$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/9b20d5e9-2739-41d9-a7b0-ed324e639c56.roa File: 9b20d5e9-2739-41d9-a7b0-ed324e639c56.roa (raw, json) Hash identifier: pY2sR00+scURetNxrCMvNVLxvbO7pPfiWRhNHvHrXWg= Subject key identifier: C8:1B:74:6B:32:61:77:50:FE:09:23:71:1E:4B:57:3C:79:9D:11:DA Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 37AF9C96BF7F690B947C2878ECAC9D838E89B188 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/9b20d5e9-2739-41d9-a7b0-ed324e639c56.roa Signing time: Mon 04 Nov 2024 00:00:00 +0000 ROA not before: Mon 04 Nov 2024 00:00:00 +0000 ROA not after: Mon 09 Dec 2024 23:59:59 +0000 asID: 8987 IP address blocks: 175.41.128.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 Nov 2024 15:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:af:9c:96:bf:7f:69:0b:94:7c:28:78:ec:ac:9d:83:8e:89:b1:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Nov 4 00:00:00 2024 GMT Not After : Dec 9 23:59:59 2024 GMT Subject: serialNumber=933b593115f3b56f7e1b10edcf0566c96b3992445bfae420153a8b7420351426, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:1f:9e:9e:4d:2e:9d:44:c0:48:87:3d:5f:c9: b4:3b:a4:ca:a1:79:2d:13:c7:df:ef:cc:f2:1b:7c: 74:38:df:24:4b:5f:2d:88:7d:07:d1:d9:d3:cc:59: 4c:50:c9:4d:36:d5:6b:47:83:cc:90:bd:9d:fb:4e: a5:cf:22:be:40:d5:77:3c:ff:65:be:3f:93:a4:0f: a0:e5:79:69:5d:dd:38:17:e6:96:dd:ce:25:70:42: 8a:64:47:09:43:c6:91:82:ff:74:bf:f3:e7:e0:b0: 71:e8:b9:36:4c:da:14:f6:10:a3:bd:66:b2:1a:f7: 49:17:e9:aa:ac:7a:c8:4d:fe:76:8b:21:ab:8f:d0: 23:a6:ec:eb:0d:17:ad:99:c0:22:18:27:c3:28:4b: eb:89:27:c1:f7:c3:47:6c:9a:a5:7a:b8:34:a3:36: 18:dc:e5:99:20:05:9f:03:f1:3f:41:35:69:03:2a: a8:71:f0:fb:59:1e:5e:96:aa:53:72:e0:4e:ac:e0: f9:8f:90:7a:c1:8e:61:3b:bc:f9:ec:17:87:38:56: 3d:cb:46:fb:fe:8b:fd:e2:c9:16:8b:cd:25:20:3a: 0c:7a:a5:09:fc:39:04:c1:52:fb:65:c8:bf:f7:97: 90:ee:8a:e4:2d:f2:d3:35:31:a7:d9:3b:e4:a7:62: 84:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:1B:74:6B:32:61:77:50:FE:09:23:71:1E:4B:57:3C:79:9D:11:DA X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/9b20d5e9-2739-41d9-a7b0-ed324e639c56.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.128.0/18 Signature Algorithm: sha256WithRSAEncryption 8e:b7:97:b8:63:c0:dd:1a:94:5c:93:62:f5:61:c3:67:64:93: c9:15:2e:d6:52:33:c2:7a:f7:f0:ac:d6:9f:2a:c9:a7:52:be: f6:40:07:97:4c:48:8d:aa:71:27:2b:80:93:35:51:ba:bd:54: 62:91:e7:13:65:3f:18:08:ec:bd:87:fc:3b:0e:50:aa:1b:f0: aa:f3:13:bb:77:80:ce:d0:e6:33:b9:a8:7d:7d:06:35:a3:49: cf:2d:21:c3:cf:0a:7b:e5:9b:21:52:0b:79:f6:10:91:29:a4: 03:fc:ce:17:95:e3:64:ce:fc:02:60:ed:e5:e6:f2:92:ac:f4: 25:a1:b5:99:c9:b1:52:61:38:e0:60:6e:00:e1:bd:e5:c6:12: b4:a7:70:00:9b:39:4e:08:cb:3a:0a:6c:8f:bb:90:29:07:9a: 57:8d:ce:e6:93:fb:76:46:e8:f3:ac:d0:e2:01:2b:4d:55:79: 1c:a1:c9:f1:30:0d:c6:6c:f2:2e:4d:e7:35:d9:aa:70:6e:cd: 94:e8:be:fd:a0:3c:8d:4c:fe:c9:c3:01:f6:2a:2c:a9:4e:8a: 73:5c:67:b5:e6:5f:51:d5:7a:11:0b:78:a7:23:04:2a:b4:07: 95:e3:0e:bd:63:6d:33:58:b3:38:03:ef:71:e2:a9:f9:d9:5f: 73:11:f6:9b -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUN6+clr9/aQuUfCh47Kydg46JsYgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI0MTEwNDAwMDAwMFoX DTI0MTIwOTIzNTk1OVowejFJMEcGA1UEBRNAOTMzYjU5MzExNWYzYjU2ZjdlMWIx MGVkY2YwNTY2Yzk2YjM5OTI0NDViZmFlNDIwMTUzYThiNzQyMDM1MTQyNjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyB+enk0unUTASIc9X8m0O6TKoXkt E8ff78zyG3x0ON8kS18tiH0H0dnTzFlMUMlNNtVrR4PMkL2d+06lzyK+QNV3PP9l vj+TpA+g5XlpXd04F+aW3c4lcEKKZEcJQ8aRgv90v/Pn4LBx6Lk2TNoU9hCjvWay GvdJF+mqrHrITf52iyGrj9AjpuzrDRetmcAiGCfDKEvriSfB98NHbJqlerg0ozYY 3OWZIAWfA/E/QTVpAyqocfD7WR5elqpTcuBOrOD5j5B6wY5hO7z57BeHOFY9y0b7 /ov94skWi80lIDoMeqUJ/DkEwVL7Zci/95eQ7orkLfLTNTGn2Tvkp2KEwQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFMgbdGsyYXdQ/gkjcR5LVzx5nRHaMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzliMjBkNWU5LTI3MzktNDFkOS1hN2IwLWVkMzI0ZTYzOWM1Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQGrymAMA0GCSqGSIb3DQEBCwUAA4IBAQCOt5e4Y8DdGpRck2L1YcNn ZJPJFS7WUjPCevfwrNafKsmnUr72QAeXTEiNqnEnK4CTNVG6vVRikecTZT8YCOy9 h/w7DlCqG/Cq8xO7d4DO0OYzuah9fQY1o0nPLSHDzwp75ZshUgt59hCRKaQD/M4X leNkzvwCYO3l5vKSrPQlobWZybFSYTjgYG4A4b3lxhK0p3AAmzlOCMs6CmyPu5Ap B5pXjc7mk/t2RujzrNDiAStNVXkcocnxMA3GbPIuTec12apwbs2U6L79oDyNTP7J wwH2KiypTopzXGe15l9R1XoRC3inIwQqtAeV4w69Y20zWLM4A+9x4qn52V9zEfab -----END CERTIFICATE-----Generated at Thu Nov 21 17:28:40 2024 by rpki-client on console-fra.rpki-client.org