$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/c2cd3f2e-ce8c-4d1f-96ab-a25caed1b42f.roa File: c2cd3f2e-ce8c-4d1f-96ab-a25caed1b42f.roa (raw, json) Hash identifier: ADGcvSONlGPXGtcpRCgEkJRO10ff4OewN7ZHlOJcta8= Subject key identifier: 30:53:A2:71:CC:4F:D7:4C:B1:22:B5:16:8C:EF:A7:24:5B:2F:DF:89 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 562279F1E2710D30E645202E22D3FF71CBE61205 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/c2cd3f2e-ce8c-4d1f-96ab-a25caed1b42f.roa Signing time: Fri 22 Mar 2024 00:00:00 +0000 ROA not before: Fri 22 Mar 2024 00:00:00 +0000 ROA not after: Fri 26 Apr 2024 23:59:59 +0000 asID: 14618 IP address blocks: 43.250.192.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Mar 2024 12:03:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:22:79:f1:e2:71:0d:30:e6:45:20:2e:22:d3:ff:71:cb:e6:12:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Mar 22 00:00:00 2024 GMT Not After : Apr 26 23:59:59 2024 GMT Subject: serialNumber=b8f26c8fdabf1934276fd26d36fb78f67ddf774ce25f656167695b4095fec59a, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:4f:77:8a:f2:f5:99:21:73:11:5e:2f:2c:66: 05:fc:aa:87:09:45:3e:1c:28:84:d0:24:b2:f3:f1: b9:7e:0b:79:94:43:9c:2d:40:2d:92:ce:05:5c:ee: 3c:b2:62:19:2b:bf:1b:55:9d:29:1a:b8:59:ec:74: 6e:b6:a9:25:11:ca:a3:5e:ed:62:16:1e:a6:29:98: ec:c1:94:97:51:2d:47:19:95:7c:56:4b:1f:dd:f9: 1e:1b:91:e7:f0:62:9a:20:eb:7d:6d:df:03:c7:f7: 31:c3:64:a0:e9:df:35:ec:04:45:45:10:81:00:cd: 99:fe:a7:d0:c2:27:84:eb:e0:1b:6f:ea:d8:1e:cf: ec:07:84:76:77:0f:dd:98:36:5a:e0:15:2a:2c:de: 97:79:b3:27:0d:00:fc:18:5b:31:c9:8d:28:b9:29: ac:59:33:4e:89:22:79:06:44:13:85:aa:5c:d0:c5: 65:d6:98:12:d0:00:a1:ca:e2:1c:0b:57:f5:a0:7b: e5:4c:16:4e:cc:94:68:2b:34:46:07:4d:94:b6:1d: 8c:ee:42:c1:00:1c:84:fe:23:0b:5b:9e:42:7e:1b: af:94:42:32:5c:3c:c7:5f:96:3d:d3:62:f6:4f:78: 43:4e:0f:74:e0:81:d3:c9:f3:5f:7a:c1:ea:66:8e: b9:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:53:A2:71:CC:4F:D7:4C:B1:22:B5:16:8C:EF:A7:24:5B:2F:DF:89 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/c2cd3f2e-ce8c-4d1f-96ab-a25caed1b42f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.192.0/22 Signature Algorithm: sha256WithRSAEncryption 1b:b2:2c:e9:3a:30:41:c2:26:73:1b:bf:8d:60:8d:b1:e1:8c: 81:68:82:a2:37:a4:b4:ee:aa:2f:94:85:63:b6:72:db:8e:f5: bf:3d:c1:30:7a:af:8a:5a:e9:d0:8f:4f:da:ec:99:ef:99:6b: 20:64:98:8b:f2:d5:d2:33:88:5e:ae:45:5e:2f:91:46:07:fd: 0a:e8:10:3b:16:7a:59:91:80:6e:18:ce:2e:35:22:4e:35:e1: 63:22:3d:dc:0a:8f:57:f3:77:0b:a3:44:fb:a6:cf:35:c9:d9: 7d:cb:f8:d9:17:92:9b:de:4e:48:4f:79:96:2d:77:15:29:0b: d2:c6:b6:68:6d:dc:2c:99:35:52:31:6b:c3:c9:9f:c4:53:73: d4:d0:85:d6:f1:80:7f:4c:39:be:24:06:67:92:80:51:50:a7: 90:55:1a:95:bc:7c:6c:dd:12:21:61:36:c1:9d:94:7a:ba:d5: b3:e2:88:7f:b1:98:c9:36:2a:17:be:a1:b7:0e:ad:3b:37:fc: 32:3e:4a:03:39:f5:0b:c0:f9:3b:52:da:ab:ae:f8:80:38:07: 9b:de:90:f5:66:02:b6:2d:b4:01:62:a0:2d:6d:e7:af:e7:4a: 26:96:8b:3d:4a:eb:21:82:a5:ec:80:e1:82:1b:cf:46:21:65: 73:d6:ea:0f -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUViJ58eJxDTDmRSAuItP/ccvmEgUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI0MDMyMjAwMDAwMFoX DTI0MDQyNjIzNTk1OVowejFJMEcGA1UEBRNAYjhmMjZjOGZkYWJmMTkzNDI3NmZk MjZkMzZmYjc4ZjY3ZGRmNzc0Y2UyNWY2NTYxNjc2OTViNDA5NWZlYzU5YTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwE93ivL1mSFzEV4vLGYF/KqHCUU+ HCiE0CSy8/G5fgt5lEOcLUAtks4FXO48smIZK78bVZ0pGrhZ7HRutqklEcqjXu1i Fh6mKZjswZSXUS1HGZV8Vksf3fkeG5Hn8GKaIOt9bd8Dx/cxw2Sg6d817ARFRRCB AM2Z/qfQwieE6+Abb+rYHs/sB4R2dw/dmDZa4BUqLN6XebMnDQD8GFsxyY0ouSms WTNOiSJ5BkQThapc0MVl1pgS0AChyuIcC1f1oHvlTBZOzJRoKzRGB02Uth2M7kLB AByE/iMLW55CfhuvlEIyXDzHX5Y902L2T3hDTg904IHTyfNfesHqZo65AwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFDBTonHMT9dMsSK1FozvpyRbL9+JMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2MyY2QzZjJlLWNlOGMtNGQxZi05NmFiLWEyNWNhZWQxYjQyZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rAMA0GCSqGSIb3DQEBCwUAA4IBAQAbsizpOjBBwiZzG7+NYI2x 4YyBaIKiN6S07qovlIVjtnLbjvW/PcEweq+KWunQj0/a7JnvmWsgZJiL8tXSM4he rkVeL5FGB/0K6BA7FnpZkYBuGM4uNSJONeFjIj3cCo9X83cLo0T7ps81ydl9y/jZ F5Kb3k5IT3mWLXcVKQvSxrZobdwsmTVSMWvDyZ/EU3PU0IXW8YB/TDm+JAZnkoBR UKeQVRqVvHxs3RIhYTbBnZR6utWz4oh/sZjJNioXvqG3Dq07N/wyPkoDOfULwPk7 UtqrrviAOAeb3pD1ZgK2LbQBYqAtbeev50omlos9SushgqXsgOGCG89GIWVz1uoP -----END CERTIFICATE-----Generated at Thu Mar 28 02:06:42 2024 by rpki-client on console-ams.rpki-client.org