$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa File: cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa (raw, json) Hash identifier: M/xtJBJaGpDG4i5IWs3Rs/ZJHhsiKpnkmy8olghEk5Y= Subject key identifier: E5:39:40:34:57:37:37:30:11:9C:C3:D0:57:51:95:C8:D9:A8:AD:74 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 22DDD3D9CE758B53CE30D14A7E7D68FC98D03F61 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa Signing time: Sat 02 Sep 2023 00:00:00 +0000 ROA not before: Sat 02 Sep 2023 00:00:00 +0000 ROA not after: Sat 07 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 43.250.192.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 03 Sep 2023 12:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:dd:d3:d9:ce:75:8b:53:ce:30:d1:4a:7e:7d:68:fc:98:d0:3f:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Sep 2 00:00:00 2023 GMT Not After : Oct 7 23:59:59 2023 GMT Subject: serialNumber=66834d880fbf69746009f9ada060192d1ae9c65abc08d9010c0571c9a04b1264, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:23:56:6b:04:ea:de:fe:17:fc:27:e0:a8:cb: 9d:89:b6:a4:f1:a4:63:24:4d:b1:14:cc:89:49:8f: 33:c4:c3:43:44:47:45:d9:4f:4c:89:cf:a7:41:11: 44:cb:dd:eb:e6:de:d0:05:ee:fe:5a:8b:bd:05:ce: ac:69:38:31:11:38:49:86:76:7f:ed:ab:f6:a6:9c: 9f:87:58:77:58:61:e6:d3:6f:b3:45:af:53:3d:95: 73:f3:00:68:73:96:23:04:1e:81:8a:90:aa:2c:4f: b5:0a:79:a8:c6:6b:d6:0d:56:a8:46:6c:b0:d6:14: 9b:1d:48:d7:f5:0a:0c:a1:ef:e2:f1:d6:bf:fe:0f: cc:fe:7d:cf:48:c2:45:8c:ff:f2:f1:e5:23:c8:74: b5:b4:6c:6a:ea:24:dd:b4:f1:0e:18:0b:5d:c7:3c: 5e:ec:c0:c6:ac:5b:bc:4a:26:a1:0c:e4:da:62:c5: 76:43:c6:a6:71:9a:c9:40:5e:7f:b0:18:07:c8:28: f8:45:0e:74:50:fc:2d:df:8b:92:fa:f8:7d:fb:fe: 82:4b:f9:4e:2c:ea:74:67:06:c4:4f:d5:61:19:a3: 1e:1f:73:05:ce:d5:78:be:4b:13:eb:bc:19:04:c2: 67:33:87:72:a9:1d:e7:b3:10:92:ba:d8:cd:42:e7: bd:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:39:40:34:57:37:37:30:11:9C:C3:D0:57:51:95:C8:D9:A8:AD:74 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cb2e5a8c-21f1-4679-a372-617732fc3ea6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.192.0/22 Signature Algorithm: sha256WithRSAEncryption 21:fc:54:4c:62:26:77:45:7d:bd:cf:f7:c1:20:b2:e4:c5:a9: 8a:9b:4c:89:78:9a:22:94:86:5c:5e:59:2d:3e:51:10:01:ef: 3c:16:3a:90:47:6d:f4:fc:f3:df:ff:e8:58:76:ee:6a:02:40: 44:95:d0:7f:42:43:8e:d2:e8:d1:c8:b7:4a:04:e0:43:9f:1c: 5a:62:be:f2:f8:ce:af:2d:ba:b5:b5:8c:ba:d6:8f:d8:5c:50: 5a:65:63:c2:93:9a:d0:c3:22:dd:1c:48:cf:05:81:cc:3e:58: 69:f5:97:4e:6f:f6:5d:a7:ac:00:8f:47:e8:e2:5c:1c:4b:b5: 0f:26:51:87:81:95:6f:7a:e2:0b:53:1d:f2:d8:7b:74:1d:30: 43:0c:53:04:c3:79:97:a6:fe:70:5b:64:8e:0f:e5:79:ac:67: 00:dc:2a:fb:68:2f:bc:c7:d6:b3:4b:c9:97:a3:62:fc:9f:12: ff:16:eb:e6:a6:7f:3b:b3:0e:bd:b8:d2:ac:98:3e:b8:26:91: e4:8f:8b:71:f3:ea:74:3f:da:20:eb:45:05:5b:92:b0:94:54: a7:68:91:a1:13:d8:0b:77:7a:f8:0e:ab:1c:1f:09:bc:b9:63: 43:36:57:eb:0e:9b:a0:8a:27:33:6f:4a:99:84:f0:d0:12:f9: 0c:22:b5:d5 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUIt3T2c51i1POMNFKfn1o/JjQP2EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTIzMDkwMjAwMDAwMFoX DTIzMTAwNzIzNTk1OVowejFJMEcGA1UEBRNANjY4MzRkODgwZmJmNjk3NDYwMDlm OWFkYTA2MDE5MmQxYWU5YzY1YWJjMDhkOTAxMGMwNTcxYzlhMDRiMTI2NDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSNWawTq3v4X/CfgqMudibak8aRj JE2xFMyJSY8zxMNDREdF2U9Mic+nQRFEy93r5t7QBe7+Wou9Bc6saTgxEThJhnZ/ 7av2ppyfh1h3WGHm02+zRa9TPZVz8wBoc5YjBB6BipCqLE+1CnmoxmvWDVaoRmyw 1hSbHUjX9QoMoe/i8da//g/M/n3PSMJFjP/y8eUjyHS1tGxq6iTdtPEOGAtdxzxe 7MDGrFu8SiahDOTaYsV2Q8amcZrJQF5/sBgHyCj4RQ50UPwt34uS+vh9+/6CS/lO LOp0ZwbET9VhGaMeH3MFztV4vksT67wZBMJnM4dyqR3nsxCSutjNQue92wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFOU5QDRXNzcwEZzD0FdRlcjZqK10MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NiMmU1YThjLTIxZjEtNDY3OS1hMzcyLTYxNzczMmZjM2VhNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rAMA0GCSqGSIb3DQEBCwUAA4IBAQAh/FRMYiZ3RX29z/fBILLk xamKm0yJeJoilIZcXlktPlEQAe88FjqQR230/PPf/+hYdu5qAkBEldB/QkOO0ujR yLdKBOBDnxxaYr7y+M6vLbq1tYy61o/YXFBaZWPCk5rQwyLdHEjPBYHMPlhp9ZdO b/Zdp6wAj0fo4lwcS7UPJlGHgZVveuILUx3y2Ht0HTBDDFMEw3mXpv5wW2SOD+V5 rGcA3Cr7aC+8x9azS8mXo2L8nxL/Fuvmpn87sw69uNKsmD64JpHkj4tx8+p0P9og 60UFW5KwlFSnaJGhE9gLd3r4DqscHwm8uWNDNlfrDpugiiczb0qZhPDQEvkMIrXV -----END CERTIFICATE-----Generated at Sat Sep 2 00:30:12 2023 by rpki-client on console-fra.rpki-client.org