$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa File: cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa (raw, json) Hash identifier: 1OIKMztBBqFnG2HedSTgrKILEhYAwqPgV0f9G0mN//0= Subject key identifier: 5E:09:02:C7:73:14:0A:B3:F1:C2:63:76:F2:C2:44:F9:30:68:2A:25 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 327AE3AA503FBCF9DD39EBB7253D8A940B9B513D Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa Signing time: Mon 18 Nov 2024 00:00:00 +0000 ROA not before: Mon 18 Nov 2024 00:00:00 +0000 ROA not after: Mon 23 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 43.250.192.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 15:03:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:7a:e3:aa:50:3f:bc:f9:dd:39:eb:b7:25:3d:8a:94:0b:9b:51:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Nov 18 00:00:00 2024 GMT Not After : Dec 23 23:59:59 2024 GMT Subject: serialNumber=e2e812bb8601254404f6b9f93c52fa40e50b39ddcbe18f63efaafb7d3fa28c88, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:da:e0:91:d6:0a:4b:6b:2c:b0:60:ca:b1:07: ef:21:cb:e6:7c:11:4f:6e:25:06:86:52:8d:b6:a1: 93:f8:44:27:f0:82:1e:ef:ac:0e:db:f4:4a:6a:ad: 73:3a:df:73:91:77:78:16:75:4f:68:b7:9b:74:fc: 78:93:66:73:2f:cf:34:7b:9a:19:1d:a2:d1:73:c0: 4e:94:6f:3c:1f:05:34:46:e7:19:39:20:b4:ca:0f: 86:20:43:2a:96:49:1e:66:57:1d:6e:f2:53:f3:70: ef:ca:ae:8c:c1:0f:15:78:c1:f2:68:48:5b:8a:91: e5:02:53:78:3c:87:dc:2b:7a:d8:c6:e6:99:e8:ef: bd:ed:95:66:bb:40:49:9d:cb:39:e6:39:13:d4:65: 28:da:c1:b1:e1:ac:86:2e:5e:36:02:4d:03:44:e2: 21:22:e1:d8:0f:7c:9a:53:4c:47:a2:44:08:9f:10: d7:1f:96:a9:6e:37:80:3a:a4:b4:06:4a:10:36:3f: 4b:8f:d2:d5:21:79:e5:50:fa:e4:73:2a:d4:02:4f: 27:a3:1c:60:5b:69:2e:2e:5d:fa:84:a2:82:55:82: 06:c3:56:51:27:de:ee:ac:94:c6:df:e9:03:fd:75: 7f:cb:22:fb:b4:9f:a6:40:0f:2a:8c:07:10:97:78: 91:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:09:02:C7:73:14:0A:B3:F1:C2:63:76:F2:C2:44:F9:30:68:2A:25 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.192.0/22 Signature Algorithm: sha256WithRSAEncryption 95:66:3c:da:05:46:58:97:0a:a9:45:b0:e8:35:8f:8a:f8:f3: b2:6d:c4:ae:99:80:be:22:64:48:44:89:90:c6:f7:74:f3:a8: 03:ad:96:17:ec:17:5e:24:1e:41:d7:b2:88:d2:1c:5f:ee:e0: dc:5d:97:93:79:d7:46:7a:a8:7d:e5:f5:86:d4:93:53:bf:d8: 19:1a:d0:dc:77:d6:c2:02:ac:6e:b8:23:d5:b9:fa:74:8e:57: 6e:95:2d:2b:ca:da:f6:d3:1b:6c:2f:20:a7:7a:95:d4:dc:74: 1d:49:38:26:2c:ee:2c:cb:60:98:8c:cf:94:39:4d:d4:86:f8: 09:35:eb:eb:d2:5e:af:bf:e3:aa:97:63:69:bb:40:b6:f9:da: 02:a6:d7:e8:6a:70:44:81:c9:85:d3:a2:b7:e8:31:c5:0e:79: c6:75:90:6e:12:79:0c:d1:1f:68:75:fb:65:f6:ed:47:2c:87: 01:a1:dc:99:42:b0:90:40:21:52:d7:74:78:42:78:55:fd:d8: be:d5:b2:56:5a:e4:ea:c1:1a:4a:24:02:ad:40:5c:2c:13:0a: ea:a4:5e:55:87:7d:ae:d5:67:02:9e:8e:17:cd:b0:8e:0d:f9: 57:14:68:79:37:70:b0:08:dd:11:78:4b:0f:eb:04:87:62:c3: a5:e8:fc:ec -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUMnrjqlA/vPndOeu3JT2KlAubUT0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI0MTExODAwMDAwMFoX DTI0MTIyMzIzNTk1OVowejFJMEcGA1UEBRNAZTJlODEyYmI4NjAxMjU0NDA0ZjZi OWY5M2M1MmZhNDBlNTBiMzlkZGNiZTE4ZjYzZWZhYWZiN2QzZmEyOGM4ODEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtrgkdYKS2sssGDKsQfvIcvmfBFP biUGhlKNtqGT+EQn8IIe76wO2/RKaq1zOt9zkXd4FnVPaLebdPx4k2ZzL880e5oZ HaLRc8BOlG88HwU0RucZOSC0yg+GIEMqlkkeZlcdbvJT83Dvyq6MwQ8VeMHyaEhb ipHlAlN4PIfcK3rYxuaZ6O+97ZVmu0BJncs55jkT1GUo2sGx4ayGLl42Ak0DROIh IuHYD3yaU0xHokQInxDXH5apbjeAOqS0BkoQNj9Lj9LVIXnlUPrkcyrUAk8noxxg W2kuLl36hKKCVYIGw1ZRJ97urJTG3+kD/XV/yyL7tJ+mQA8qjAcQl3iREQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFF4JAsdzFAqz8cJjdvLCRPkwaColMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NiMmU1YThjLTIxZjEtNDY3OS1hMzcyLTYxNzczMmZjM2VhNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rAMA0GCSqGSIb3DQEBCwUAA4IBAQCVZjzaBUZYlwqpRbDoNY+K +POybcSumYC+ImRIRImQxvd086gDrZYX7BdeJB5B17KI0hxf7uDcXZeTeddGeqh9 5fWG1JNTv9gZGtDcd9bCAqxuuCPVufp0jldulS0rytr20xtsLyCnepXU3HQdSTgm LO4sy2CYjM+UOU3UhvgJNevr0l6vv+Oql2Npu0C2+doCptfoanBEgcmF06K36DHF DnnGdZBuEnkM0R9odftl9u1HLIcBodyZQrCQQCFS13R4QnhV/di+1bJWWuTqwRpK JAKtQFwsEwrqpF5Vh32u1WcCno4XzbCODflXFGh5N3CwCN0ReEsP6wSHYsOl6Pzs -----END CERTIFICATE-----Generated at Sun Nov 24 18:22:22 2024 by rpki-client on console-ams.rpki-client.org