$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9fbd7a58-e139-4ada-86fc-00bddf61bca6.roa File: 9fbd7a58-e139-4ada-86fc-00bddf61bca6.roa (raw, json) Hash identifier: dBZia3VnF1pXXaBZI3cqoxVD4HqAnGvCi4Q3GQsuXoA= Subject key identifier: 31:BB:18:55:64:A1:26:B9:C4:59:3A:D3:1C:28:AC:0D:75:0B:35:9D Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 71D0461DF07E5594AEEFCAA9420CEA991587F886 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9fbd7a58-e139-4ada-86fc-00bddf61bca6.roa Signing time: Sat 06 Apr 2024 00:00:00 +0000 ROA not before: Sat 06 Apr 2024 00:00:00 +0000 ROA not after: Sat 11 May 2024 23:59:59 +0000 asID: 16509 IP address blocks: 103.21.240.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Apr 2024 00:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:d0:46:1d:f0:7e:55:94:ae:ef:ca:a9:42:0c:ea:99:15:87:f8:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 6 00:00:00 2024 GMT Not After : May 11 23:59:59 2024 GMT Subject: serialNumber=626bf7e52159637f6ea552c215ebf06450c68c84eaccace910fb93c12e07fba5, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:c6:04:41:74:b0:f4:e7:a2:d5:c9:3a:b1:65: 4a:f7:a2:b9:b4:15:4d:e1:96:98:bd:55:67:98:58: c9:88:b6:76:16:33:cb:3e:4c:40:f1:16:39:ae:62: 88:2d:1b:43:9c:a7:77:6f:2c:2e:53:dc:1e:6d:74: 8f:48:86:00:b5:a7:48:61:1d:1e:e2:b6:a8:4e:1c: d9:1e:d2:0a:4b:a8:e5:aa:97:5b:c4:f4:32:75:20: db:da:30:7f:8f:76:4e:c3:22:ea:fe:2b:fd:50:d6: fe:22:46:a9:a2:13:48:4c:88:5c:58:2b:4a:d1:51: 59:be:c8:20:2b:46:21:17:2c:02:23:ee:e3:23:92: 7d:e3:11:c3:0a:2d:6f:a4:ef:8f:d0:a8:d5:8e:c6: f3:c8:d9:0f:0b:18:5f:98:7e:07:46:82:95:96:43: cc:0d:e4:61:9e:03:c2:2c:04:a3:ff:d2:57:1e:ec: da:ca:fa:92:cb:2a:f8:5e:c7:bc:c9:13:13:c9:57: 7e:43:8f:ba:7c:2c:0c:70:ab:e7:31:30:db:1b:19: 14:fa:6a:ed:6a:e7:48:86:db:c2:4b:e8:48:71:7c: c4:db:56:a2:e5:a0:1b:7e:c6:c2:02:47:53:ea:f6: d6:ef:d5:cf:ab:be:e0:a0:e5:63:31:95:75:a9:d4: 3b:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:BB:18:55:64:A1:26:B9:C4:59:3A:D3:1C:28:AC:0D:75:0B:35:9D X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9fbd7a58-e139-4ada-86fc-00bddf61bca6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.21.240.0/24 Signature Algorithm: sha256WithRSAEncryption 0c:49:c4:09:57:3b:44:56:a9:4d:70:cd:92:57:b2:e3:4a:3a: 85:3a:18:0a:0e:e2:15:48:cb:16:86:43:9d:c6:e8:87:db:6a: 5c:78:be:26:69:02:f9:7c:71:b7:b0:a6:46:78:b9:64:c3:e0: ec:4b:b9:be:e5:6f:6f:c8:80:24:2c:6c:89:50:f9:2d:1f:a9: 99:1b:ae:b7:ed:5f:90:f9:d3:17:20:3d:cf:02:d8:ca:a1:84: 5a:11:d8:fe:e1:32:e6:65:8e:7e:10:fd:01:7e:a0:7a:b6:8a: dd:6d:93:d8:ad:66:7d:ab:57:36:3b:af:af:3c:60:1d:3b:e4: cf:7d:ae:15:ab:87:89:95:4c:49:0f:4c:e2:6f:e4:97:e4:18: 78:44:0f:af:ed:ef:27:97:f5:8b:b6:9c:0e:32:1a:73:b5:40: af:77:87:ac:97:f0:a0:c7:c9:47:3c:94:65:a1:52:b2:d2:96: f8:b1:18:1e:ac:99:4e:73:ba:55:db:76:48:db:e1:58:31:42: d0:95:df:bb:b1:1b:1d:2b:27:f5:2f:91:d7:ef:61:be:2b:4b: b0:c6:6d:a0:be:d0:8c:c8:e6:0f:40:53:c1:36:f2:7b:89:55: 2a:d3:e6:62:c6:a7:9d:bc:81:6b:a0:bc:0b:e3:8f:a7:2b:ad: d6:b4:eb:d5 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUcdBGHfB+VZSu78qpQgzqmRWH+IYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MDQwNjAwMDAwMFoX DTI0MDUxMTIzNTk1OVowejFJMEcGA1UEBRNANjI2YmY3ZTUyMTU5NjM3ZjZlYTU1 MmMyMTVlYmYwNjQ1MGM2OGM4NGVhY2NhY2U5MTBmYjkzYzEyZTA3ZmJhNTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1sYEQXSw9Oei1ck6sWVK96K5tBVN 4ZaYvVVnmFjJiLZ2FjPLPkxA8RY5rmKILRtDnKd3bywuU9webXSPSIYAtadIYR0e 4raoThzZHtIKS6jlqpdbxPQydSDb2jB/j3ZOwyLq/iv9UNb+IkapohNITIhcWCtK 0VFZvsggK0YhFywCI+7jI5J94xHDCi1vpO+P0KjVjsbzyNkPCxhfmH4HRoKVlkPM DeRhngPCLASj/9JXHuzayvqSyyr4Xse8yRMTyVd+Q4+6fCwMcKvnMTDbGxkU+mrt audIhtvCS+hIcXzE21ai5aAbfsbCAkdT6vbW79XPq77goOVjMZV1qdQ7BwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFDG7GFVkoSa5xFk60xworA11CzWdMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzlmYmQ3YTU4LWUxMzktNGFkYS04NmZjLTAwYmRkZjYxYmNhNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAZxXwMA0GCSqGSIb3DQEBCwUAA4IBAQAMScQJVztEVqlNcM2SV7Lj SjqFOhgKDuIVSMsWhkOdxuiH22pceL4maQL5fHG3sKZGeLlkw+DsS7m+5W9vyIAk LGyJUPktH6mZG6637V+Q+dMXID3PAtjKoYRaEdj+4TLmZY5+EP0BfqB6tordbZPY rWZ9q1c2O6+vPGAdO+TPfa4Vq4eJlUxJD0zib+SX5Bh4RA+v7e8nl/WLtpwOMhpz tUCvd4esl/Cgx8lHPJRloVKy0pb4sRgerJlOc7pV23ZI2+FYMULQld+7sRsdKyf1 L5HX72G+K0uwxm2gvtCMyOYPQFPBNvJ7iVUq0+ZixqedvIFroLwL44+nK63WtOvV -----END CERTIFICATE-----Generated at Sat Apr 20 01:09:32 2024 by rpki-client on console-ams.rpki-client.org