$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9fb28a95-f5bb-4868-9ab3-7d83d5142538.roa File: 9fb28a95-f5bb-4868-9ab3-7d83d5142538.roa (raw, json) Hash identifier: izd76RFgqWwDl6zhm/2YsIsbRdHO8sBzMAliA+tUDpY= Subject key identifier: CD:24:64:05:8F:83:00:A1:38:99:AC:0D:E8:92:87:03:17:00:DD:15 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 071D83E5DE08AEA322649BA12F67B4FA4180EC7E Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9fb28a95-f5bb-4868-9ab3-7d83d5142538.roa Signing time: Fri 22 Nov 2024 00:00:00 +0000 ROA not before: Fri 22 Nov 2024 00:00:00 +0000 ROA not after: Fri 27 Dec 2024 23:59:59 +0000 asID: 14618 IP address blocks: 103.21.240.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:28:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:1d:83:e5:de:08:ae:a3:22:64:9b:a1:2f:67:b4:fa:41:80:ec:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 22 00:00:00 2024 GMT Not After : Dec 27 23:59:59 2024 GMT Subject: serialNumber=a6a2f9bef67143714cde493d97bb1b85e0a3796bbaeb835f677d4d29b1a6b4ab, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:97:6b:82:9e:8e:e7:99:30:a2:92:16:f2:ed: c1:bd:07:f0:7f:97:5b:fd:6a:d4:3d:a0:5e:61:e7: c4:70:26:ff:da:01:7e:cf:db:db:5a:0b:26:b2:f6: f0:83:b1:ae:f1:30:b3:22:02:02:40:4f:64:0a:b6: 61:c7:df:31:22:21:e5:a5:5a:14:7c:a8:ba:f7:a1: 7d:18:fa:fd:a5:a0:fb:cf:dc:98:ea:24:0f:b9:5a: fc:43:32:2d:1a:55:3b:af:bb:00:4e:0c:93:92:68: 16:82:ac:27:23:c2:8d:f9:71:fe:02:fa:a2:6b:84: 06:79:e1:81:7d:d7:ce:df:86:21:cd:47:27:20:51: 32:71:05:19:15:99:07:b7:f2:7a:e9:99:03:f5:91: 42:43:d6:d8:3a:7d:9a:f0:b9:b4:b8:19:6e:53:c6: 2e:64:6e:46:a5:87:9c:0d:54:dc:8f:2e:03:f9:79: 2f:8b:f0:d5:cc:b1:83:af:4a:4d:a5:75:92:a8:9d: 5d:cb:4e:c0:a6:bb:39:bd:e6:17:ed:9c:56:da:7d: 20:ee:24:64:81:dd:30:00:2f:58:82:44:f8:19:b7: a3:10:da:8d:4f:3e:27:a9:16:99:26:29:34:34:92: 90:ef:96:35:dc:62:43:92:e6:2d:ba:f3:f5:ab:0a: 92:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:24:64:05:8F:83:00:A1:38:99:AC:0D:E8:92:87:03:17:00:DD:15 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9fb28a95-f5bb-4868-9ab3-7d83d5142538.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.21.240.0/22 Signature Algorithm: sha256WithRSAEncryption 60:2c:62:ed:fb:e9:b6:40:e7:28:28:5f:ae:c0:18:f7:9f:55: c3:e5:70:a5:17:74:30:f8:86:16:b1:40:aa:de:d0:c9:e1:2c: 73:20:77:e7:39:5a:c2:ee:54:96:f6:7f:b3:d0:3f:40:7e:5e: fd:3a:4d:78:29:bc:e8:8f:60:3a:4c:00:32:3d:b0:2f:98:4e: 37:12:24:0c:5b:dc:a9:5f:a8:8d:f2:56:ff:cc:94:a6:17:4a: cf:ae:29:62:06:c0:f2:55:20:8a:98:ce:20:b5:7c:55:2c:5e: 33:12:cf:cb:a8:27:f6:aa:ee:f8:ea:3e:ea:a4:92:55:8a:b1: 2f:54:76:61:f0:03:99:b1:97:6a:3d:e1:d3:4c:2d:4f:ed:e1: 9c:5e:a4:47:5d:9c:f9:a6:78:92:dc:a1:72:d0:51:c2:fb:2a: be:f9:dd:1e:92:c4:12:64:0f:49:94:17:46:77:69:3e:7d:f1: 79:17:fe:ac:fd:e8:b6:66:8b:51:50:c5:73:2b:09:04:1a:38: 14:8f:b2:4a:96:97:29:61:9c:7f:42:1a:cf:90:9d:02:e4:f9: 8d:03:aa:69:99:0b:92:73:99:46:c2:97:46:0f:3d:cd:d1:1c: c2:4b:67:f3:ff:78:6c:2a:1e:1e:fa:5b:f3:8b:1e:c8:16:05: 9b:94:ac:67 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUBx2D5d4IrqMiZJuhL2e0+kGA7H4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MTEyMjAwMDAwMFoX DTI0MTIyNzIzNTk1OVowejFJMEcGA1UEBRNAYTZhMmY5YmVmNjcxNDM3MTRjZGU0 OTNkOTdiYjFiODVlMGEzNzk2YmJhZWI4MzVmNjc3ZDRkMjliMWE2YjRhYjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Zdrgp6O55kwopIW8u3BvQfwf5db /WrUPaBeYefEcCb/2gF+z9vbWgsmsvbwg7Gu8TCzIgICQE9kCrZhx98xIiHlpVoU fKi696F9GPr9paD7z9yY6iQPuVr8QzItGlU7r7sATgyTkmgWgqwnI8KN+XH+Avqi a4QGeeGBfdfO34YhzUcnIFEycQUZFZkHt/J66ZkD9ZFCQ9bYOn2a8Lm0uBluU8Yu ZG5GpYecDVTcjy4D+Xkvi/DVzLGDr0pNpXWSqJ1dy07Aprs5veYX7ZxW2n0g7iRk gd0wAC9YgkT4GbejENqNTz4nqRaZJik0NJKQ75Y13GJDkuYtuvP1qwqShQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFM0kZAWPgwChOJmsDeiShwMXAN0VMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzlmYjI4YTk1LWY1YmItNDg2OC05YWIzLTdkODNkNTE0MjUzOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZxXwMA0GCSqGSIb3DQEBCwUAA4IBAQBgLGLt++m2QOcoKF+uwBj3 n1XD5XClF3Qw+IYWsUCq3tDJ4SxzIHfnOVrC7lSW9n+z0D9Afl79Ok14Kbzoj2A6 TAAyPbAvmE43EiQMW9ypX6iN8lb/zJSmF0rPriliBsDyVSCKmM4gtXxVLF4zEs/L qCf2qu746j7qpJJVirEvVHZh8AOZsZdqPeHTTC1P7eGcXqRHXZz5pniS3KFy0FHC +yq++d0eksQSZA9JlBdGd2k+ffF5F/6s/ei2ZotRUMVzKwkEGjgUj7JKlpcpYZx/ QhrPkJ0C5PmNA6ppmQuSc5lGwpdGDz3N0RzCS2fz/3hsKh4e+lvzix7IFgWblKxn -----END CERTIFICATE-----Generated at Fri Nov 22 02:08:48 2024 by rpki-client on console-fra.rpki-client.org