$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/53444f16-12b0-454c-a0a2-d187f20f7db6.roa File: 53444f16-12b0-454c-a0a2-d187f20f7db6.roa (raw, json) Hash identifier: pMZjenvqUcF0xX3kgW+oxo4ODuXRZIUtXoEQH1fzj/c= Subject key identifier: 27:53:46:9F:BC:CA:41:B7:86:6D:FD:FF:82:2A:18:E0:E3:69:E0:83 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 14F860C8CE4EA27DCD752D598FC8EB68CF67270A Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/53444f16-12b0-454c-a0a2-d187f20f7db6.roa Signing time: Mon 18 Nov 2024 00:00:00 +0000 ROA not before: Mon 18 Nov 2024 00:00:00 +0000 ROA not after: Mon 23 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 43.250.192.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 15:03:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:f8:60:c8:ce:4e:a2:7d:cd:75:2d:59:8f:c8:eb:68:cf:67:27:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Nov 18 00:00:00 2024 GMT Not After : Dec 23 23:59:59 2024 GMT Subject: serialNumber=6825e9eafd432d302fa3a9448f4401dc1e213cef6bf27817543ac2c619e4af2a, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:d8:a9:d2:be:b8:98:ef:4a:62:9d:8a:ea:9e: 5a:06:24:11:d6:11:b4:e2:5c:8b:32:c9:3b:aa:4a: 44:86:7e:9c:65:27:b8:34:c1:28:de:c3:2b:16:b7: 33:25:9f:e9:d9:57:68:8a:af:01:b0:40:aa:06:09: c7:7d:dd:2b:f5:13:e9:bb:1c:c6:19:83:fb:ff:3b: 53:56:4f:f2:72:c5:0d:56:a5:a8:b1:14:95:f3:86: f9:85:47:9d:8a:f1:70:b0:54:8c:86:be:df:44:a8: b8:82:bd:0a:7a:07:20:63:45:30:59:79:d8:c7:47: a0:74:23:8e:3a:2a:83:2f:47:55:f8:f1:8b:0f:cd: 7b:48:c5:fa:35:0d:00:b7:19:d5:d8:7b:c3:af:ce: 91:6c:f3:27:0a:ad:07:ec:07:17:f2:ff:ce:da:27: 34:a8:a3:6f:11:77:98:f9:7a:96:b7:64:5e:85:8d: 79:e0:f6:c7:93:ad:25:19:8d:90:c0:de:b0:c1:ca: e5:c5:e1:ed:72:82:e2:5e:45:ba:6b:68:26:55:be: 04:8f:9a:6d:7e:0b:d7:94:6c:07:73:22:27:99:f5: 7b:d8:2e:53:4b:9b:ff:39:a9:ea:23:dd:1c:61:66: 9f:b7:19:59:98:38:50:da:26:52:98:02:0c:8e:b4: 5f:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:53:46:9F:BC:CA:41:B7:86:6D:FD:FF:82:2A:18:E0:E3:69:E0:83 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/53444f16-12b0-454c-a0a2-d187f20f7db6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.192.0/24 Signature Algorithm: sha256WithRSAEncryption 16:fd:38:30:ad:85:f9:c0:44:a3:22:1f:60:04:ca:a6:c0:a5: 97:2c:ed:e4:48:d4:5e:e3:e9:1c:bf:3e:72:c3:04:74:44:1e: 67:d0:7c:65:dd:15:35:da:bf:ea:f1:49:44:5f:28:b8:49:65: e1:d2:ea:71:6a:66:a9:1d:bd:32:c4:4c:d7:4b:77:a0:88:bd: 32:03:e2:ec:13:e7:b0:5e:f6:77:c9:e9:af:f9:0b:3f:36:4b: cd:b0:c7:3c:f7:6c:20:8e:15:3a:e1:4e:cd:9f:95:f1:20:8d: b9:0f:5d:5d:a1:93:8b:c2:b6:2b:2a:8c:05:1a:f8:fa:a5:4f: 30:6a:59:09:3c:74:6d:a2:e1:6b:01:a5:80:35:1a:c7:e5:4b: a9:09:53:ae:a5:66:eb:cc:7b:6b:cc:dd:b2:53:18:50:2a:3f: a5:57:39:9a:83:d4:0f:a4:1d:18:74:ec:d1:11:eb:7d:dc:50: b7:fc:e8:f6:ec:1e:9b:f2:c4:dd:69:3a:09:b9:d9:c2:0b:32: 44:5d:43:58:07:54:cc:4d:26:58:13:77:de:71:fc:b8:92:4d: 32:16:75:28:23:8e:6b:db:39:ea:0b:ff:8d:15:25:48:0f:93: 34:10:7c:80:a8:6f:b9:d1:59:ad:3a:b1:ff:17:d5:0a:5d:76: 7a:c2:ed:c5 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUFPhgyM5Oon3NdS1Zj8jraM9nJwowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI0MTExODAwMDAwMFoX DTI0MTIyMzIzNTk1OVowejFJMEcGA1UEBRNANjgyNWU5ZWFmZDQzMmQzMDJmYTNh OTQ0OGY0NDAxZGMxZTIxM2NlZjZiZjI3ODE3NTQzYWMyYzYxOWU0YWYyYTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9ip0r64mO9KYp2K6p5aBiQR1hG0 4lyLMsk7qkpEhn6cZSe4NMEo3sMrFrczJZ/p2Vdoiq8BsECqBgnHfd0r9RPpuxzG GYP7/ztTVk/ycsUNVqWosRSV84b5hUedivFwsFSMhr7fRKi4gr0KegcgY0UwWXnY x0egdCOOOiqDL0dV+PGLD817SMX6NQ0AtxnV2HvDr86RbPMnCq0H7AcX8v/O2ic0 qKNvEXeY+XqWt2RehY154PbHk60lGY2QwN6wwcrlxeHtcoLiXkW6a2gmVb4Ej5pt fgvXlGwHcyInmfV72C5TS5v/OanqI90cYWaftxlZmDhQ2iZSmAIMjrRfgQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFCdTRp+8ykG3hm39/4IqGODjaeCDMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzUzNDQ0ZjE2LTEyYjAtNDU0Yy1hMGEyLWQxODdmMjBmN2RiNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK/rAMA0GCSqGSIb3DQEBCwUAA4IBAQAW/TgwrYX5wESjIh9gBMqm wKWXLO3kSNRe4+kcvz5ywwR0RB5n0Hxl3RU12r/q8UlEXyi4SWXh0upxamapHb0y xEzXS3egiL0yA+LsE+ewXvZ3yemv+Qs/NkvNsMc892wgjhU64U7Nn5XxII25D11d oZOLwrYrKowFGvj6pU8walkJPHRtouFrAaWANRrH5UupCVOupWbrzHtrzN2yUxhQ Kj+lVzmag9QPpB0YdOzREet93FC3/Oj27B6b8sTdaToJudnCCzJEXUNYB1TMTSZY E3fecfy4kk0yFnUoI45r2znqC/+NFSVID5M0EHyAqG+50VmtOrH/F9UKXXZ6wu3F -----END CERTIFICATE-----Generated at Sun Nov 24 18:22:22 2024 by rpki-client on console-ams.rpki-client.org