$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/19d8d605-09bf-4dfb-b2db-2001ae07c998.roa File: 19d8d605-09bf-4dfb-b2db-2001ae07c998.roa (raw, json) Hash identifier: Qm6LhXjgD6zTuXaLJMBYsxda8a+RV5lMkvF+au+XywE= Subject key identifier: B2:E9:2A:85:C4:6D:1A:2B:24:02:60:47:CA:F8:AF:62:58:D7:1C:0F Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 5DA78C278DB6947689287990349B645F3EF41377 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/19d8d605-09bf-4dfb-b2db-2001ae07c998.roa Signing time: Tue 16 Apr 2024 00:00:00 +0000 ROA not before: Tue 16 Apr 2024 00:00:00 +0000 ROA not after: Tue 21 May 2024 23:59:59 +0000 asID: 8987 IP address blocks: 43.250.192.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 13 May 2024 00:01:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:a7:8c:27:8d:b6:94:76:89:28:79:90:34:9b:64:5f:3e:f4:13:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Apr 16 00:00:00 2024 GMT Not After : May 21 23:59:59 2024 GMT Subject: serialNumber=b7938d962369d92650adb90e4e59abf89066166ecdb04c0073e56b8ae4e9494c, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:06:5d:cd:c2:b9:c2:3b:39:0d:b9:d4:18:b0: 26:3e:54:6e:8a:7c:2f:a8:95:e5:2a:da:bf:c1:e9: 36:c3:aa:1d:50:2e:49:16:90:21:2d:a7:2e:ba:d0: a5:cd:5a:88:14:ab:a1:bc:15:37:2e:32:1a:5f:a3: 67:cf:0a:00:63:29:b8:9d:2f:9a:1b:1e:fa:43:60: ca:0a:60:a1:ae:1a:c1:88:7e:ab:84:27:0b:69:ae: e8:5d:1a:37:23:64:9f:73:f8:67:77:61:83:93:ee: 0f:fa:64:b5:b5:99:8b:1b:be:1b:28:72:47:a5:81: 65:64:68:fc:1a:cc:6d:a9:45:fe:c6:60:03:2b:d9: d8:1e:33:aa:8c:16:c8:da:ac:b9:d2:c5:c5:83:17: 8c:52:b5:e0:a7:b9:c6:d7:f4:3c:32:89:41:f5:61: 9c:25:6e:f4:8b:a5:35:e3:5d:cf:3d:c4:a5:a4:5b: f3:42:a4:af:16:57:b3:3d:b6:47:9f:bd:7a:62:31: 82:37:e9:d0:1d:76:8b:e7:aa:c5:2b:64:3b:2a:92: d7:64:43:b6:ad:80:a4:65:5a:e9:cd:cb:db:de:4d: 3a:6e:68:f9:8a:6a:92:14:0c:3f:54:09:42:42:3b: cf:83:9d:8b:68:01:76:de:8c:d1:86:11:ab:fb:c8: 26:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:E9:2A:85:C4:6D:1A:2B:24:02:60:47:CA:F8:AF:62:58:D7:1C:0F X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/19d8d605-09bf-4dfb-b2db-2001ae07c998.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.192.0/22 Signature Algorithm: sha256WithRSAEncryption 7b:14:9c:90:8f:55:cb:d5:e1:87:60:7e:01:3a:fc:3f:e4:4d: 4b:f4:cc:32:f0:02:60:3f:9f:db:04:2a:ab:71:39:ad:54:cc: 1d:bd:3a:ed:c9:15:00:62:5a:69:45:75:0c:62:b8:a6:ef:e6: aa:38:4e:da:a3:95:d2:5a:b4:7b:85:a4:06:71:46:66:1a:bf: d5:2e:b1:3d:b0:b9:7b:d6:94:65:1a:5e:9b:8d:c3:80:81:87: da:62:bc:4d:9f:5e:84:a6:aa:ca:b3:b3:06:68:01:fc:5d:29: 59:a3:ce:83:ae:c0:fb:3b:6c:f2:54:11:0d:72:ce:ab:86:03: e6:c9:2b:f6:97:e5:7b:ad:cc:1d:d0:52:46:26:73:8f:f2:a9: e0:93:c2:d0:d1:90:fc:e3:4d:54:35:a5:53:bf:5e:8b:ac:04: 8d:ed:22:e0:ac:fc:6a:d7:d0:66:a3:dc:b8:46:0d:bc:6e:49: 12:61:15:22:91:f8:91:86:b5:7c:a4:8b:95:4a:cd:c4:ea:11: 7e:fc:4d:06:f5:25:6e:fc:14:b9:ca:19:92:7e:05:cd:3a:a1: 39:b3:e3:80:8b:b5:66:ff:23:af:ee:a5:56:0b:50:fd:61:29: 0b:6e:00:09:54:b3:8f:b5:6e:87:e4:1a:e0:41:86:22:07:30: 58:00:5d:4b -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUXaeMJ422lHaJKHmQNJtkXz70E3cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI0MDQxNjAwMDAwMFoX DTI0MDUyMTIzNTk1OVowejFJMEcGA1UEBRNAYjc5MzhkOTYyMzY5ZDkyNjUwYWRi OTBlNGU1OWFiZjg5MDY2MTY2ZWNkYjA0YzAwNzNlNTZiOGFlNGU5NDk0YzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAZdzcK5wjs5DbnUGLAmPlRuinwv qJXlKtq/wek2w6odUC5JFpAhLacuutClzVqIFKuhvBU3LjIaX6NnzwoAYym4nS+a Gx76Q2DKCmChrhrBiH6rhCcLaa7oXRo3I2Sfc/hnd2GDk+4P+mS1tZmLG74bKHJH pYFlZGj8GsxtqUX+xmADK9nYHjOqjBbI2qy50sXFgxeMUrXgp7nG1/Q8MolB9WGc JW70i6U1413PPcSlpFvzQqSvFlezPbZHn716YjGCN+nQHXaL56rFK2Q7KpLXZEO2 rYCkZVrpzcvb3k06bmj5imqSFAw/VAlCQjvPg52LaAF23ozRhhGr+8gmHwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFLLpKoXEbRorJAJgR8r4r2JY1xwPMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzE5ZDhkNjA1LTA5YmYtNGRmYi1iMmRiLTIwMDFhZTA3Yzk5OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rAMA0GCSqGSIb3DQEBCwUAA4IBAQB7FJyQj1XL1eGHYH4BOvw/ 5E1L9Mwy8AJgP5/bBCqrcTmtVMwdvTrtyRUAYlppRXUMYrim7+aqOE7ao5XSWrR7 haQGcUZmGr/VLrE9sLl71pRlGl6bjcOAgYfaYrxNn16EpqrKs7MGaAH8XSlZo86D rsD7O2zyVBENcs6rhgPmySv2l+V7rcwd0FJGJnOP8qngk8LQ0ZD8401UNaVTv16L rASN7SLgrPxq19Bmo9y4Rg28bkkSYRUikfiRhrV8pIuVSs3E6hF+/E0G9SVu/BS5 yhmSfgXNOqE5s+OAi7Vm/yOv7qVWC1D9YSkLbgAJVLOPtW6H5BrgQYYiBzBYAF1L -----END CERTIFICATE-----Generated at Thu May 9 00:38:22 2024 by rpki-client on console-fra.rpki-client.org