$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/f95587cf-7170-48b0-b508-4aa1770ec2e7.roa File: f95587cf-7170-48b0-b508-4aa1770ec2e7.roa (raw, json) Hash identifier: PGoCek0UyHMyNGVlDba+3FDNuj+n+n/JvxtZZUouCHY= Subject key identifier: 8C:39:0B:B7:38:BE:F5:7B:6F:F3:5F:B8:FC:99:58:69:B1:3E:47:8F Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 1F822DEEE88B41EF2DE4C624F12AA1FBD8D3D767 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/f95587cf-7170-48b0-b508-4aa1770ec2e7.roa Signing time: Fri 22 Mar 2024 00:00:00 +0000 ROA not before: Fri 22 Mar 2024 00:00:00 +0000 ROA not after: Fri 26 Apr 2024 23:59:59 +0000 asID: 16509 IP address blocks: 122.248.192.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Mar 2024 12:03:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:82:2d:ee:e8:8b:41:ef:2d:e4:c6:24:f1:2a:a1:fb:d8:d3:d7:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Mar 22 00:00:00 2024 GMT Not After : Apr 26 23:59:59 2024 GMT Subject: serialNumber=819e9765dec45cc09cb76bd2d7815c0c80aa7f9d8f87589bedaa5d1d6f5073bb, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:22:c2:3a:e7:ed:31:58:32:fd:b3:85:88:7c: cf:49:4e:be:83:35:42:ce:58:52:68:27:5a:50:97: 31:a7:ed:7f:d8:89:a4:fe:1e:b5:de:bc:8b:35:6a: b9:4b:82:bc:04:9c:d5:d1:e6:6d:01:58:a7:bf:9c: cc:d3:40:ef:81:90:c1:8a:fb:b8:07:8b:b1:bc:df: 7d:23:74:d4:89:b6:3e:b2:15:5d:82:78:a9:c0:c5: 0e:ff:dc:84:db:e4:12:a3:89:b9:43:ca:06:5c:c7: 39:5a:aa:b5:08:04:85:79:c3:1f:d2:64:fb:bd:54: d4:e2:0f:67:e4:0e:e7:17:51:30:0c:d4:76:09:0d: 7c:0b:a7:76:43:11:33:b0:96:bb:9f:e6:5e:e9:e8: 85:1e:4f:a8:88:6c:f7:4f:00:a9:ab:2f:7c:37:8a: 03:41:60:25:ca:7a:be:a6:75:8b:a6:6f:9a:5f:80: 68:56:fd:57:36:16:3e:78:3d:4a:70:87:3e:a4:55: be:e9:db:48:91:d4:6c:a1:de:af:81:8c:b1:8d:df: 46:f5:6a:e9:19:50:86:f3:ff:8a:d2:48:3a:36:d7: 5f:42:a9:f0:01:f0:89:3c:13:b6:35:18:7e:4f:94: a0:97:d4:7d:a0:48:aa:25:42:3a:24:92:49:32:45: e1:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:39:0B:B7:38:BE:F5:7B:6F:F3:5F:B8:FC:99:58:69:B1:3E:47:8F X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/f95587cf-7170-48b0-b508-4aa1770ec2e7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.248.192.0/18 Signature Algorithm: sha256WithRSAEncryption 66:67:cb:ae:24:db:2c:8b:c1:ea:7d:99:25:c0:85:13:12:39: 1d:00:a2:7a:2f:96:ff:eb:c7:de:5d:cd:df:2c:51:d9:97:6c: 49:06:82:37:3f:00:06:12:45:29:d5:6f:44:59:35:52:84:b0: 18:8c:90:13:b2:0e:3e:ed:41:25:32:fa:0c:2e:bd:1f:56:ac: 7c:12:69:80:d1:11:2e:cf:84:31:93:9a:d7:65:e3:a8:89:f9: b4:20:d5:02:b6:18:0a:04:15:17:d1:86:8c:30:ee:e9:54:0c: e8:3d:f6:7a:f0:bb:ac:03:25:db:20:d0:3d:8e:39:c0:1f:1b: a0:ea:21:a4:cf:38:03:7c:b5:aa:ac:20:62:eb:da:40:4e:55: c8:76:43:31:32:83:e1:e7:78:80:f4:26:af:b0:a1:50:67:0d: b3:d8:84:95:db:6d:1f:7e:dc:08:c9:fe:8d:ea:69:86:e6:0b: e1:e3:d3:06:b0:b1:cb:a2:27:5e:15:94:18:41:df:21:21:1f: 1b:8a:91:4c:3f:8f:c2:c3:b8:51:fa:03:93:78:98:1d:a6:17: 54:e1:f2:d7:44:f9:87:dc:05:95:ef:41:ec:6e:bf:d4:a0:c0: 65:16:51:e5:fd:47:c2:55:1c:61:8d:bd:32:93:d8:72:8f:82: 20:36:4c:a8 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUH4It7uiLQe8t5MYk8Sqh+9jT12cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI0MDMyMjAwMDAwMFoX DTI0MDQyNjIzNTk1OVowejFJMEcGA1UEBRNAODE5ZTk3NjVkZWM0NWNjMDljYjc2 YmQyZDc4MTVjMGM4MGFhN2Y5ZDhmODc1ODliZWRhYTVkMWQ2ZjUwNzNiYjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSLCOuftMVgy/bOFiHzPSU6+gzVC zlhSaCdaUJcxp+1/2Imk/h613ryLNWq5S4K8BJzV0eZtAVinv5zM00DvgZDBivu4 B4uxvN99I3TUibY+shVdgnipwMUO/9yE2+QSo4m5Q8oGXMc5Wqq1CASFecMf0mT7 vVTU4g9n5A7nF1EwDNR2CQ18C6d2QxEzsJa7n+Ze6eiFHk+oiGz3TwCpqy98N4oD QWAlynq+pnWLpm+aX4BoVv1XNhY+eD1KcIc+pFW+6dtIkdRsod6vgYyxjd9G9Wrp GVCG8/+K0kg6NtdfQqnwAfCJPBO2NRh+T5Sgl9R9oEiqJUI6JJJJMkXh3QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFIw5C7c4vvV7b/NfuPyZWGmxPkePMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2Y5NTU4N2NmLTcxNzAtNDhiMC1iNTA4LTRhYTE3NzBlYzJlNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQGevjAMA0GCSqGSIb3DQEBCwUAA4IBAQBmZ8uuJNssi8HqfZklwIUT EjkdAKJ6L5b/68feXc3fLFHZl2xJBoI3PwAGEkUp1W9EWTVShLAYjJATsg4+7UEl MvoMLr0fVqx8EmmA0REuz4Qxk5rXZeOoifm0INUCthgKBBUX0YaMMO7pVAzoPfZ6 8LusAyXbINA9jjnAHxug6iGkzzgDfLWqrCBi69pATlXIdkMxMoPh53iA9CavsKFQ Zw2z2ISV220fftwIyf6N6mmG5gvh49MGsLHLoideFZQYQd8hIR8bipFMP4/Cw7hR +gOTeJgdphdU4fLXRPmH3AWV70Hsbr/UoMBlFlHl/UfCVRxhjb0yk9hyj4IgNkyo -----END CERTIFICATE-----Generated at Thu Mar 28 02:06:42 2024 by rpki-client on console-ams.rpki-client.org