$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/fda62ac0-bc2c-4d57-a69e-8a7c469cd2d8.roa File: fda62ac0-bc2c-4d57-a69e-8a7c469cd2d8.roa (raw, json) Hash identifier: L8s8oyPrFxtkbG0DK8hz9V3ib6JiXpsZIDM2j9TnIcc= Subject key identifier: A5:DB:E1:08:B5:C0:A0:11:70:51:D3:F6:4C:6D:3D:76:DA:34:FA:B5 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 590844842EBFD7A21AA4DD1D9A35C6FBDB96D215 Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/fda62ac0-bc2c-4d57-a69e-8a7c469cd2d8.roa Signing time: Tue 05 Nov 2024 00:00:00 +0000 ROA not before: Tue 05 Nov 2024 00:00:00 +0000 ROA not after: Tue 10 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 43.224.76.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 15:14:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:08:44:84:2e:bf:d7:a2:1a:a4:dd:1d:9a:35:c6:fb:db:96:d2:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Nov 5 00:00:00 2024 GMT Not After : Dec 10 23:59:59 2024 GMT Subject: serialNumber=b20962f69d3df016ca4f0f3a9f7b73d653d3c6d15a2f2030cffee0e2d59b6dbe, CN=bb9a9116-f615-462e-a680-5266b327e0fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:1d:68:62:1a:78:f0:76:b5:a5:96:4f:d9:ed: 1d:3c:9c:93:42:d4:d8:c8:62:6e:66:7e:d5:18:34: b3:f3:ba:fd:02:ac:62:8b:db:7a:dd:9a:37:b2:71: 5a:91:c7:1a:d6:ce:6a:64:78:53:d1:8c:5e:6a:61: ac:66:78:e0:fd:98:db:5f:8b:ac:04:ed:c1:3a:90: 2b:1c:9d:0d:ea:26:d3:c1:f9:67:ac:18:a9:50:f3: e1:4c:2f:7b:fb:6f:ab:8a:e9:41:8d:82:d0:ee:ab: c0:ec:32:2c:56:19:0d:f5:40:b9:be:3d:37:93:a5: df:35:1f:ff:37:2a:e6:b4:d2:99:7d:a7:e0:e4:41: b1:c4:54:bc:94:09:04:2b:f7:b8:b8:91:13:9a:0d: 6d:0a:b7:1d:70:4c:74:50:5a:11:7a:cb:a2:d0:2b: e6:cd:40:34:dc:d2:64:f5:82:ef:71:d9:1a:9f:cd: 25:45:9f:71:50:a9:c3:60:84:40:7c:95:bd:44:0f: 52:53:1c:a0:64:8e:5d:9c:20:28:fc:3d:a8:77:30: 5d:62:20:6d:8d:54:f9:f5:c2:7f:a0:3f:1e:92:d2: 91:0b:ae:9b:71:52:68:d8:78:c4:8f:34:f7:43:af: cd:15:ed:60:6d:de:eb:61:fd:f6:67:e8:b7:72:ce: 10:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:DB:E1:08:B5:C0:A0:11:70:51:D3:F6:4C:6D:3D:76:DA:34:FA:B5 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/fda62ac0-bc2c-4d57-a69e-8a7c469cd2d8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.76.0/22 Signature Algorithm: sha256WithRSAEncryption 1f:37:ff:16:2f:03:25:31:c6:4d:65:26:6d:65:78:29:87:58: ab:e2:17:56:59:80:25:56:4d:1a:20:40:9f:fd:31:3b:42:e9: 5f:44:22:ee:b6:c5:cd:6d:7d:30:98:a2:0a:ec:41:33:60:fa: 10:24:b7:68:b0:11:37:b3:97:a3:91:e8:c7:a4:04:12:68:d0: 93:a2:23:12:3a:69:61:0c:e8:7d:e6:e7:25:8c:d2:e8:cd:9a: 0a:a7:86:4c:87:cc:d8:49:41:4f:4e:d0:41:f0:d9:3e:f2:fa: bc:80:b1:36:f1:09:2e:23:29:c6:cf:b6:cb:04:66:c1:4e:4a: 81:ff:f6:5c:36:d2:62:38:5e:b7:a1:72:f1:37:22:a0:16:99: 4d:50:31:cd:0e:2a:85:f1:b4:59:c6:98:1e:9c:d9:cb:a6:61: b2:81:42:df:2e:56:58:8e:39:6a:8d:d9:45:71:6a:7c:62:ea: 6a:5f:21:87:11:e8:d1:88:39:44:9b:f4:20:fe:89:c6:77:3a: 0e:bb:06:3d:86:7c:b1:48:68:ad:60:1e:a5:f3:c3:b8:44:8c: b4:41:cb:a3:ad:0f:10:0b:ab:6b:f1:03:fc:1e:0e:9e:50:a8: 53:ff:04:99:9d:62:cc:58:4a:10:23:34:97:60:f0:0c:10:0c: 10:4a:34:c6 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUWQhEhC6/16IapN0dmjXG+9uW0hUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MTEwNTAwMDAwMFoX DTI0MTIxMDIzNTk1OVowejFJMEcGA1UEBRNAYjIwOTYyZjY5ZDNkZjAxNmNhNGYw ZjNhOWY3YjczZDY1M2QzYzZkMTVhMmYyMDMwY2ZmZWUwZTJkNTliNmRiZTEtMCsG A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzR1oYhp48Ha1pZZP2e0dPJyTQtTY yGJuZn7VGDSz87r9Aqxii9t63Zo3snFakcca1s5qZHhT0YxeamGsZnjg/ZjbX4us BO3BOpArHJ0N6ibTwflnrBipUPPhTC97+2+riulBjYLQ7qvA7DIsVhkN9UC5vj03 k6XfNR//NyrmtNKZfafg5EGxxFS8lAkEK/e4uJETmg1tCrcdcEx0UFoResui0Cvm zUA03NJk9YLvcdkan80lRZ9xUKnDYIRAfJW9RA9SUxygZI5dnCAo/D2odzBdYiBt jVT59cJ/oD8ektKRC66bcVJo2HjEjzT3Q6/NFe1gbd7rYf32Z+i3cs4QKQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFKXb4Qi1wKARcFHT9kxtPXbaNPq1MB8GA1UdIwQY MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi L2ZkYTYyYWMwLWJjMmMtNGQ1Ny1hNjllLThhN2M0NjljZDJkOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+BMMA0GCSqGSIb3DQEBCwUAA4IBAQAfN/8WLwMlMcZNZSZtZXgp h1ir4hdWWYAlVk0aIECf/TE7QulfRCLutsXNbX0wmKIK7EEzYPoQJLdosBE3s5ej kejHpAQSaNCToiMSOmlhDOh95ucljNLozZoKp4ZMh8zYSUFPTtBB8Nk+8vq8gLE2 8QkuIynGz7bLBGbBTkqB//ZcNtJiOF63oXLxNyKgFplNUDHNDiqF8bRZxpgenNnL pmGygULfLlZYjjlqjdlFcWp8YupqXyGHEejRiDlEm/Qg/onGdzoOuwY9hnyxSGit YB6l88O4RIy0QcujrQ8QC6tr8QP8Hg6eUKhT/wSZnWLMWEoQIzSXYPAMEAwQSjTG -----END CERTIFICATE-----Generated at Sun Nov 24 17:18:25 2024 by rpki-client on console-fra.rpki-client.org