$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b57ae4d2-1a53-47c1-8b07-cfaa3aa964d9.roa File: b57ae4d2-1a53-47c1-8b07-cfaa3aa964d9.roa (raw, json) Hash identifier: KJaudS+5N/F+v7sjaUvsSW1xTZgwPQKr/i9y6gMGIqs= Subject key identifier: 6D:03:42:3B:81:C3:3C:70:FD:EB:AA:A1:E7:D5:2F:BA:3D:EF:5F:C0 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 1D0F391DE076B7D87F4A157B22BE0A2230C4BBF9 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b57ae4d2-1a53-47c1-8b07-cfaa3aa964d9.roa Signing time: Fri 19 Apr 2024 00:00:00 +0000 ROA not before: Fri 19 Apr 2024 00:00:00 +0000 ROA not after: Fri 24 May 2024 23:59:59 +0000 asID: 8987 IP address blocks: 43.224.144.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 05 May 2024 15:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:0f:39:1d:e0:76:b7:d8:7f:4a:15:7b:22:be:0a:22:30:c4:bb:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Apr 19 00:00:00 2024 GMT Not After : May 24 23:59:59 2024 GMT Subject: serialNumber=ffd2808c4cf3fdc3056473b579556f9a90088580f69556ae961e4a4b179b9d03, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:55:77:94:e3:62:20:95:c7:1a:46:d7:53:0b: 9f:49:43:38:57:d9:fd:ba:da:a8:df:d7:50:eb:68: a4:5b:44:72:91:ee:4c:5a:bc:80:e7:ab:27:74:3b: d8:02:39:c7:0b:7d:b9:ce:87:c0:2d:09:09:d6:74: 3a:a7:af:b1:36:31:d8:37:cb:e1:95:66:71:5a:b8: 28:da:bb:a4:1d:20:1b:a2:a3:b0:96:5b:93:78:1c: c8:58:40:d5:83:35:fa:65:70:99:ef:ac:16:df:51: e3:da:ac:9b:f9:96:f2:12:42:7a:04:cc:7d:7e:9a: 7c:7b:97:8d:07:fd:bf:75:86:b6:ea:f3:83:c4:0b: 41:7c:3f:b0:c2:06:7b:01:dd:e5:a9:7b:69:5e:2f: a0:34:32:3a:96:db:a3:78:d1:97:ab:75:27:f9:d2: 9c:f6:36:ef:61:ac:1c:40:5c:8c:dc:7a:6f:20:c5: 7e:93:d5:b2:0e:c4:40:d4:02:5d:bf:e3:ca:68:0e: bf:cd:35:5a:80:c9:b4:a2:cc:a2:2f:b3:c1:bb:ef: 67:cc:ba:17:dc:a6:f3:79:a3:5d:f7:11:e1:9d:93: ca:34:1d:bd:c8:77:5b:d5:ae:be:02:a5:67:81:a4: 74:08:79:0e:25:7e:cf:f3:c4:57:d0:de:3d:ce:9d: 24:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:03:42:3B:81:C3:3C:70:FD:EB:AA:A1:E7:D5:2F:BA:3D:EF:5F:C0 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b57ae4d2-1a53-47c1-8b07-cfaa3aa964d9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.224.144.0/22 Signature Algorithm: sha256WithRSAEncryption 31:43:dd:d9:d4:89:bc:bf:12:d0:c3:4c:7b:5c:a9:9e:8e:76: 47:cd:a5:65:6e:b2:5f:5f:4d:38:96:05:46:21:7b:d5:10:73: 15:9f:e0:6a:62:d5:33:7b:72:4e:4d:94:32:95:4a:10:79:86: 7b:fb:55:4f:ee:6e:ce:c8:a8:37:f4:f2:68:3a:56:ce:a4:0c: 24:f1:9f:3a:bf:15:b2:69:da:64:53:aa:e0:35:8e:19:6d:88: ec:c6:ff:bb:82:91:a9:c9:31:b6:31:10:38:03:d7:47:cd:31: ce:0d:b9:dd:1d:46:47:6d:78:c5:48:38:fd:c4:78:20:f6:23: 80:f1:1b:25:c2:fb:72:02:62:37:25:6b:4c:89:88:5c:8e:4d: ae:8f:88:c9:31:d7:00:b8:3d:8e:e9:8f:f1:07:39:28:88:58: dd:f7:15:f5:16:b1:de:a3:21:0b:2d:f2:88:7b:c5:d8:55:88: 49:28:96:54:5a:79:f7:d3:7d:55:c5:54:f6:d8:47:3f:36:b9: 27:81:0c:13:4a:ac:b7:40:67:f9:cd:8f:10:a9:4e:a0:17:d6: 62:7b:ab:f9:3a:d6:b3:59:ba:9c:ef:63:0e:13:ef:72:72:7b: 6d:b3:3e:53:b5:2f:db:c9:46:0c:8c:53:a7:b8:b3:e6:3c:07: 14:7a:6d:9d -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUHQ85HeB2t9h/ShV7Ir4KIjDEu/kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MDQxOTAwMDAwMFoX DTI0MDUyNDIzNTk1OVowejFJMEcGA1UEBRNAZmZkMjgwOGM0Y2YzZmRjMzA1NjQ3 M2I1Nzk1NTZmOWE5MDA4ODU4MGY2OTU1NmFlOTYxZTRhNGIxNzliOWQwMzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFV3lONiIJXHGkbXUwufSUM4V9n9 utqo39dQ62ikW0Ryke5MWryA56sndDvYAjnHC325zofALQkJ1nQ6p6+xNjHYN8vh lWZxWrgo2rukHSAboqOwlluTeBzIWEDVgzX6ZXCZ76wW31Hj2qyb+ZbyEkJ6BMx9 fpp8e5eNB/2/dYa26vODxAtBfD+wwgZ7Ad3lqXtpXi+gNDI6ltujeNGXq3Un+dKc 9jbvYawcQFyM3HpvIMV+k9WyDsRA1AJdv+PKaA6/zTVagMm0osyiL7PBu+9nzLoX 3KbzeaNd9xHhnZPKNB29yHdb1a6+AqVngaR0CHkOJX7P88RX0N49zp0koQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFG0DQjuBwzxw/euqoefVL7o971/AMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2I1N2FlNGQyLTFhNTMtNDdjMS04YjA3LWNmYWEzYWE5NjRkOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK+CQMA0GCSqGSIb3DQEBCwUAA4IBAQAxQ93Z1Im8vxLQw0x7XKme jnZHzaVlbrJfX004lgVGIXvVEHMVn+BqYtUze3JOTZQylUoQeYZ7+1VP7m7OyKg3 9PJoOlbOpAwk8Z86vxWyadpkU6rgNY4ZbYjsxv+7gpGpyTG2MRA4A9dHzTHODbnd HUZHbXjFSDj9xHgg9iOA8RslwvtyAmI3JWtMiYhcjk2uj4jJMdcAuD2O6Y/xBzko iFjd9xX1FrHeoyELLfKIe8XYVYhJKJZUWnn3031VxVT22Ec/NrkngQwTSqy3QGf5 zY8QqU6gF9Zie6v5OtazWbqc72MOE+9ycnttsz5TtS/byUYMjFOnuLPmPAcUem2d -----END CERTIFICATE-----Generated at Wed May 1 15:36:36 2024 by rpki-client on console-ams.rpki-client.org