$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa File: b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa (raw, json) Hash identifier: 9+mpM5pBys6QhclLFIGkHqtAzXsCHeUCXDBnT4HROlM= Subject key identifier: E1:2D:1E:C9:62:A0:3C:1F:E9:83:1E:BB:88:B6:F8:04:25:C9:A6:D6 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 41107D5887373C9731E9B56393BE5FDECD39F832 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa Signing time: Mon 25 Mar 2024 00:00:00 +0000 ROA not before: Mon 25 Mar 2024 00:00:00 +0000 ROA not after: Mon 29 Apr 2024 23:59:59 +0000 asID: 16509 IP address blocks: 43.224.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Apr 2024 12:01:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:10:7d:58:87:37:3c:97:31:e9:b5:63:93:be:5f:de:cd:39:f8:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Mar 25 00:00:00 2024 GMT Not After : Apr 29 23:59:59 2024 GMT Subject: serialNumber=a12f57011436d2757cebf69277ebd33b2186fca2e75ec27039e9768ba8684577, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:60:48:b9:5a:1c:ac:55:43:95:61:d6:e3:2d: 40:7c:a0:79:69:2d:86:dd:9e:e6:f7:b6:62:0a:31: 98:60:d1:bb:1d:a5:ca:55:6f:ea:7d:91:71:2c:ed: 43:5c:a2:b4:31:67:63:ad:91:59:2a:b6:58:32:02: 26:00:d6:69:a5:da:81:3e:6a:c4:38:a2:f9:16:ec: 3c:f3:89:82:4d:91:ef:53:e0:db:5e:00:c4:89:d1: bf:eb:bb:e5:22:76:23:1c:74:e3:45:6f:89:cb:ff: 57:fa:a3:af:fd:e0:5c:ce:b6:dc:52:f0:9b:7b:90: d1:6c:72:f9:28:d3:0d:95:ca:eb:2a:00:48:08:d5: 0f:95:ce:5b:0c:a0:11:f0:6a:9f:94:b8:9b:7d:f6: 93:46:fe:cd:44:44:46:71:5a:ab:37:bd:ab:4f:bc: 05:0a:56:44:fd:94:18:c3:7c:8f:e3:45:ff:07:e8: 73:17:14:f8:91:1d:df:7f:c7:24:97:c1:1a:f7:ec: 5a:88:4e:df:62:be:11:2c:46:cb:3e:90:41:70:4a: 50:49:4a:c1:b6:64:3d:6a:e7:04:ee:94:6f:42:af: 23:d4:46:a8:ac:d1:df:be:58:f4:7a:e2:46:c7:28: 4b:ce:72:d0:c5:f5:e9:89:04:30:eb:fc:a8:95:7b: ab:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:2D:1E:C9:62:A0:3C:1F:E9:83:1E:BB:88:B6:F8:04:25:C9:A6:D6 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.144.0/22 Signature Algorithm: sha256WithRSAEncryption 34:e3:91:95:72:94:a9:4c:54:7b:18:1b:a5:c0:e0:eb:f9:af: 48:cc:dd:03:30:88:30:ea:03:65:cf:5c:13:27:9c:3e:cf:87: fb:a4:0b:5b:6e:0e:e0:bf:82:4d:d9:f5:09:a0:a1:c4:93:c8: 23:aa:06:bc:2f:48:1e:a4:6c:ac:49:59:5d:95:94:82:c9:b8: ea:16:4a:f9:74:27:ff:c6:fd:db:b3:cf:5e:aa:b1:6c:3f:6a: b4:fc:c8:d3:d9:11:f3:f9:98:c5:1a:f6:08:27:9a:f0:cd:7a: 1d:a6:a3:bb:0a:ea:2e:11:8b:6d:ac:3f:f2:5a:fd:96:08:21: d2:9a:71:75:48:aa:79:1b:51:46:95:17:23:52:15:98:91:cd: 08:25:4f:90:ca:cd:2b:e6:8e:d9:7b:19:bd:67:be:ce:9f:4a: 42:d5:01:cb:06:42:2c:f7:ba:ce:6e:3a:47:c3:e8:53:85:9b: ee:64:a9:b0:cd:fe:85:91:70:b4:07:8f:63:eb:14:d1:7f:d4: ef:1d:32:30:94:ca:93:dd:5f:ec:74:cd:9c:52:6f:a7:26:94: 33:68:96:17:ef:3e:9a:8e:28:9d:56:33:02:df:db:66:99:5e: 36:f1:3f:cc:ff:e9:16:fb:d9:6d:23:be:b9:65:38:bd:db:79: 0e:bd:c8:06 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUQRB9WIc3PJcx6bVjk75f3s05+DIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MDMyNTAwMDAwMFoX DTI0MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAYTEyZjU3MDExNDM2ZDI3NTdjZWJm NjkyNzdlYmQzM2IyMTg2ZmNhMmU3NWVjMjcwMzllOTc2OGJhODY4NDU3NzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2BIuVocrFVDlWHW4y1AfKB5aS2G 3Z7m97ZiCjGYYNG7HaXKVW/qfZFxLO1DXKK0MWdjrZFZKrZYMgImANZppdqBPmrE OKL5Fuw884mCTZHvU+DbXgDEidG/67vlInYjHHTjRW+Jy/9X+qOv/eBczrbcUvCb e5DRbHL5KNMNlcrrKgBICNUPlc5bDKAR8GqflLibffaTRv7NRERGcVqrN72rT7wF ClZE/ZQYw3yP40X/B+hzFxT4kR3ff8ckl8Ea9+xaiE7fYr4RLEbLPpBBcEpQSUrB tmQ9aucE7pRvQq8j1EaorNHfvlj0euJGxyhLznLQxfXpiQQw6/yolXur5QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFOEtHslioDwf6YMeu4i2+AQlyabWMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2IwYzM4ZjAzLTNjZWQtNDg0ZS1hYTViLTdiMDZmMTI1YWQ3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+CQMA0GCSqGSIb3DQEBCwUAA4IBAQA045GVcpSpTFR7GBulwODr +a9IzN0DMIgw6gNlz1wTJ5w+z4f7pAtbbg7gv4JN2fUJoKHEk8gjqga8L0gepGys SVldlZSCybjqFkr5dCf/xv3bs89eqrFsP2q0/MjT2RHz+ZjFGvYIJ5rwzXodpqO7 CuouEYttrD/yWv2WCCHSmnF1SKp5G1FGlRcjUhWYkc0IJU+Qys0r5o7Zexm9Z77O n0pC1QHLBkIs97rObjpHw+hThZvuZKmwzf6FkXC0B49j6xTRf9TvHTIwlMqT3V/s dM2cUm+nJpQzaJYX7z6ajiidVjMC39tmmV428T/M/+kW+9ltI765ZTi923kOvcgG -----END CERTIFICATE-----Generated at Tue Apr 16 00:27:09 2024 by rpki-client on console-fra.rpki-client.org