$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/53444f16-12b0-454c-a0a2-d187f20f7db6.roa File: 53444f16-12b0-454c-a0a2-d187f20f7db6.roa (raw, json) Hash identifier: RFqKG1tHc3QK2d5UEa0AY7/i48mpPyM7X94SBNVKPEg= Subject key identifier: 4B:14:AC:5F:1D:7A:B5:82:41:86:01:FC:86:E5:2A:EF:3F:46:33:16 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 0EC33858D136DA555758126BC9340D35B57F360E Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/53444f16-12b0-454c-a0a2-d187f20f7db6.roa Signing time: Mon 11 Mar 2024 00:00:00 +0000 ROA not before: Mon 11 Mar 2024 00:00:00 +0000 ROA not after: Mon 15 Apr 2024 23:59:59 +0000 asID: 16509 IP address blocks: 43.250.192.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Mar 2024 12:04:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:c3:38:58:d1:36:da:55:57:58:12:6b:c9:34:0d:35:b5:7f:36:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Mar 11 00:00:00 2024 GMT Not After : Apr 15 23:59:59 2024 GMT Subject: serialNumber=42cdf322c20f463cf9ee7dd687bf237623b805d1d490601142284292a8c3f06d, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:31:a0:74:cf:eb:aa:5c:9f:9a:df:62:81:e1: 0a:ef:2e:a6:44:75:75:8b:7c:54:f4:9d:20:a2:55: 24:f3:f4:85:e1:9c:4f:61:86:0c:c4:86:29:5a:62: ca:cc:91:30:f3:f8:dd:de:23:06:72:5b:f4:f6:98: df:4e:4d:da:72:58:0a:1e:c7:1c:d9:78:74:59:f5: 3b:e7:83:54:7f:80:ee:8a:44:66:11:15:b5:ab:d6: 65:f7:fb:ae:06:0a:4b:6e:2f:38:35:57:f5:da:78: 15:bd:f3:8c:c6:04:fc:42:9a:f4:46:de:0a:6d:09: 52:f4:59:58:5d:36:cd:8d:69:68:07:71:9c:c7:d5: bb:21:90:cc:37:58:65:22:13:d8:8e:bc:96:44:c0: 95:c5:45:8d:73:94:bd:b8:35:30:df:4f:9b:e0:e5: e7:d3:6b:4d:e2:38:f9:50:61:79:c9:70:0b:9a:a2: fe:4f:e0:5c:ef:bf:54:3b:6c:02:7d:c6:c9:af:65: fb:91:2f:73:6e:be:42:50:dd:25:3b:d1:17:cc:2c: 48:5b:6d:10:e5:f7:40:9e:09:ee:39:42:01:0c:2a: e7:f0:0c:90:35:c3:d8:f5:cb:88:0e:e7:5c:51:ad: 08:ac:0e:20:20:95:31:de:09:9e:92:84:ed:f8:1d: 2c:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:14:AC:5F:1D:7A:B5:82:41:86:01:FC:86:E5:2A:EF:3F:46:33:16 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/53444f16-12b0-454c-a0a2-d187f20f7db6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.192.0/24 Signature Algorithm: sha256WithRSAEncryption 42:db:48:65:5d:f2:ef:d0:db:dc:80:8d:c6:7d:fc:99:ec:1e: a9:fd:db:e6:6e:a2:47:bf:27:de:72:13:a7:e3:f8:3f:ff:e9: e5:a4:96:7c:75:d8:1c:26:66:35:67:ab:71:14:6b:ab:c5:20: 25:cf:d9:51:42:70:f8:0c:da:fa:40:5e:52:1d:23:1a:38:1b: e8:c5:34:6c:6a:6b:8d:8f:3a:04:ce:3b:0f:cc:dc:3d:bf:93: 48:ad:64:e0:29:7d:8e:c1:c8:6e:e7:37:f2:73:0c:da:ca:ae: 19:33:88:7b:80:ba:a7:d5:0c:6d:50:61:96:d4:3f:dc:62:57: d2:9a:fe:a6:8b:73:f8:52:4e:fa:f1:3c:1d:01:87:6a:56:0f: 5c:f6:06:8d:82:d5:e5:a0:cd:56:84:d2:c3:d2:6d:97:92:bf: 2b:2f:0f:d5:02:e9:08:3f:f2:4c:23:38:28:0c:22:84:93:1f: e7:80:8a:59:e9:45:5f:eb:65:b1:f0:21:68:db:09:5f:9e:01: bb:35:bf:cf:d2:5c:fa:39:a0:73:31:3e:79:1f:95:ae:fe:63: fa:61:8d:72:43:6b:85:de:17:b5:bc:69:05:dd:36:5b:fc:1b: b9:dc:e0:9a:e5:9a:b0:a8:64:2e:24:33:86:92:6a:72:2d:8b: ca:13:ec:f9 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUDsM4WNE22lVXWBJryTQNNbV/Ng4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI0MDMxMTAwMDAwMFoX DTI0MDQxNTIzNTk1OVowejFJMEcGA1UEBRNANDJjZGYzMjJjMjBmNDYzY2Y5ZWU3 ZGQ2ODdiZjIzNzYyM2I4MDVkMWQ0OTA2MDExNDIyODQyOTJhOGMzZjA2ZDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6jGgdM/rqlyfmt9igeEK7y6mRHV1 i3xU9J0golUk8/SF4ZxPYYYMxIYpWmLKzJEw8/jd3iMGclv09pjfTk3aclgKHscc 2Xh0WfU754NUf4DuikRmERW1q9Zl9/uuBgpLbi84NVf12ngVvfOMxgT8Qpr0Rt4K bQlS9FlYXTbNjWloB3Gcx9W7IZDMN1hlIhPYjryWRMCVxUWNc5S9uDUw30+b4OXn 02tN4jj5UGF5yXALmqL+T+Bc779UO2wCfcbJr2X7kS9zbr5CUN0lO9EXzCxIW20Q 5fdAngnuOUIBDCrn8AyQNcPY9cuIDudcUa0IrA4gIJUx3gmekoTt+B0sjQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFEsUrF8derWCQYYB/IblKu8/RjMWMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzUzNDQ0ZjE2LTEyYjAtNDU0Yy1hMGEyLWQxODdmMjBmN2RiNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK/rAMA0GCSqGSIb3DQEBCwUAA4IBAQBC20hlXfLv0NvcgI3GffyZ 7B6p/dvmbqJHvyfechOn4/g//+nlpJZ8ddgcJmY1Z6txFGurxSAlz9lRQnD4DNr6 QF5SHSMaOBvoxTRsamuNjzoEzjsPzNw9v5NIrWTgKX2Owchu5zfycwzayq4ZM4h7 gLqn1QxtUGGW1D/cYlfSmv6mi3P4Uk768TwdAYdqVg9c9gaNgtXloM1WhNLD0m2X kr8rLw/VAukIP/JMIzgoDCKEkx/ngIpZ6UVf62Wx8CFo2wlfngG7Nb/P0lz6OaBz MT55H5Wu/mP6YY1yQ2uF3he1vGkF3TZb/Bu53OCa5ZqwqGQuJDOGkmpyLYvKE+z5 -----END CERTIFICATE-----Generated at Fri Mar 29 02:18:29 2024 by rpki-client on console-ams.rpki-client.org