:b6:ee:51:03:c9:b8:7a:94:43:a7:dd:a6:c6:c4:cf:bd:01: 4b:08:30:3f:3c:7c:8b:52:03:d4:7f:ba:a1:17:bc:41:15:e8: 4b:c5:7e:57:67:42:98:bb:95:f2:00:d8:ce:c7:87:21:73:d2: b1:1d:44:0d:a1:7a:9c:76:d4:8c:fa:42:94:89:32:bb:5b:87: 30:75:fa:3d:5b:83:f9:20:3e:bd:e0:38:d0:1b:a3:85:9a:1d: 9e:03:2a:67:cf:fe:42:82:c9:a7:a7:d0:5e:21:9d:84:25:b0: bc:76:9b:12:10:bf:57:f7:87:7d:36:56:c9:5a:df:67:3c:9f: 9a:cd:c3:75:79:67:8a:36:29:6c:a4:db:d2:93:c2:78:6f:d6: 1a:8f:8c:5b:bb:8e:49:22:93:0e:11:9a:ca:ff:41:44:01:9a: 1d:41:cd:e1:2d:c4:7d:61:d5:7a:08:c9:67:ab:6e:b1:aa:9a: 5e:70:bc:87 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUGPVHz+bhzdLGSkOkbjynhmMpjrMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTIzMDkwNDAwMDAwMFoX DTIzMTAwOTIzNTk1OVowejFJMEcGA1UEBRNAN2YzNDBmNDM3ZTY4YzQyN2Y0YWM2 ZDhkOGM5NWU3M2VhY2E0N2MyODc5ZmUwODAyMGQ4N2E0MjcxNGRkZDQxNzEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQ0BGt/pqh5b0PvnVtfb9ym/w6pr Xytc6/JD4UWyjz351/cKy0aoNMiDCTmZ5GZ2XUHp3VvurH3HOdp1m+f4ujVicnGF 9OCkOf4W3JgBNrNp8zNouP+kSaG1+eafsPSWxkNhdD07Ay19upE0JbXCQy+eWyBs wMuxhDyKECudNfZgDnHCySjOY7o8mEjwc95TMH9DdS6G1oz3Ccs3DtaOnkkKHJ+3 mSjxrSM8R7Afhj3mTUoFapWjnGR4US0O+Zv72FJg0DbK6dd4si1cdbhptSZW5X5W h0LYNEFDo8hJBEYRou9OSaNPknE5hRai5IgB/H+k3N+TokSpRdqlkpqlcQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPp3WAW5Uwvao+CZ8AMM7zal4j4dMB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi L2ZkYTYyYWMwLWJjMmMtNGQ1Ny1hNjllLThhN2M0NjljZDJkOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+BMMA0GCSqGSIb3DQEBCwUAA4IBAQCPFneETIZwlyTolB7PUos8 Ywg06MpeJFhK/6G+735ZubAIkR9SAGQkgz10Osi7VBqUXE6U7hb3XwuYEIm/8utw POUyVTWMiry6tu5RA8m4epRDp92mxsTPvQFLCDA/PHyLUgPUf7qhF7xBFehLxX5X Z0KYu5XyANjOx4chc9KxHUQNoXqcdtSM+kKUiTK7W4cwdfo9W4P5ID694DjQG6OF mh2eAypnz/5Cgsmnp9BeIZ2EJbC8dpsSEL9X94d9NlbJWt9nPJ+azcN1eWeKNils pNvSk8J4b9Yaj4xbu45JIpMOEZrK/0FEAZodQc3hLcR9YdV6CMlnq26xqppecLyH -----END CERTIFICATE-----Generated at Mon Sep 4 15:38:31 2023 by rpki-client on console-fra.rpki-client.org