$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/c413bd55-4d9e-47f0-87cb-ba8981b5bce4.roa File: c413bd55-4d9e-47f0-87cb-ba8981b5bce4.roa (raw, json) Hash identifier: oRs4vYfq7C0XNr6Kbmjo7DI3yjBAAzbJFcFIWBOLG8M= Subject key identifier: 59:62:E4:95:DE:10:70:0C:F9:D6:EA:8D:8E:46:D2:18:B4:8E:7E:9E Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 37E0E9C356AB6DEAD76F10E4F710DDCFD492B0 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/c413bd55-4d9e-47f0-87cb-ba8981b5bce4.roa Signing time: Sat 16 Sep 2023 00:00:00 +0000 ROA not before: Sat 16 Sep 2023 00:00:00 +0000 ROA not after: Sat 21 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 43.250.193.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 17 Sep 2023 12:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:e0:e9:c3:56:ab:6d:ea:d7:6f:10:e4:f7:10:dd:cf:d4:92:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Sep 16 00:00:00 2023 GMT Not After : Oct 21 23:59:59 2023 GMT Subject: serialNumber=79cd982094db96156a9ef5ed87d7d564f2ebde5f75874bda0accbb1ccfa20c7a, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:fd:7e:ec:88:df:bd:4b:67:a1:f3:18:a7:37: c4:f5:0e:9e:6e:fe:f4:5e:c0:a5:00:c3:96:0d:56: 1e:03:13:54:da:14:5e:d8:46:8d:bd:a5:08:90:eb: 6b:48:3f:3c:32:50:e3:b5:66:bf:a4:3c:86:d5:c3: 10:2b:7b:97:41:1a:9e:85:93:f1:5d:75:98:2a:22: 3d:40:e5:42:03:60:fb:b9:79:5b:ad:74:fc:66:6c: 3a:8c:b4:83:0c:b4:d9:41:e1:ed:24:56:fd:16:53: c5:61:09:9a:2b:d4:7c:3d:65:ed:ad:94:d5:5c:17: ee:27:b6:6c:46:e8:65:b8:5b:14:ec:67:75:12:c5: 32:ff:9d:b3:8f:3b:9d:1d:6e:4a:07:30:f6:dc:9b: fc:4c:c8:e4:5b:04:3f:92:9f:7c:d6:2a:00:b1:0c: 72:64:3b:59:1c:03:69:09:af:fc:8b:5a:8e:5f:76: d7:b4:0b:f1:4d:6f:25:cd:9a:a7:9b:35:dd:56:27: 24:be:da:e1:e6:22:9a:a0:ca:ac:47:e4:81:b6:8d: 18:17:67:2b:f4:77:69:f6:a2:eb:8a:95:80:88:b5: a4:6f:07:6b:e0:e5:ad:af:27:b1:8c:b1:24:40:db: 4c:61:70:63:12:ad:19:18:cc:c4:78:b4:f9:2b:d4: 00:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:62:E4:95:DE:10:70:0C:F9:D6:EA:8D:8E:46:D2:18:B4:8E:7E:9E X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/c413bd55-4d9e-47f0-87cb-ba8981b5bce4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.193.0/24 Signature Algorithm: sha256WithRSAEncryption 4f:ce:ff:8d:be:fb:ba:9f:25:bf:e9:04:82:94:e1:a3:71:6f: 8c:16:af:d6:1b:93:7a:76:56:0d:79:44:52:d1:d4:66:14:4b: a5:0d:09:09:8b:f1:e9:e3:a4:00:b2:c6:97:10:57:ef:85:a9: 95:cf:a3:a4:d9:87:81:c3:6c:17:c4:d5:bf:00:ea:fd:d4:f8: 