$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/c413bd55-4d9e-47f0-87cb-ba8981b5bce4.roa File: c413bd55-4d9e-47f0-87cb-ba8981b5bce4.roa (raw, json) Hash identifier: Q+XciY9m9wjp7hitaFg6acR/Glo+68uiy6AKPuZROfM= Subject key identifier: C5:7D:1B:45:F2:7C:CD:FF:36:A9:6C:F1:AB:9D:37:1B:19:BF:E9:E8 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 06840802A671647BE1DB9C0004421699BB84FCDD Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/c413bd55-4d9e-47f0-87cb-ba8981b5bce4.roa Signing time: Mon 18 Nov 2024 00:00:00 +0000 ROA not before: Mon 18 Nov 2024 00:00:00 +0000 ROA not after: Mon 23 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 43.250.193.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 15:03:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:84:08:02:a6:71:64:7b:e1:db:9c:00:04:42:16:99:bb:84:fc:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Nov 18 00:00:00 2024 GMT Not After : Dec 23 23:59:59 2024 GMT Subject: serialNumber=a34fc483bf6f12d245965cf4ed4ef38e39c3c342192360edad7a6e859d57817c, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:fc:ff:6f:c8:26:e2:8e:12:9d:82:4d:1d:a4: de:e8:f6:32:7f:cc:32:1c:48:87:c5:d7:49:9d:36: 7f:28:f3:b8:dc:13:7c:17:d9:14:97:a3:d3:a8:f8: 21:33:35:92:3e:87:81:9a:45:5c:28:56:a9:81:9b: d0:a6:b6:f4:91:7f:ed:ad:80:da:7a:52:af:b9:df: 29:c6:07:cf:8f:f9:0f:2f:b2:44:44:2e:a3:2a:09: fe:10:cb:11:6b:c8:95:77:cf:b8:d8:21:7f:40:14: 6f:d6:40:ae:66:c6:61:a7:84:b5:58:b1:0f:31:7c: 29:1c:ab:be:4d:2e:e0:87:07:cc:31:95:3c:50:06: dd:08:47:85:14:72:76:3f:d5:d4:66:6a:65:cc:14: 87:d5:8e:05:9c:25:09:ff:61:91:19:4b:7e:f9:78: de:84:d5:25:1d:ff:6a:12:a1:99:bd:72:77:4b:3c: 0d:46:8a:26:6a:fa:bb:55:f2:a2:61:25:72:74:1b: cb:92:82:c7:4a:fe:08:11:67:41:e0:7b:03:19:b7: 3b:85:9d:cf:2c:47:ac:a1:29:b1:84:e6:50:2a:ee: f2:e2:ed:6b:75:ac:cd:0d:9a:6e:22:1d:81:f9:4d: 50:9d:a0:54:26:d9:12:a7:e0:62:87:f2:ff:2b:43: af:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:7D:1B:45:F2:7C:CD:FF:36:A9:6C:F1:AB:9D:37:1B:19:BF:E9:E8 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/c413bd55-4d9e-47f0-87cb-ba8981b5bce4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.193.0/24 Signature Algorithm: sha256WithRSAEncryption 34:b6:b6:86:a8:d9:3a:a5:0f:e4:3d:be:a9:50:72:5a:1a:34: fb:44:60:8f:b5:e9:10:08:a8:49:29:f8:cf:8b:2b:be:4c:b0: f9:af:2d:cb:56:61:43:e9:98:a2:f1:35:02:4a:af:62:31:7a: 9b:96:99:75:29:e5:70:6e:4c:d7:77:63:2f:be:d3:a8:e0:da: 37:da:f6:3c:30:0d:22:de:bd:6a:b8:9c:24:a2:e5:48:06:a1: ce:05:c3:0f:af:8c:0f:b2:34:6d:fe:13:8b:95:e8:4e:b5:a0: 68:c6:da:b1:d6:fc:13:5d:cd:ec:dc:c0:b1:c0:6f:48:14:29: 87:f8:56:6a:05:55:e0:77:ca:bd:df:ec:05:01:eb:18:dc:90: e9:13:06:e1:e0:95:5e:66:9c:07:5a:24:1b:bd:19:05:f9:2a: 2c:85:5d:97:ca:c2:9c:5c:2f:31:2d:0b:41:2a:31:06:23:ae: 70:3f:6e:76:57:be:2f:cb:d7:75:25:e7:bf:9e:31:fa:12:f5: ee:4e:c4:6f:1a:4f:d8:6e:a7:8d:09:c7:01:0f:52:50:2b:db: d5:7d:f8:b2:dc:43:b9:c4:8a:f0:23:66:6c:69:fc:5f:0f:10: 14:e6:be:bf:2f:03:31:59:d9:53:0b:9e:cd:60:c6:69:1d:3f: 31:22:21:31 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUBoQIAqZxZHvh25wABEIWmbuE/N0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI0MTExODAwMDAwMFoX DTI0MTIyMzIzNTk1OVowejFJMEcGA1UEBRNAYTM0ZmM0ODNiZjZmMTJkMjQ1OTY1 Y2Y0ZWQ0ZWYzOGUzOWMzYzM0MjE5MjM2MGVkYWQ3YTZlODU5ZDU3ODE3YzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvz/b8gm4o4SnYJNHaTe6PYyf8wy HEiHxddJnTZ/KPO43BN8F9kUl6PTqPghMzWSPoeBmkVcKFapgZvQprb0kX/trYDa elKvud8pxgfPj/kPL7JERC6jKgn+EMsRa8iVd8+42CF/QBRv1kCuZsZhp4S1WLEP MXwpHKu+TS7ghwfMMZU8UAbdCEeFFHJ2P9XUZmplzBSH1Y4FnCUJ/2GRGUt++Xje hNUlHf9qEqGZvXJ3SzwNRoomavq7VfKiYSVydBvLkoLHSv4IEWdB4HsDGbc7hZ3P LEesoSmxhOZQKu7y4u1rdazNDZpuIh2B+U1QnaBUJtkSp+Bih/L/K0OvpQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFMV9G0XyfM3/Nqls8audNxsZv+noMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2M0MTNiZDU1LTRkOWUtNDdmMC04N2NiLWJhODk4MWI1YmNlNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK/rBMA0GCSqGSIb3DQEBCwUAA4IBAQA0traGqNk6pQ/kPb6pUHJa GjT7RGCPtekQCKhJKfjPiyu+TLD5ry3LVmFD6Zii8TUCSq9iMXqblpl1KeVwbkzX d2MvvtOo4No32vY8MA0i3r1quJwkouVIBqHOBcMPr4wPsjRt/hOLlehOtaBoxtqx 1vwTXc3s3MCxwG9IFCmH+FZqBVXgd8q93+wFAesY3JDpEwbh4JVeZpwHWiQbvRkF +SoshV2XysKcXC8xLQtBKjEGI65wP252V74vy9d1Jee/njH6EvXuTsRvGk/YbqeN CccBD1JQK9vVffiy3EO5xIrwI2ZsafxfDxAU5r6/LwMxWdlTC57NYMZpHT8xIiEx -----END CERTIFICATE-----Generated at Sun Nov 24 17:18:25 2024 by rpki-client on console-fra.rpki-client.org