$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa File: b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa (raw, json) Hash identifier: +zAv3koF6RsAM/u6K1RFYJ+cwUZ20v6PR9nEA6NXK0M= Subject key identifier: 05:1E:E6:4E:DF:2E:22:90:B9:ED:6A:32:D3:DF:52:41:0F:E5:2F:E1 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 06CFA818273DE34ECD39A5129F76B39FA71E2682 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa Signing time: Wed 06 Nov 2024 00:00:00 +0000 ROA not before: Wed 06 Nov 2024 00:00:00 +0000 ROA not after: Wed 11 Dec 2024 23:59:59 +0000 asID: 16509 IP address blocks: 43.224.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:28:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:cf:a8:18:27:3d:e3:4e:cd:39:a5:12:9f:76:b3:9f:a7:1e:26:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 6 00:00:00 2024 GMT Not After : Dec 11 23:59:59 2024 GMT Subject: serialNumber=8b2d06cc5b51059a59cb26b3699cb6b0138e0f3feee6e6118357ec2bd0773afe, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:5d:f7:99:c9:67:fb:d7:50:cd:81:af:6b:71: f0:4a:59:e4:97:03:8b:3b:67:aa:6e:44:88:65:48: 28:4f:dd:34:85:cc:6d:6b:60:d0:34:ae:19:2a:4f: b7:2f:d2:de:e9:ef:13:de:d2:f4:82:40:4d:5a:9a: 83:cf:f7:eb:5e:c5:1b:08:05:1f:7d:1b:e0:37:d7: 69:29:1f:d6:fe:0e:5a:01:34:d4:c8:97:01:31:83: 25:55:3a:83:b9:c3:d1:e1:49:76:b6:67:bd:27:25: b4:13:20:b3:34:b3:27:32:8f:45:46:79:1b:07:03: b9:01:04:ad:f2:c6:9f:cd:67:0c:f6:0c:6a:98:f0: 6a:33:04:dd:ca:85:27:4c:e7:8f:79:fa:96:e4:e5: 0c:4a:ec:8d:82:f7:25:62:7f:6a:d8:36:d0:29:44: 4a:e4:7c:fd:2b:ee:60:bf:d8:4d:26:18:18:04:ce: a1:f0:12:47:2c:84:4b:d4:8c:6f:d1:ef:2f:52:21: 77:fc:c0:ec:47:f2:e1:b0:00:4b:0c:a8:c2:71:78: da:1e:5c:96:f1:1f:f6:0a:15:b9:46:13:32:fe:ff: 59:a0:58:45:b5:d5:0e:7f:f3:08:a5:7b:2c:11:6f: 1b:48:3b:3b:d8:9a:a9:91:82:58:25:d9:a7:3b:ad: 53:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:1E:E6:4E:DF:2E:22:90:B9:ED:6A:32:D3:DF:52:41:0F:E5:2F:E1 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.144.0/22 Signature Algorithm: sha256WithRSAEncryption b4:73:75:98:76:f8:00:96:e2:3f:2e:95:bc:db:85:77:f7:83: 0f:b7:0e:ef:65:7b:18:83:9a:a9:d0:af:73:c1:72:f9:3e:13: e8:df:16:d8:a9:f2:e3:f7:3e:70:84:56:8f:d8:ba:e7:b0:9c: 79:87:2b:d5:9e:97:1f:60:82:43:51:c0:6e:a6:34:89:7c:c3: ca:b2:1e:92:17:cf:6d:54:c3:d4:a1:79:06:77:5a:a4:58:94: 57:8d:8c:64:4d:90:e6:59:d0:5b:26:07:58:91:7d:43:0a:43: ce:17:26:57:aa:1f:10:c3:0e:21:9b:90:8d:c7:84:3b:44:a4: 12:57:ee:0d:1f:0e:eb:bb:79:f7:8e:1d:19:b1:e6:3f:19:f5: ae:f1:91:41:4f:e7:f0:29:eb:04:ab:d3:3f:8d:0f:5c:97:f1: 95:4d:e7:c4:90:ff:d4:46:f2:fd:01:ab:27:fb:fc:24:b4:c1: 33:4c:87:f4:2e:38:82:6d:0d:44:e1:23:ec:4e:28:99:79:17: 2e:55:9a:59:da:57:24:59:5e:71:f7:41:a2:e8:b4:73:19:dc: 0c:ca:6b:87:8e:f5:5d:4d:85:7a:82:1a:bb:22:39:bb:af:e4: 02:3f:3a:cc:b4:77:22:d3:ef:48:01:55:ed:d1:43:b6:d3:22: 26:7c:7d:46 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUBs+oGCc9407NOaUSn3azn6ceJoIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MTEwNjAwMDAwMFoX DTI0MTIxMTIzNTk1OVowejFJMEcGA1UEBRNAOGIyZDA2Y2M1YjUxMDU5YTU5Y2Iy NmIzNjk5Y2I2YjAxMzhlMGYzZmVlZTZlNjExODM1N2VjMmJkMDc3M2FmZTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArF33mcln+9dQzYGva3HwSlnklwOL O2eqbkSIZUgoT900hcxta2DQNK4ZKk+3L9Le6e8T3tL0gkBNWpqDz/frXsUbCAUf fRvgN9dpKR/W/g5aATTUyJcBMYMlVTqDucPR4Ul2tme9JyW0EyCzNLMnMo9FRnkb BwO5AQSt8safzWcM9gxqmPBqMwTdyoUnTOePefqW5OUMSuyNgvclYn9q2DbQKURK 5Hz9K+5gv9hNJhgYBM6h8BJHLIRL1Ixv0e8vUiF3/MDsR/LhsABLDKjCcXjaHlyW 8R/2ChW5RhMy/v9ZoFhFtdUOf/MIpXssEW8bSDs72JqpkYJYJdmnO61T+QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFAUe5k7fLiKQue1qMtPfUkEP5S/hMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2IwYzM4ZjAzLTNjZWQtNDg0ZS1hYTViLTdiMDZmMTI1YWQ3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+CQMA0GCSqGSIb3DQEBCwUAA4IBAQC0c3WYdvgAluI/LpW824V3 94MPtw7vZXsYg5qp0K9zwXL5PhPo3xbYqfLj9z5whFaP2LrnsJx5hyvVnpcfYIJD UcBupjSJfMPKsh6SF89tVMPUoXkGd1qkWJRXjYxkTZDmWdBbJgdYkX1DCkPOFyZX qh8Qww4hm5CNx4Q7RKQSV+4NHw7ru3n3jh0ZseY/GfWu8ZFBT+fwKesEq9M/jQ9c l/GVTefEkP/URvL9Aasn+/wktMEzTIf0LjiCbQ1E4SPsTiiZeRcuVZpZ2lckWV5x 90Gi6LRzGdwMymuHjvVdTYV6ghq7Ijm7r+QCPzrMtHci0+9IAVXt0UO20yImfH1G -----END CERTIFICATE-----Generated at Fri Nov 22 02:08:48 2024 by rpki-client on console-fra.rpki-client.org