$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/fda62ac0-bc2c-4d57-a69e-8a7c469cd2d8.roa File: fda62ac0-bc2c-4d57-a69e-8a7c469cd2d8.roa (raw, json) Hash identifier: pd0v0s27l6aEw9sBp6xyJY8LqUg55E82XzWj8sVUkos= Subject key identifier: 2C:83:82:C0:DD:03:3C:3A:EB:E2:8D:F4:B5:86:66:C3:6C:A6:6C:BD Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 64CB598CD9FFDEBF1B2CBD9B28141AE86CF14C96 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/fda62ac0-bc2c-4d57-a69e-8a7c469cd2d8.roa Signing time: Wed 17 Apr 2024 00:00:00 +0000 ROA not before: Wed 17 Apr 2024 00:00:00 +0000 ROA not after: Wed 22 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 43.224.76.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 29 Apr 2024 00:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:cb:59:8c:d9:ff:de:bf:1b:2c:bd:9b:28:14:1a:e8:6c:f1:4c:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Apr 17 00:00:00 2024 GMT Not After : May 22 23:59:59 2024 GMT Subject: serialNumber=459a970c3828be35bbc89e3a9caa1e08199ef6b48ff3a2f2f5d9961c328ea01e, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:46:4b:2e:f8:4d:ca:81:ab:64:a9:25:aa:56: 14:95:c2:1b:c2:f9:3f:47:ac:43:c3:18:b1:24:af: 45:9f:2b:23:9d:31:e1:78:1a:e0:c4:a2:0e:10:cd: 66:9d:f5:9b:aa:77:89:89:74:c3:8e:dc:11:49:1e: 05:a8:c5:aa:3f:5f:15:80:bc:aa:f8:53:84:a7:28: 2d:1d:16:1a:9f:11:f8:a7:b7:66:d7:04:81:1b:fe: 64:a7:4a:b7:98:8b:db:95:7e:52:41:69:0d:1c:e6: f0:d2:0d:81:e5:4a:ee:25:c4:59:fe:d4:8a:b6:a5: 9d:a2:db:78:ba:b9:c0:f5:13:bd:cd:45:0c:ab:5a: ab:23:90:21:5f:7c:b1:77:13:28:f4:fc:5f:10:07: b8:57:61:a0:10:ff:42:b9:85:b2:88:e6:27:7b:4b: 22:91:53:6e:58:4b:99:23:8d:cd:1c:2f:20:0c:e8: 35:3d:21:92:c3:a1:f3:38:7f:24:77:86:40:29:89: 1f:ad:e5:1c:c9:1d:60:23:74:7e:63:0f:6f:d0:02: a8:70:c5:cf:62:b1:e1:8f:af:76:4a:0b:bc:6d:be: 92:fa:20:fe:c8:a0:48:a7:72:ac:62:aa:32:2e:d0: 4c:46:0e:f6:93:e0:b3:ae:87:5f:dd:05:2d:27:03: ac:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:83:82:C0:DD:03:3C:3A:EB:E2:8D:F4:B5:86:66:C3:6C:A6:6C:BD X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/fda62ac0-bc2c-4d57-a69e-8a7c469cd2d8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.76.0/22 Signature Algorithm: sha256WithRSAEncryption 6b:f5:15:b6:13:f2:14:2c:2b:d5:3d:f9:47:77:ec:62:54:7d: ad:58:87:0f:72:55:4a:c4:94:82:f4:20:13:35:05:1f:57:64: 89:7b:3a:0c:af:3e:db:10:23:03:bd:a7:f5:79:3d:ac:af:cb: 41:d3:77:ae:42:5b:11:b0:47:e6:f6:53:fb:4b:b4:ed:1b:8f: 15:d9:c2:9b:03:01:fa:0b:da:b4:29:0a:39:54:06:4e:56:4e: 83:f3:75:bd:30:f6:77:b2:a5:a9:24:96:b0:da:cb:27:f7:81: c5:0e:81:4b:a5:77:7a:4b:fb:9b:5c:a0:40:28:9f:55:4e:a0: a7:10:f6:00:90:4b:b8:39:25:99:78:b2:f9:ee:46:14:54:22: 4b:cc:a2:1f:e0:90:f7:62:6b:b2:17:da:f6:96:96:1c:f4:34: ae:58:d1:cf:30:e4:65:71:ee:b4:91:fb:43:59:b9:cb:30:96: 89:90:95:6c:4b:dd:ba:81:5e:3d:9d:93:04:cf:d9:d6:1e:43: c4:a4:c9:af:59:39:0a:2a:41:59:6a:50:4c:cf:01:6a:8a:39: ca:e1:33:5c:e7:c5:06:95:22:b5:e6:a3:64:cc:fb:9a:74:e9: cd:a8:2d:3d:c4:53:f5:e8:a2:31:dc:e7:93:39:8c:3c:62:f8: 41:4b:97:28 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUZMtZjNn/3r8bLL2bKBQa6GzxTJYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MDQxNzAwMDAwMFoX DTI0MDUyMjIzNTk1OVowejFJMEcGA1UEBRNANDU5YTk3MGMzODI4YmUzNWJiYzg5 ZTNhOWNhYTFlMDgxOTllZjZiNDhmZjNhMmYyZjVkOTk2MWMzMjhlYTAxZTEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkZLLvhNyoGrZKklqlYUlcIbwvk/ R6xDwxixJK9FnysjnTHheBrgxKIOEM1mnfWbqneJiXTDjtwRSR4FqMWqP18VgLyq +FOEpygtHRYanxH4p7dm1wSBG/5kp0q3mIvblX5SQWkNHObw0g2B5UruJcRZ/tSK tqWdott4urnA9RO9zUUMq1qrI5AhX3yxdxMo9PxfEAe4V2GgEP9CuYWyiOYne0si kVNuWEuZI43NHC8gDOg1PSGSw6HzOH8kd4ZAKYkfreUcyR1gI3R+Yw9v0AKocMXP YrHhj692Sgu8bb6S+iD+yKBIp3KsYqoyLtBMRg72k+Czrodf3QUtJwOssQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFCyDgsDdAzw66+KN9LWGZsNspmy9MB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi L2ZkYTYyYWMwLWJjMmMtNGQ1Ny1hNjllLThhN2M0NjljZDJkOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+BMMA0GCSqGSIb3DQEBCwUAA4IBAQBr9RW2E/IULCvVPflHd+xi VH2tWIcPclVKxJSC9CATNQUfV2SJezoMrz7bECMDvaf1eT2sr8tB03euQlsRsEfm 9lP7S7TtG48V2cKbAwH6C9q0KQo5VAZOVk6D83W9MPZ3sqWpJJaw2ssn94HFDoFL pXd6S/ubXKBAKJ9VTqCnEPYAkEu4OSWZeLL57kYUVCJLzKIf4JD3YmuyF9r2lpYc 9DSuWNHPMORlce60kftDWbnLMJaJkJVsS926gV49nZMEz9nWHkPEpMmvWTkKKkFZ alBMzwFqijnK4TNc58UGlSK15qNkzPuadOnNqC09xFP16KIx3OeTOYw8YvhBS5co -----END CERTIFICATE-----Generated at Thu Apr 25 00:31:13 2024 by rpki-client on console-fra.rpki-client.org