1d:87:0f:85:03:d6:48:fc:f9:b4:d0:76:b0:eb:aa:09:e1:dc: 8e:6d:57:d0:a5:b2:5f:85:8c:bc:a1:70:7a:68:e2:11:f0:70: 2f:29:c8:40:0a:53:9a:a6:df:08:d4:d5:d3:8a:f1:b9:87:d0: e1:d5:99:d3:e6:ca:81:d0:a8:8e:10:82:67:f6:f2:4b:59:13: 48:eb:1e:26:db:6e:04:6b:0d:d2:47:27:4e:8a:e2:50:f5:55: a9:9d:a3:3f:c2:b3:08:19:2b:87:ae:22:5f:2e:ea:59:11:31: 09:4d:fb:4e:18:df:86:4e:69:1e:a7:d4:b5:1a:1a:8d:59:5b: 75:8c:54:21:44:c1:51:ea:fa:01:05:94:f3:bb:e2:f4:48:95: f4:32:62:b6:86:44:d3:08:d2:a2:7f:f1:89:a7:eb:34:eb:f1: b4:5a:a3:5c:ef:c1:e1:0b:e7:28:54:8c:33:3a:28:a2:36:11: 3f:0e:fb:90 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgITN+Dpw1arberXbxDk9xDdz9SSsDANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTE2MDkwNDAwMDExMTAvBgNVBAUTKEJDRTlCQTExMjky Rjg0NzUxMkMwQTg0MTJFNTFFNkUzQkEwRDk5MUQwHhcNMjMwOTE2MDAwMDAwWhcN MjMxMDIxMjM1OTU5WjB6MUkwRwYDVQQFE0A3OWNkOTgyMDk0ZGI5NjE1NmE5ZWY1 ZWQ4N2Q3ZDU2NGYyZWJkZTVmNzU4NzRiZGEwYWNjYmIxY2NmYTIwYzdhMS0wKwYD VQQDEyQxNjg0MTExZS0zMWMxLTQyZTYtOGYyMC1mYzlhYjhiNWNmNTcwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCX/X7siN+9S2eh8xinN8T1Dp5u/vRe wKUAw5YNVh4DE1TaFF7YRo29pQiQ62tIPzwyUOO1Zr+kPIbVwxAre5dBGp6Fk/Fd dZgqIj1A5UIDYPu5eVutdPxmbDqMtIMMtNlB4e0kVv0WU8VhCZor1Hw9Ze2tlNVc F+4ntmxG6GW4WxTsZ3USxTL/nbOPO50dbkoHMPbcm/xMyORbBD+Sn3zWKgCxDHJk O1kcA2kJr/yLWo5fdte0C/FNbyXNmqebNd1WJyS+2uHmIpqgyqxH5IG2jRgXZyv0 d2n2ouuKlYCItaRvB2vg5a2vJ7GMsSRA20xhcGMSrRkYzMR4tPkr1ADDAgMBAAGj ggJIMIICRDAdBgNVHQ4EFgQUWWLkld4QcAz51uqNjkbSGLSOfp4wHwYDVR0jBBgw FoAUvOm6ESkvhHUSwKhBLlHm47oNmR0wDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL3ZPbTZFU2t2 aEhVU3dLaEJMbEhtNDdvTm1SMC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2Yjk2ODEzZTQv YzQxM2JkNTUtNGQ5ZS00N2YwLTg3Y2ItYmE4OTgxYjViY2U0LnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lL2JkNDhhMWZhLTM0NzEtNGFiMi04NTA4LWFkMzZi OTY4MTNlNC8yMjBjZWUwYy02MDAyLTQwOWEtODE5NC0zOGUyMTZjMDA5NmMuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwE AgABMAYDBAAr+sEwDQYJKoZIhvcNAQELBQADggEBAE/O/42++7qfJb/pBIKU4aNx b4wWr9Ybk3p2Vg15RFLR1GYUS6UNCQmL8enjpACyxpcQV++FqZXPo6TZh4HDbBfE 1b8A6v3U+B2HD4UD1kj8+bTQdrDrqgnh3I5tV9Clsl+FjLyhcHpo4hHwcC8pyEAK U5qm3wjU1dOK8bmH0OHVmdPmyoHQqI4Qgmf28ktZE0jrHibbbgRrDdJHJ06K4lD1 Vamdoz/CswgZK4euIl8u6lkRMQlN+04Y34ZOaR6n1LUaGo1ZW3WMVCFEwVHq+gEF lPO74vRIlfQyYraGRNMI0qJ/8Ymn6zTr8bRao1zvweEL5yhUjDM6KKI2ET8O+5A= -----END CERTIFICATE-----Generated at Sat Sep 16 00:30:27 2023 by rpki-client on console-ams.rpki-client.org