$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/c2cd3f2e-ce8c-4d1f-96ab-a25caed1b42f.roa File: c2cd3f2e-ce8c-4d1f-96ab-a25caed1b42f.roa (raw, json) Hash identifier: xHa7VivSl/tujJ7Jum2vyJqT1B4zXnL8MOQbSDb/06U= Subject key identifier: 3A:42:29:92:1B:9F:77:E6:BA:CF:44:0B:C6:EC:19:9D:2E:37:32:5D Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 020D5ABC3BDC7BE0BBE24800568E349DD6A5136E Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/c2cd3f2e-ce8c-4d1f-96ab-a25caed1b42f.roa Signing time: Mon 18 Nov 2024 00:00:00 +0000 ROA not before: Mon 18 Nov 2024 00:00:00 +0000 ROA not after: Mon 23 Dec 2024 23:59:59 +0000 asID: 14618 IP address blocks: 43.250.192.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 15:03:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:0d:5a:bc:3b:dc:7b:e0:bb:e2:48:00:56:8e:34:9d:d6:a5:13:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Nov 18 00:00:00 2024 GMT Not After : Dec 23 23:59:59 2024 GMT Subject: serialNumber=03d5e85b24ca33660df5c55bd73c0e0dc05fb0becf41f9a6d64b76b3a480aa81, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:29:c7:09:55:9b:7f:c1:03:d4:4d:2c:4f:08: 6e:86:b0:7e:7e:fa:a3:e0:e4:09:ed:63:b6:c2:e0: 57:77:51:ac:66:90:59:68:03:6f:87:2a:63:67:b7: 0f:76:9b:d5:bd:dc:39:e2:d6:5c:8d:13:db:24:59: 63:96:f1:6f:16:60:a4:fe:ac:a0:e8:79:c2:98:2c: a4:a1:5d:4b:e1:9c:56:78:b8:b6:1f:81:99:f6:83: 9c:c7:50:41:85:ee:31:9b:b2:65:03:30:e8:a5:fe: 8b:ad:84:f0:75:f6:07:05:b1:b8:b8:ff:9c:25:91: e6:35:f4:30:a6:f1:c7:f8:2c:90:8e:36:a3:2a:0b: 48:8f:22:ce:54:62:d3:8f:96:7e:c1:72:98:62:a2: 0f:d9:02:92:de:95:2f:2f:04:8d:4d:75:2d:1b:c0: cd:dc:d9:41:4f:2f:d9:5d:76:31:fe:05:a5:85:d0: f2:4c:fb:8f:e5:59:ae:c3:89:c0:89:07:b6:1e:16: 9d:4b:37:67:d8:3d:74:58:6b:d3:f9:39:c5:be:52: 1b:eb:96:cf:7f:8c:60:29:24:a9:e3:2b:f2:45:65: d8:78:8d:a7:12:1c:ea:1e:93:56:2a:c5:0a:64:90: 83:a1:62:0d:41:ca:17:ba:6f:15:9d:ab:3e:df:ee: 97:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:42:29:92:1B:9F:77:E6:BA:CF:44:0B:C6:EC:19:9D:2E:37:32:5D X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/c2cd3f2e-ce8c-4d1f-96ab-a25caed1b42f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.192.0/22 Signature Algorithm: sha256WithRSAEncryption 0e:ed:b1:10:9b:b0:a9:ae:cb:ba:fd:93:f9:3b:fb:32:31:c0: 49:31:01:81:34:79:e1:39:7f:b7:bc:7e:70:55:5e:60:32:43: cf:96:1a:ba:93:0c:5d:61:ac:b3:af:9a:23:4a:8f:61:e0:48: d7:7e:58:ac:dc:c7:26:3c:2e:f2:24:e9:37:2f:8e:1c:ff:db: a4:a8:99:6b:14:f8:95:f4:cd:0f:9b:3d:cb:f0:e7:dc:8b:9f: a8:35:f1:cf:3e:6a:ad:46:6d:68:f4:98:16:ae:56:c9:22:00: 22:0d:62:85:ea:d2:95:60:05:51:bb:90:cc:a2:fc:01:fb:62: 24:e0:e6:c9:98:11:5a:b7:c5:b4:49:97:e9:dd:4b:c7:9d:b8: fe:4a:96:c1:d8:47:9e:55:15:a9:f4:8a:f3:e2:13:d2:3b:b3: 6d:7d:81:73:8f:21:28:df:51:e6:e0:0f:01:4f:c6:09:e9:4b: 9d:95:1d:de:00:5b:38:d0:8e:ab:bb:e2:25:38:5a:56:4b:a0: 69:6a:44:c9:33:8f:31:a0:ff:53:7b:e7:2a:5f:6e:9f:57:09: 3b:9a:b9:37:88:a1:72:da:c6:58:76:b3:e0:ca:10:5c:49:70: bc:f2:a5:dc:03:ce:35:7b:1e:a6:0e:5b:70:cb:dc:ba:87:fe: 95:9e:a8:02 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUAg1avDvce+C74kgAVo40ndalE24wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI0MTExODAwMDAwMFoX DTI0MTIyMzIzNTk1OVowejFJMEcGA1UEBRNAMDNkNWU4NWIyNGNhMzM2NjBkZjVj NTViZDczYzBlMGRjMDVmYjBiZWNmNDFmOWE2ZDY0Yjc2YjNhNDgwYWE4MTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySnHCVWbf8ED1E0sTwhuhrB+fvqj 4OQJ7WO2wuBXd1GsZpBZaANvhypjZ7cPdpvVvdw54tZcjRPbJFljlvFvFmCk/qyg 6HnCmCykoV1L4ZxWeLi2H4GZ9oOcx1BBhe4xm7JlAzDopf6LrYTwdfYHBbG4uP+c JZHmNfQwpvHH+CyQjjajKgtIjyLOVGLTj5Z+wXKYYqIP2QKS3pUvLwSNTXUtG8DN 3NlBTy/ZXXYx/gWlhdDyTPuP5Vmuw4nAiQe2HhadSzdn2D10WGvT+TnFvlIb65bP f4xgKSSp4yvyRWXYeI2nEhzqHpNWKsUKZJCDoWINQcoXum8Vnas+3+6XsQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFDpCKZIbn3fmus9EC8bsGZ0uNzJdMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2MyY2QzZjJlLWNlOGMtNGQxZi05NmFiLWEyNWNhZWQxYjQyZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rAMA0GCSqGSIb3DQEBCwUAA4IBAQAO7bEQm7Cprsu6/ZP5O/sy McBJMQGBNHnhOX+3vH5wVV5gMkPPlhq6kwxdYayzr5ojSo9h4EjXflis3McmPC7y JOk3L44c/9ukqJlrFPiV9M0Pmz3L8Ofci5+oNfHPPmqtRm1o9JgWrlbJIgAiDWKF 6tKVYAVRu5DMovwB+2Ik4ObJmBFat8W0SZfp3UvHnbj+SpbB2EeeVRWp9Irz4hPS O7NtfYFzjyEo31Hm4A8BT8YJ6UudlR3eAFs40I6ru+IlOFpWS6BpakTJM48xoP9T e+cqX26fVwk7mrk3iKFy2sZYdrPgyhBcSXC88qXcA841ex6mDltwy9y6h/6VnqgC -----END CERTIFICATE-----Generated at Sun Nov 24 17:18:25 2024 by rpki-client on console-fra.rpki-client.org