$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/11134e5c-49e1-4313-9cf2-7f2e61dd8b0c.roa File: 11134e5c-49e1-4313-9cf2-7f2e61dd8b0c.roa (raw, json) Hash identifier: TED8qj07CshYOUAytRwpHOlbA2OonmXHAYlYAomETgQ= Subject key identifier: 45:64:79:3D:0A:04:C5:E8:16:B3:B9:38:8F:7B:A5:26:59:0B:F2:39 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 7700310CEBC35C787AA576B35E4B49502375E1A5 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/11134e5c-49e1-4313-9cf2-7f2e61dd8b0c.roa Signing time: Fri 19 Apr 2024 00:00:00 +0000 ROA not before: Fri 19 Apr 2024 00:00:00 +0000 ROA not after: Fri 24 May 2024 23:59:59 +0000 asID: 14618 IP address blocks: 43.224.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Apr 2024 00:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:00:31:0c:eb:c3:5c:78:7a:a5:76:b3:5e:4b:49:50:23:75:e1:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 19 00:00:00 2024 GMT Not After : May 24 23:59:59 2024 GMT Subject: serialNumber=bc5645afd2c0aed7ef11ca5ad0a1d26cad6031d18cc89b4299271145b946f04e, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:b3:51:92:ce:42:1d:fc:4e:7a:78:c3:c2:01: a1:d2:55:cb:eb:b5:03:69:e8:28:25:3c:0d:2b:fa: 01:81:40:0e:d5:01:4b:e7:aa:78:e3:ac:86:bb:68: a8:36:83:29:0c:b7:4a:93:12:2c:0c:45:4d:34:58: d5:af:c9:55:e5:65:17:36:3c:a0:f1:f6:e2:4c:95: 50:14:4b:bb:1b:29:0a:10:f1:3c:8c:78:a6:10:5d: 6d:60:c4:45:33:ee:4f:14:c1:ae:ee:ac:71:e8:e9: 1a:92:4b:71:78:82:11:87:87:88:f1:52:5f:a3:6b: 1e:8a:97:1d:9f:85:bc:5a:0c:15:5b:9b:7f:c8:06: 4d:71:a6:3c:6a:8f:45:e3:de:5c:82:3a:47:eb:72: 68:df:b9:4e:ea:59:d8:ab:d8:42:6a:5c:92:dc:60: 58:b4:f8:15:f8:6d:32:41:3e:35:13:fc:75:05:6f: 60:31:95:03:63:16:42:bd:50:7b:59:6a:5b:6c:b6: bb:5f:77:11:ca:ce:27:dd:7b:cc:e7:eb:ae:6a:cf: 1d:75:aa:d5:2b:f3:41:40:83:73:88:ce:c0:64:16: 90:4f:b6:7d:3f:1a:e4:9e:30:18:aa:31:e0:0e:02: 4a:8a:73:5a:8e:76:b6:46:03:4a:30:ca:d8:d8:f5: b2:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:64:79:3D:0A:04:C5:E8:16:B3:B9:38:8F:7B:A5:26:59:0B:F2:39 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/11134e5c-49e1-4313-9cf2-7f2e61dd8b0c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.144.0/22 Signature Algorithm: sha256WithRSAEncryption 22:5f:a2:64:ee:5c:ce:ea:a9:f2:c6:f6:e2:57:02:dc:5a:fe: 0c:dc:92:cc:85:d3:40:fd:a3:65:64:67:bb:c8:2a:07:b5:9c: 0a:28:f9:20:05:00:78:3b:1d:ee:32:52:36:5f:1f:4a:2a:51: 50:97:7e:5c:ec:5f:61:a9:8f:9c:77:c5:fc:fa:46:43:8d:8b: fb:70:72:2b:85:6d:bf:a8:81:30:e2:eb:40:38:71:ef:d0:4f: f8:fe:cd:0e:fb:ce:bd:ee:ee:77:91:fc:10:f4:15:b8:52:71: 56:8a:c1:a1:9b:98:d1:d3:4b:a0:f8:d7:4a:15:68:54:c7:38: 13:ba:aa:a1:0c:14:f2:f6:99:41:ac:e2:a7:27:90:08:63:f8: f5:8b:e7:4e:57:78:2a:8f:e1:43:16:97:71:8a:1d:d6:7e:76: a4:0e:96:36:89:2f:61:a4:f5:27:34:8e:d6:8b:a2:30:0a:69: ab:f9:fd:33:f3:9a:6d:5d:37:5e:0e:00:84:a9:e0:f3:b3:49: 75:a4:4b:35:b8:e8:fc:b3:80:af:cc:37:a4:ac:5d:a9:74:e9: d9:2b:6b:85:c1:c9:60:6c:72:6b:7a:5d:d9:c2:55:b4:61:06: b3:ad:d0:ef:af:7f:2a:4b:f8:53:64:5b:dd:aa:75:00:db:97: de:73:ae:f7 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUdwAxDOvDXHh6pXazXktJUCN14aUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MDQxOTAwMDAwMFoX DTI0MDUyNDIzNTk1OVowejFJMEcGA1UEBRNAYmM1NjQ1YWZkMmMwYWVkN2VmMTFj YTVhZDBhMWQyNmNhZDYwMzFkMThjYzg5YjQyOTkyNzExNDViOTQ2ZjA0ZTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurNRks5CHfxOenjDwgGh0lXL67UD aegoJTwNK/oBgUAO1QFL56p446yGu2ioNoMpDLdKkxIsDEVNNFjVr8lV5WUXNjyg 8fbiTJVQFEu7GykKEPE8jHimEF1tYMRFM+5PFMGu7qxx6OkakktxeIIRh4eI8VJf o2seipcdn4W8WgwVW5t/yAZNcaY8ao9F495cgjpH63Jo37lO6lnYq9hCalyS3GBY tPgV+G0yQT41E/x1BW9gMZUDYxZCvVB7WWpbbLa7X3cRys4n3XvM5+uuas8ddarV K/NBQINziM7AZBaQT7Z9PxrknjAYqjHgDgJKinNajna2RgNKMMrY2PWykQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFEVkeT0KBMXoFrO5OI97pSZZC/I5MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzExMTM0ZTVjLTQ5ZTEtNDMxMy05Y2YyLTdmMmU2MWRkOGIwYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+CQMA0GCSqGSIb3DQEBCwUAA4IBAQAiX6Jk7lzO6qnyxvbiVwLc Wv4M3JLMhdNA/aNlZGe7yCoHtZwKKPkgBQB4Ox3uMlI2Xx9KKlFQl35c7F9hqY+c d8X8+kZDjYv7cHIrhW2/qIEw4utAOHHv0E/4/s0O+8697u53kfwQ9BW4UnFWisGh m5jR00ug+NdKFWhUxzgTuqqhDBTy9plBrOKnJ5AIY/j1i+dOV3gqj+FDFpdxih3W fnakDpY2iS9hpPUnNI7Wi6IwCmmr+f0z85ptXTdeDgCEqeDzs0l1pEs1uOj8s4Cv zDekrF2pdOnZK2uFwclgbHJrel3ZwlW0YQazrdDvr38qS/hTZFvdqnUA25fec673 -----END CERTIFICATE-----Generated at Fri Apr 19 00:52:16 2024 by rpki-client on console-ams.rpki-client.org