$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b57ae4d2-1a53-47c1-8b07-cfaa3aa964d9.roa File: b57ae4d2-1a53-47c1-8b07-cfaa3aa964d9.roa (raw, json) Hash identifier: wU+d9oNzdHDoEUXYSJy1ads2cAabt7bfMkX0HHn2Ps0= Subject key identifier: 69:A7:AC:CE:A3:EC:4C:81:31:F4:3F:2B:5D:87:68:26:EA:F9:90:F4 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 297D1357894DC1D73C2F2D772229B9F74E08DAFB Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b57ae4d2-1a53-47c1-8b07-cfaa3aa964d9.roa Signing time: Wed 06 Nov 2024 00:00:00 +0000 ROA not before: Wed 06 Nov 2024 00:00:00 +0000 ROA not after: Wed 11 Dec 2024 23:59:59 +0000 asID: 8987 IP address blocks: 43.224.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:28:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:7d:13:57:89:4d:c1:d7:3c:2f:2d:77:22:29:b9:f7:4e:08:da:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Nov 6 00:00:00 2024 GMT Not After : Dec 11 23:59:59 2024 GMT Subject: serialNumber=ea57e623a87a9b2c47e0f400af44c33397cb26973122fd8699b232cd64450b5c, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:ab:7d:cc:b2:14:93:3c:17:78:92:a6:c3:4a: fa:ab:6b:e2:00:61:b4:ea:90:f8:a7:a6:a4:0e:86: dc:08:00:fe:f8:1e:1d:52:82:65:ce:d8:9a:31:29: 02:87:39:e5:59:8f:e8:9f:ba:72:90:11:2b:be:b0: ce:8b:75:09:be:ca:44:15:dc:26:19:28:6d:b1:73: 1a:44:e1:4e:6b:b6:6b:a3:a8:b0:df:ac:28:bf:0c: a9:c5:55:69:5c:94:61:e0:57:10:40:51:3c:02:ff: 98:33:af:cd:da:86:a3:ac:57:7e:42:db:66:a3:ca: b8:58:d8:b2:e1:42:8e:72:96:01:dd:41:f0:ad:83: 6f:c1:94:8d:2e:0f:37:0c:81:c1:68:fa:19:32:08: ab:39:fe:52:2a:0a:79:1a:1c:bd:61:c0:14:d6:7b: 63:31:ed:24:6d:97:d6:ed:71:ee:eb:a7:bf:a7:c4: 31:8e:b0:7c:15:6b:3d:1f:4b:f9:33:7e:23:82:c1: 60:db:e9:f9:d6:be:30:63:43:18:12:fb:db:90:d2: 0f:82:0d:20:5f:d2:7e:8b:c1:45:a3:84:05:ac:7c: b2:ea:70:09:d5:ae:b3:8c:31:fc:06:3a:8f:71:6c: db:eb:8d:29:32:38:b3:e1:f1:fe:8c:92:03:b7:dd: 11:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:A7:AC:CE:A3:EC:4C:81:31:F4:3F:2B:5D:87:68:26:EA:F9:90:F4 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b57ae4d2-1a53-47c1-8b07-cfaa3aa964d9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.144.0/22 Signature Algorithm: sha256WithRSAEncryption 4e:1a:64:28:7d:44:98:2f:b3:84:3a:68:f4:f4:48:e8:49:b8: ee:fd:a5:d2:eb:72:32:0f:5e:84:d0:46:f7:68:9b:16:5c:9f: bd:3d:19:56:42:0b:89:50:f6:dd:0d:0f:fd:dc:b4:ab:bf:8a: 45:08:84:f7:ad:a1:83:8b:f8:16:78:8c:81:84:80:ff:67:ec: 19:4b:3e:47:be:30:c9:c1:38:fd:7c:1b:5d:76:58:d2:fa:a1: ee:7e:e9:b8:89:1c:0b:08:88:2b:d6:e7:2b:db:8e:26:ed:fe: a5:21:cd:13:e1:89:dd:b3:a2:e6:74:08:20:61:c3:25:89:d8: f2:39:3c:44:9a:72:10:48:ce:3c:9f:71:f5:87:e3:a8:bb:6f: 4b:49:e0:a1:a9:60:09:49:3c:17:54:a4:47:b1:19:28:0b:f2: 4e:c5:1c:cd:57:44:e0:72:26:73:ac:37:1b:a6:be:18:b2:a0: 9d:83:0e:ac:1f:14:7a:04:83:78:f2:51:84:5f:df:a1:cd:5a: d0:1a:2b:90:11:00:b7:4b:0d:88:a2:bf:aa:4e:7a:9e:6b:26: 06:15:1c:6d:77:00:00:02:32:66:f6:08:ac:12:8f:86:6b:ee: 33:f0:36:e5:55:6a:0c:c9:22:e8:d0:f1:66:dc:cf:36:e5:b3: 6f:10:42:ef -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUKX0TV4lNwdc8Ly13Iim5904I2vswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MTEwNjAwMDAwMFoX DTI0MTIxMTIzNTk1OVowejFJMEcGA1UEBRNAZWE1N2U2MjNhODdhOWIyYzQ3ZTBm NDAwYWY0NGMzMzM5N2NiMjY5NzMxMjJmZDg2OTliMjMyY2Q2NDQ1MGI1YzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5at9zLIUkzwXeJKmw0r6q2viAGG0 6pD4p6akDobcCAD++B4dUoJlztiaMSkChznlWY/on7pykBErvrDOi3UJvspEFdwm GShtsXMaROFOa7Zro6iw36wovwypxVVpXJRh4FcQQFE8Av+YM6/N2oajrFd+Qttm o8q4WNiy4UKOcpYB3UHwrYNvwZSNLg83DIHBaPoZMgirOf5SKgp5Ghy9YcAU1ntj Me0kbZfW7XHu66e/p8QxjrB8FWs9H0v5M34jgsFg2+n51r4wY0MYEvvbkNIPgg0g X9J+i8FFo4QFrHyy6nAJ1a6zjDH8BjqPcWzb640pMjiz4fH+jJIDt90RlwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFGmnrM6j7EyBMfQ/K12HaCbq+ZD0MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2I1N2FlNGQyLTFhNTMtNDdjMS04YjA3LWNmYWEzYWE5NjRkOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+CQMA0GCSqGSIb3DQEBCwUAA4IBAQBOGmQofUSYL7OEOmj09Ejo Sbju/aXS63IyD16E0Eb3aJsWXJ+9PRlWQguJUPbdDQ/93LSrv4pFCIT3raGDi/gW eIyBhID/Z+wZSz5HvjDJwTj9fBtddljS+qHufum4iRwLCIgr1ucr244m7f6lIc0T 4Ynds6LmdAggYcMlidjyOTxEmnIQSM48n3H1h+Oou29LSeChqWAJSTwXVKRHsRko C/JOxRzNV0TgciZzrDcbpr4YsqCdgw6sHxR6BIN48lGEX9+hzVrQGiuQEQC3Sw2I or+qTnqeayYGFRxtdwAAAjJm9gisEo+Ga+4z8DblVWoMySLo0PFm3M825bNvEELv -----END CERTIFICATE-----Generated at Fri Nov 22 02:08:48 2024 by rpki-client on console-fra.rpki-client.org