$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/19d8d605-09bf-4dfb-b2db-2001ae07c998.roa File: 19d8d605-09bf-4dfb-b2db-2001ae07c998.roa (raw, json) Hash identifier: KCEAp0wv5uHAm8Vw2iNK/njjxirF/S8Ti9M/ywaE4cQ= Subject key identifier: 2B:8A:62:C7:5D:E8:47:12:C6:7D:EC:5A:D7:F5:E1:AE:AB:88:23:64 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 2C3E1F45B9E056B771B2F86B9C3386DE34EDC82E Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/19d8d605-09bf-4dfb-b2db-2001ae07c998.roa Signing time: Mon 18 Nov 2024 00:00:00 +0000 ROA not before: Mon 18 Nov 2024 00:00:00 +0000 ROA not after: Mon 23 Dec 2024 23:59:59 +0000 asID: 8987 IP address blocks: 43.250.192.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 15:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:3e:1f:45:b9:e0:56:b7:71:b2:f8:6b:9c:33:86:de:34:ed:c8:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Nov 18 00:00:00 2024 GMT Not After : Dec 23 23:59:59 2024 GMT Subject: serialNumber=26a5d7859391b75968b0f44d15c5a90c6eefe07c041623713f768070372ff646, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:c4:4d:b1:1e:fc:96:7e:05:88:c2:8e:ea:a8: ea:ea:4d:8d:b0:d0:db:57:7c:9c:e3:9f:a7:25:7b: a0:e4:bd:64:b0:a6:43:f9:b4:57:9b:ee:b2:74:30: c6:b9:55:a3:48:ed:ac:be:44:c6:1a:dd:b6:b5:83: f0:fb:78:d7:fb:c7:58:29:e7:49:57:3b:2a:eb:5f: 6b:a8:1c:5e:7b:30:9f:dc:a3:bc:ed:83:5f:62:7f: 23:8d:aa:e9:2f:de:3d:85:7e:5e:40:17:08:6d:fb: bc:f3:9a:7e:5f:fd:cf:36:a5:6f:6d:6a:c1:f9:51: 9d:47:18:c8:7c:9d:e4:08:63:82:8e:4a:a5:40:5a: dd:35:f8:62:60:bd:65:10:7c:92:55:94:5e:01:88: b6:6c:36:61:2b:21:f0:b6:99:5e:d4:5c:22:ce:ed: 31:b2:ac:e4:7a:80:29:22:b9:b9:86:4a:37:e5:b1: 74:92:eb:7a:db:57:d4:0d:2c:e6:f7:28:92:e9:ea: c4:4a:29:aa:1b:80:02:fe:2e:ad:6a:3e:fa:e9:79: 9d:fa:0e:d0:9f:89:21:12:7d:66:0b:3d:da:ef:67: f9:aa:5e:81:c9:94:83:ef:7b:62:d4:ab:e5:fc:c0: 36:08:ce:dc:af:60:26:d2:b8:5f:09:52:2e:11:56: 35:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:8A:62:C7:5D:E8:47:12:C6:7D:EC:5A:D7:F5:E1:AE:AB:88:23:64 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/19d8d605-09bf-4dfb-b2db-2001ae07c998.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.192.0/22 Signature Algorithm: sha256WithRSAEncryption e1:32:c2:35:11:b8:0f:0d:9b:18:56:a3:ff:40:84:4f:85:6d: bc:24:9d:b8:79:7e:1f:65:59:e7:e7:48:95:69:22:c2:36:d5: b5:ab:f4:46:6f:f5:8a:b9:b1:32:54:3b:c2:d2:aa:68:63:ba: 22:b7:95:36:f1:b2:91:48:aa:86:8d:73:a2:19:07:c9:59:a9: 74:46:14:30:ee:35:3a:88:6a:92:78:6e:e9:be:15:fb:c0:f9: 46:cf:70:68:fe:d1:b5:bc:77:34:0f:5c:d1:02:a1:02:17:59: 8d:79:4b:95:de:46:3a:48:6e:59:c3:79:ea:a7:d0:09:ee:2c: b9:78:c1:91:0c:e3:03:30:ad:f2:26:22:56:7e:e9:1a:25:56: 82:f6:ec:e8:02:39:6b:ff:3a:be:dc:0b:cd:bf:8b:6c:02:54: 59:bd:86:bc:cf:8c:3a:e0:18:da:2e:46:14:d5:92:f9:e6:01: 31:b7:3b:f7:fa:fc:19:e5:bc:8c:a9:32:4d:8a:9b:0e:47:00: 2f:46:9b:16:0b:e6:8f:ba:2d:88:c0:b2:ee:cd:f0:e0:6f:42: ce:eb:1c:8e:50:62:45:ad:b4:95:74:7c:c9:8f:a3:e6:80:a8: 4d:4f:03:76:cd:3f:12:e7:cc:b9:48:f6:53:82:d4:b9:7b:b0: a8:c7:27:84 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIULD4fRbngVrdxsvhrnDOG3jTtyC4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI0MTExODAwMDAwMFoX DTI0MTIyMzIzNTk1OVowejFJMEcGA1UEBRNAMjZhNWQ3ODU5MzkxYjc1OTY4YjBm NDRkMTVjNWE5MGM2ZWVmZTA3YzA0MTYyMzcxM2Y3NjgwNzAzNzJmZjY0NjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA58RNsR78ln4FiMKO6qjq6k2NsNDb V3yc45+nJXug5L1ksKZD+bRXm+6ydDDGuVWjSO2svkTGGt22tYPw+3jX+8dYKedJ Vzsq619rqBxeezCf3KO87YNfYn8jjarpL949hX5eQBcIbfu885p+X/3PNqVvbWrB +VGdRxjIfJ3kCGOCjkqlQFrdNfhiYL1lEHySVZReAYi2bDZhKyHwtple1Fwizu0x sqzkeoApIrm5hko35bF0kut621fUDSzm9yiS6erESimqG4AC/i6taj766Xmd+g7Q n4khEn1mCz3a72f5ql6ByZSD73ti1Kvl/MA2CM7cr2Am0rhfCVIuEVY1cQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFCuKYsdd6EcSxn3sWtf14a6riCNkMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzE5ZDhkNjA1LTA5YmYtNGRmYi1iMmRiLTIwMDFhZTA3Yzk5OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rAMA0GCSqGSIb3DQEBCwUAA4IBAQDhMsI1EbgPDZsYVqP/QIRP hW28JJ24eX4fZVnn50iVaSLCNtW1q/RGb/WKubEyVDvC0qpoY7oit5U28bKRSKqG jXOiGQfJWal0RhQw7jU6iGqSeG7pvhX7wPlGz3Bo/tG1vHc0D1zRAqECF1mNeUuV 3kY6SG5Zw3nqp9AJ7iy5eMGRDOMDMK3yJiJWfukaJVaC9uzoAjlr/zq+3AvNv4ts AlRZvYa8z4w64BjaLkYU1ZL55gExtzv3+vwZ5byMqTJNipsORwAvRpsWC+aPui2I wLLuzfDgb0LO6xyOUGJFrbSVdHzJj6PmgKhNTwN2zT8S58y5SPZTgtS5e7CoxyeE -----END CERTIFICATE-----Generated at Thu Nov 21 18:50:38 2024 by rpki-client on console-ams.rpki-client.org