$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa File: b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa (raw, json) Hash identifier: oDfydNM+DwzAG5czCYUp1younzItP4uCbYjs1HoEzO0= Subject key identifier: 89:C3:2E:3D:C5:04:5C:36:61:D5:6D:E7:F0:20:E0:5D:CD:D3:32:AD Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 2F9926C9619A6D53219463075F68B1CAE0EC517B Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa Signing time: Sat 30 Sep 2023 00:00:00 +0000 ROA not before: Sat 30 Sep 2023 00:00:00 +0000 ROA not after: Sat 04 Nov 2023 23:59:59 +0000 asID: 16509 IP address blocks: 43.224.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 01 Oct 2023 12:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:99:26:c9:61:9a:6d:53:21:94:63:07:5f:68:b1:ca:e0:ec:51:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Sep 30 00:00:00 2023 GMT Not After : Nov 4 23:59:59 2023 GMT Subject: serialNumber=9f5bfbdcc61300c9395c5f8331b55cb1fd2b2d64bf2a9fb6f506db7164a660b6, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:8b:4f:41:65:63:72:96:e1:b3:e5:be:22:dc: a8:2e:ff:15:07:64:00:79:dc:4d:c9:e6:47:79:44: 48:52:6e:d8:b7:8a:cb:3a:d5:a7:e9:ff:2e:1d:62: 63:65:5e:cb:23:03:bb:5f:fa:9a:5f:70:59:ab:80: 71:af:52:95:da:99:3d:7d:dc:f5:95:7d:e6:6b:a6: d8:39:0a:5b:0e:75:a8:6e:e3:74:f6:ec:4e:2a:ca: c5:94:b1:72:8a:73:1e:c1:ad:50:27:92:6b:1b:8a: 46:91:ef:85:73:cc:ee:ad:13:5a:fb:e9:01:41:e2: 19:89:d3:96:1d:6e:30:3a:78:ad:51:47:9d:6a:61: c5:1a:bb:d8:32:b1:79:9e:ad:5b:d3:9e:6a:76:9d: 67:cc:4f:ed:d1:0d:fe:a2:17:73:dd:9a:13:84:99: fe:77:63:f9:39:09:76:66:87:31:b4:97:52:40:01: ac:7f:b9:3f:f8:4d:c4:51:97:a1:e7:f6:cb:af:9e: d2:a5:db:7d:84:43:95:0f:21:b3:98:dc:78:90:bb: 76:b9:3b:83:10:12:8c:aa:42:f0:b3:ef:97:f1:95: b3:d3:f2:fe:f6:2f:3a:cf:e9:51:b5:c4:bc:4a:ac: 09:22:31:1b:24:13:41:fc:eb:fc:c8:a8:b5:2f:2e: 39:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:C3:2E:3D:C5:04:5C:36:61:D5:6D:E7:F0:20:E0:5D:CD:D3:32:AD X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.144.0/22 Signature Algorithm: sha256WithRSAEncryption 07:db:6d:21:04:09:b6:bc:07:90:f5:dc:d6:96:ab:d1:00:0f: c0:75:29:17:a3:cf:59:1c:e0:5d:fc:dc:71:c5:d4:6b:74:5c: ea:7c:7b:a5:30:21:88:a3:6a:21:de:3d:e4:81:1c:91:12:27: 75:00:01:2e:9b:9f:6a:5c:3f:39:cf:07:3f:18:49:2d:7c:89: ee:ae:4a:72:07:84:7b:ac:c6:eb:e5:18:ac:1d:d2:38:7e:22: af:02:88:9d:fa:b8:da:ab:e2:de:6f:d9:11:46:8a:3b:b4:8c: c0:41:0c:55:38:74:e1:3e:a3:1f:46:4e:1d:20:63:65:9c:be: a6:f0:d6:33:60:f1:a8:69:7e:f6:11:2a:06:98:d3:08:6d:dc: 43:3c:32:a3:84:57:91:30:b8:a6:87:34:5e:13:29:20:72:7c: 17:d8:00:d7:a6:16:25:9c:a7:fe:8d:39:66:d6:56:6a:6c:d7: d2:67:91:d9:60:f9:6d:34:52:bd:0a:ef:ea:51:33:b3:65:10: 0f:3d:70:f2:ff:e4:80:51:e8:e4:03:70:29:de:0f:bc:0d:d2: b2:39:ac:20:e1:4d:bc:bb:d4:05:f6:a8:62:08:b8:15:a0:9b: 6a:6a:aa:cc:d8:09:1e:90:cf:82:71:81:15:ec:23:b1:ab:14: 9c:0d:1c:39 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUL5kmyWGabVMhlGMHX2ixyuDsUXswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTIzMDkzMDAwMDAwMFoX DTIzMTEwNDIzNTk1OVowejFJMEcGA1UEBRNAOWY1YmZiZGNjNjEzMDBjOTM5NWM1 ZjgzMzFiNTVjYjFmZDJiMmQ2NGJmMmE5ZmI2ZjUwNmRiNzE2NGE2NjBiNjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxItPQWVjcpbhs+W+ItyoLv8VB2QA edxNyeZHeURIUm7Yt4rLOtWn6f8uHWJjZV7LIwO7X/qaX3BZq4Bxr1KV2pk9fdz1 lX3ma6bYOQpbDnWobuN09uxOKsrFlLFyinMewa1QJ5JrG4pGke+Fc8zurRNa++kB QeIZidOWHW4wOnitUUedamHFGrvYMrF5nq1b055qdp1nzE/t0Q3+ohdz3ZoThJn+ d2P5OQl2ZocxtJdSQAGsf7k/+E3EUZeh5/bLr57Spdt9hEOVDyGzmNx4kLt2uTuD EBKMqkLws++X8ZWz0/L+9i86z+lRtcS8SqwJIjEbJBNB/Ov8yKi1Ly454wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFInDLj3FBFw2YdVt5/Ag4F3N0zKtMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2IwYzM4ZjAzLTNjZWQtNDg0ZS1hYTViLTdiMDZmMTI1YWQ3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+CQMA0GCSqGSIb3DQEBCwUAA4IBAQAH220hBAm2vAeQ9dzWlqvR AA/AdSkXo89ZHOBd/NxxxdRrdFzqfHulMCGIo2oh3j3kgRyREid1AAEum59qXD85 zwc/GEktfInurkpyB4R7rMbr5RisHdI4fiKvAoid+rjaq+Leb9kRRoo7tIzAQQxV OHThPqMfRk4dIGNlnL6m8NYzYPGoaX72ESoGmNMIbdxDPDKjhFeRMLimhzReEykg cnwX2ADXphYlnKf+jTlm1lZqbNfSZ5HZYPltNFK9Cu/qUTOzZRAPPXDy/+SAUejk A3Ap3g+8DdKyOawg4U28u9QF9qhiCLgVoJtqaqrM2AkekM+CcYEV7COxqxScDRw5 -----END CERTIFICATE-----Generated at Sat Sep 30 00:19:18 2023 by rpki-client on console-fra.rpki-client.org