$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/c413bd55-4d9e-47f0-87cb-ba8981b5bce4.roa File: c413bd55-4d9e-47f0-87cb-ba8981b5bce4.roa (raw, json) Hash identifier: AJ/PXco7Q9+4T2W4NRhXlwS1NnXc4V35S4aUCVHL/+I= Subject key identifier: BD:B2:CB:30:DA:CC:8D:5E:30:8E:CC:9B:2D:2C:D6:B7:F8:F8:FC:28 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 4195A76B23566B2573DA97F147A59363F72305B6 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/c413bd55-4d9e-47f0-87cb-ba8981b5bce4.roa Signing time: Fri 05 Apr 2024 00:00:00 +0000 ROA not before: Fri 05 Apr 2024 00:00:00 +0000 ROA not after: Fri 10 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 43.250.193.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 30 Apr 2024 00:01:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:95:a7:6b:23:56:6b:25:73:da:97:f1:47:a5:93:63:f7:23:05:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Apr 5 00:00:00 2024 GMT Not After : May 10 23:59:59 2024 GMT Subject: serialNumber=359e75e80439b581f18dff094229c9b70a2dfa8c2cd0c5b3a45a4203edbbb9a3, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:8c:ab:a2:5e:b0:5c:77:f1:98:ee:19:3c:33: 83:87:ee:bb:a2:70:bf:52:16:ee:67:33:70:7d:67: 91:4f:36:42:d3:29:54:65:7f:c9:68:32:f0:70:0f: 74:c5:3d:a1:bd:cf:c7:fa:bc:2e:dd:aa:43:35:1e: 23:59:59:d8:8e:05:90:09:47:05:1b:91:bc:de:05: 92:94:dd:c4:83:63:51:0a:c4:43:24:6e:7e:1b:25: a6:08:cf:77:a1:3f:64:d2:9b:59:ea:5a:e7:49:75: b6:2d:6f:33:46:c3:bb:07:f1:7b:26:92:61:5c:0d: 79:89:de:a4:c0:77:2c:c8:76:86:83:b3:3d:8a:47: c3:98:3c:5c:9f:cd:7b:73:2b:ef:27:2f:4a:7d:e8: 71:9b:2c:c1:cb:d6:2c:5c:3d:f2:a1:8c:7f:cc:50: 3a:e8:53:97:0a:e6:64:d1:34:bf:9c:38:7e:4f:e3: 14:01:a1:ba:a4:88:a4:09:44:8a:99:fd:8d:60:b4: 14:e2:3f:98:b1:ee:47:d0:93:36:51:70:44:da:1e: 65:16:79:33:07:79:76:07:9d:3f:04:0d:15:81:d9: a7:f0:59:18:a0:c0:51:e4:de:8f:2e:73:c1:50:3c: 57:d0:9f:18:75:8f:0b:c8:e3:12:23:6c:43:b9:dd: e3:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:B2:CB:30:DA:CC:8D:5E:30:8E:CC:9B:2D:2C:D6:B7:F8:F8:FC:28 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/c413bd55-4d9e-47f0-87cb-ba8981b5bce4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.193.0/24 Signature Algorithm: sha256WithRSAEncryption eb:74:08:f5:73:cb:3c:fc:d6:13:f5:73:22:e6:28:92:2d:8f: 22:55:3d:6b:1b:66:6a:47:da:35:2f:23:28:76:cd:be:60:a1: 35:dd:b8:cd:f9:eb:e8:8d:0e:fc:0e:a6:4d:9c:a9:bc:a1:ec: 09:c5:0b:e6:16:a9:61:bc:fe:52:5a:62:44:44:54:ae:fc:7d: 28:89:95:2d:58:08:d8:1d:45:a0:4d:25:c7:de:d1:ca:10:5d: 56:26:93:be:f4:b6:86:8d:16:19:45:03:e9:ad:d3:55:37:c4: 15:f9:95:6c:86:3b:0d:6a:38:40:fd:69:16:86:c6:04:a1:9d: 50:b6:7e:fb:3d:3b:e7:7c:98:de:b7:a8:48:bf:dc:36:fd:cf: ab:2e:d5:5a:3b:f6:48:2b:a1:5c:7e:e0:50:64:ec:82:9f:7f: 89:a1:f8:90:dd:51:bf:3a:04:ee:ce:eb:cf:8b:70:52:ff:c0: 4a:53:da:cb:12:6e:12:50:b6:db:60:28:82:eb:02:b2:68:23: 5a:ba:8c:f9:a8:da:e9:a7:c2:59:08:8f:0e:c6:b9:ae:2a:6f: b1:c2:77:fd:aa:69:dc:f5:ed:be:96:9c:b1:fb:ca:cd:d0:8d: 2e:dd:bc:58:7c:ed:c4:f6:5f:7c:83:2d:19:1a:66:de:df:3e: 6a:c9:95:ae -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUQZWnayNWayVz2pfxR6WTY/cjBbYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI0MDQwNTAwMDAwMFoX DTI0MDUxMDIzNTk1OVowejFJMEcGA1UEBRNAMzU5ZTc1ZTgwNDM5YjU4MWYxOGRm ZjA5NDIyOWM5YjcwYTJkZmE4YzJjZDBjNWIzYTQ1YTQyMDNlZGJiYjlhMzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Iyrol6wXHfxmO4ZPDODh+67onC/ UhbuZzNwfWeRTzZC0ylUZX/JaDLwcA90xT2hvc/H+rwu3apDNR4jWVnYjgWQCUcF G5G83gWSlN3Eg2NRCsRDJG5+GyWmCM93oT9k0ptZ6lrnSXW2LW8zRsO7B/F7JpJh XA15id6kwHcsyHaGg7M9ikfDmDxcn817cyvvJy9KfehxmyzBy9YsXD3yoYx/zFA6 6FOXCuZk0TS/nDh+T+MUAaG6pIikCUSKmf2NYLQU4j+Yse5H0JM2UXBE2h5lFnkz B3l2B50/BA0Vgdmn8FkYoMBR5N6PLnPBUDxX0J8YdY8LyOMSI2xDud3jxwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFL2yyzDazI1eMI7Mmy0s1rf4+PwoMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2M0MTNiZDU1LTRkOWUtNDdmMC04N2NiLWJhODk4MWI1YmNlNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAK/rBMA0GCSqGSIb3DQEBCwUAA4IBAQDrdAj1c8s8/NYT9XMi5iiS LY8iVT1rG2ZqR9o1LyMods2+YKE13bjN+evojQ78DqZNnKm8oewJxQvmFqlhvP5S WmJERFSu/H0oiZUtWAjYHUWgTSXH3tHKEF1WJpO+9LaGjRYZRQPprdNVN8QV+ZVs hjsNajhA/WkWhsYEoZ1Qtn77PTvnfJjet6hIv9w2/c+rLtVaO/ZIK6FcfuBQZOyC n3+JofiQ3VG/OgTuzuvPi3BS/8BKU9rLEm4SULbbYCiC6wKyaCNauoz5qNrpp8JZ CI8OxrmuKm+xwnf9qmnc9e2+lpyx+8rN0I0u3bxYfO3E9l98gy0ZGmbe3z5qyZWu -----END CERTIFICATE-----Generated at Fri Apr 26 00:36:11 2024 by rpki-client on console-ams.rpki-client.org