$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/98be1b25-e267-48c9-8089-71d3f3f86c51.roa File: 98be1b25-e267-48c9-8089-71d3f3f86c51.roa (raw, json) Hash identifier: RoecCR4XlQvgSPZ1l1LHT9iz1t3SepSvAwSsYLF6vW0= Subject key identifier: C5:B3:BE:10:67:FE:B1:54:5D:B1:F0:95:51:60:DB:A4:AB:E8:0E:6C Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 0DFA7B64A7F42D847718666A96F83D76EB2E7E96 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/98be1b25-e267-48c9-8089-71d3f3f86c51.roa Signing time: Tue 09 Apr 2024 00:00:00 +0000 ROA not before: Tue 09 Apr 2024 00:00:00 +0000 ROA not after: Tue 14 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 103.21.241.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 05 May 2024 15:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:fa:7b:64:a7:f4:2d:84:77:18:66:6a:96:f8:3d:76:eb:2e:7e:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 9 00:00:00 2024 GMT Not After : May 14 23:59:59 2024 GMT Subject: serialNumber=929a37d29e31b1aacd763e4574ac0763dc940d1ed076d38c96f3b895d2ab06aa, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:74:e8:56:f5:0f:9d:80:1d:48:82:e6:34:dd: 86:a1:40:c7:c5:b0:ef:c1:90:9b:ae:33:4a:2a:a8: dc:a4:65:c8:de:73:40:0f:99:7f:a9:8f:b5:15:86: 17:97:9a:b1:c9:3f:84:ce:06:ff:ba:f9:35:0e:65: 66:26:d1:6f:55:e2:78:80:62:e4:c0:5f:0b:5d:28: 4e:ce:d1:33:17:ba:1c:48:33:12:0b:f1:a6:02:44: ff:8e:f0:1f:db:f8:45:92:3c:55:d6:c8:3b:50:b2: 4c:22:c7:bc:21:15:be:4b:95:3c:34:8d:e4:22:87: bc:ae:19:30:b0:f5:92:14:ba:d4:1c:1e:29:eb:57: cc:58:a7:8f:7b:db:f8:eb:60:3f:c2:cc:f7:3e:04: 91:92:16:a6:87:50:36:77:23:74:fc:77:e7:6e:c6: 85:d4:e0:7d:68:4a:46:a1:dc:d2:62:23:59:24:2c: 72:69:d7:7c:48:71:0f:40:57:86:c3:1b:ed:09:65: ec:64:c9:5f:60:36:c0:34:40:62:ca:2a:fb:24:18: 7d:12:cd:d3:9b:d9:ab:7c:0f:d6:9e:19:c3:30:76: 1d:0a:17:08:6c:6a:41:9e:2e:4e:69:8b:9f:cb:c6: 36:0e:dc:d4:b4:aa:4c:2c:45:6c:16:fc:99:3c:eb: 30:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:B3:BE:10:67:FE:B1:54:5D:B1:F0:95:51:60:DB:A4:AB:E8:0E:6C X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/98be1b25-e267-48c9-8089-71d3f3f86c51.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.21.241.0/24 Signature Algorithm: sha256WithRSAEncryption 60:49:2c:ac:c3:28:c7:18:5f:aa:45:6f:7a:57:c8:21:15:7d: 94:b7:b6:11:c8:9a:e8:9b:28:e1:27:8e:eb:cf:29:88:86:a8: 3f:60:6a:94:fc:c5:61:d0:a6:3d:01:c4:f9:79:e6:3c:0f:11: c5:89:ec:74:99:51:be:57:ca:17:62:70:de:34:f7:44:61:1f: d7:17:19:b8:5d:57:83:c5:07:7c:03:ef:64:95:80:01:df:25: 4c:e1:99:a2:ba:ae:fa:8f:0a:d2:9c:a5:c9:d0:49:6b:c8:0d: 72:c7:8f:7b:15:9d:fc:3b:4c:8b:4a:52:bb:08:a0:0e:ce:1a: ab:a3:af:c8:6a:ba:56:91:ae:e5:5a:08:1e:de:d2:0e:83:28: 8b:0a:ec:84:24:a7:cd:b0:df:82:2a:bd:2e:7a:13:4d:7c:46: 63:d1:df:c2:89:ec:dd:a3:29:d9:6f:8d:39:9e:9b:50:9e:be: 94:e0:3c:19:72:ee:ab:4f:57:28:97:3e:89:d5:09:ba:20:dc: 9b:89:9e:d3:ed:9e:95:a4:b5:2f:08:38:20:49:5b:cb:90:1f: 32:15:a2:8f:2f:75:3a:d6:ed:39:fa:75:9c:49:7c:89:64:f7: 8d:6d:08:cf:13:e5:d4:5b:a7:c3:86:24:7b:92:a8:20:09:06: f7:92:e1:59 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUDfp7ZKf0LYR3GGZqlvg9dusufpYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MDQwOTAwMDAwMFoX DTI0MDUxNDIzNTk1OVowejFJMEcGA1UEBRNAOTI5YTM3ZDI5ZTMxYjFhYWNkNzYz ZTQ1NzRhYzA3NjNkYzk0MGQxZWQwNzZkMzhjOTZmM2I4OTVkMmFiMDZhYTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHToVvUPnYAdSILmNN2GoUDHxbDv wZCbrjNKKqjcpGXI3nNAD5l/qY+1FYYXl5qxyT+Ezgb/uvk1DmVmJtFvVeJ4gGLk wF8LXShOztEzF7ocSDMSC/GmAkT/jvAf2/hFkjxV1sg7ULJMIse8IRW+S5U8NI3k Ioe8rhkwsPWSFLrUHB4p61fMWKePe9v462A/wsz3PgSRkhamh1A2dyN0/HfnbsaF 1OB9aEpGodzSYiNZJCxyadd8SHEPQFeGwxvtCWXsZMlfYDbANEBiyir7JBh9Es3T m9mrfA/WnhnDMHYdChcIbGpBni5OaYufy8Y2DtzUtKpMLEVsFvyZPOswdQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFMWzvhBn/rFUXbHwlVFg26Sr6A5sMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 Lzk4YmUxYjI1LWUyNjctNDhjOS04MDg5LTcxZDNmM2Y4NmM1MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAZxXxMA0GCSqGSIb3DQEBCwUAA4IBAQBgSSyswyjHGF+qRW96V8gh FX2Ut7YRyJromyjhJ47rzymIhqg/YGqU/MVh0KY9AcT5eeY8DxHFiex0mVG+V8oX YnDeNPdEYR/XFxm4XVeDxQd8A+9klYAB3yVM4Zmiuq76jwrSnKXJ0ElryA1yx497 FZ38O0yLSlK7CKAOzhqro6/IarpWka7lWgge3tIOgyiLCuyEJKfNsN+CKr0uehNN fEZj0d/CiezdoynZb405nptQnr6U4DwZcu6rT1colz6J1Qm6INybiZ7T7Z6VpLUv CDggSVvLkB8yFaKPL3U61u05+nWcSXyJZPeNbQjPE+XUW6fDhiR7kqggCQb3kuFZ -----END CERTIFICATE-----Generated at Wed May 1 15:36:36 2024 by rpki-client on console-ams.rpki-client.org