$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa File: c759ed47-7de1-4858-b207-c77b1f7d2c35.roa (raw, json) Hash identifier: NfQ4KYjQYalAZwlXg5oTAXqglm6OtH9Z145LCM2tbLs= Subject key identifier: 2B:28:A9:F4:DE:F7:93:0F:13:D9:BB:2B:27:22:5C:A1:E2:E4:B8:41 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 328A8D72159ACBD1FFA51AB546A139F5D6966C22 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa Signing time: Mon 25 Mar 2024 00:00:00 +0000 ROA not before: Mon 25 Mar 2024 00:00:00 +0000 ROA not after: Mon 29 Apr 2024 23:59:59 +0000 asID: 16509 IP address blocks: 103.21.240.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Mar 2024 03:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:8a:8d:72:15:9a:cb:d1:ff:a5:1a:b5:46:a1:39:f5:d6:96:6c:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Mar 25 00:00:00 2024 GMT Not After : Apr 29 23:59:59 2024 GMT Subject: serialNumber=755659150f8b8598b9ed115d708890f694f2612a2a2e7beb40c179b97af586cb, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:af:c9:94:cf:22:d6:a7:00:30:bd:31:4e:f5: f2:45:33:a8:27:b7:10:3b:b2:0d:c9:5a:aa:97:8f: 5c:63:c7:3f:e0:3b:62:ed:ce:8f:35:c7:5a:34:99: dc:e5:7c:4e:65:fc:69:05:96:f1:60:1a:e5:ab:d3: e5:64:9f:db:df:9c:81:f3:f8:cd:da:cc:65:2b:45: 15:45:29:53:eb:6f:a5:08:b8:65:75:a1:d3:37:39: 52:11:72:67:84:64:76:c3:aa:a0:30:5f:9e:a7:da: 13:75:34:c2:ab:ff:37:8f:85:21:df:bc:72:f2:bc: b7:31:62:3d:c8:f6:f8:12:7c:f6:9b:90:33:2c:b7: 3b:13:a3:03:56:0e:b6:b3:19:31:34:9e:ca:d7:86: 37:44:cd:5c:20:2c:b0:35:b6:e2:53:0c:9f:2d:86: 2b:f8:6f:67:cf:97:e8:b0:a6:13:23:cf:1f:f3:ae: 0f:52:37:86:53:37:b0:fa:84:00:2a:cf:4f:da:71: c7:16:56:6c:28:bd:e9:98:d8:80:24:01:44:05:fc: 94:05:a7:1e:1e:6c:0a:40:7e:78:30:06:f9:bb:ab: 67:a3:8c:e5:25:18:e4:e2:24:a4:9a:70:47:e8:b1: 98:26:55:a2:f6:3a:dd:56:25:6f:ef:6c:b4:6a:ec: e4:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:28:A9:F4:DE:F7:93:0F:13:D9:BB:2B:27:22:5C:A1:E2:E4:B8:41 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.21.240.0/22 Signature Algorithm: sha256WithRSAEncryption 58:83:6c:88:d2:e7:d5:bb:de:01:13:04:72:06:a7:f4:ab:5f: d5:37:57:29:b8:db:45:c9:73:a8:b8:0b:15:b2:a2:63:a0:2f: 93:f9:87:7c:cd:73:2f:89:37:a8:f0:14:48:7d:6e:c5:16:ad: 5a:b4:e1:c2:23:77:42:b4:6d:b9:b7:7c:b6:89:99:83:e7:29: 23:77:fb:8a:de:a4:19:cd:c8:74:1b:89:69:fa:37:8f:35:78: d8:9c:a0:36:5a:e8:d3:31:ea:be:f0:14:19:a6:d0:68:2b:45: 02:e7:1e:ca:bb:33:1b:77:ba:f3:ce:39:bd:3e:08:3a:84:1b: c9:3f:99:95:c7:a7:b3:b9:48:23:27:af:2f:98:f0:b3:55:8c: a6:58:da:de:6e:53:16:99:e8:10:cb:8a:18:ab:d5:17:b1:44: 1c:f1:d6:2e:b0:1f:d1:e7:96:3e:8a:ae:9b:02:c9:da:5a:ad: f5:c4:f2:db:c6:bc:7f:fa:65:0f:83:03:4e:fa:94:dd:21:7a: 2c:58:78:2f:ac:c4:7e:67:82:98:9a:39:d9:a4:79:20:88:82: 0a:77:b2:b7:c2:65:11:29:bc:23:d0:22:1c:a5:04:ed:92:aa: 4e:9e:62:78:35:3a:4e:f7:d2:cb:49:5c:e3:a5:0e:fa:2f:1c: fd:09:7d:81 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUMoqNchWay9H/pRq1RqE59daWbCIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MDMyNTAwMDAwMFoX DTI0MDQyOTIzNTk1OVowejFJMEcGA1UEBRNANzU1NjU5MTUwZjhiODU5OGI5ZWQx MTVkNzA4ODkwZjY5NGYyNjEyYTJhMmU3YmViNDBjMTc5Yjk3YWY1ODZjYjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArK/JlM8i1qcAML0xTvXyRTOoJ7cQ O7INyVqql49cY8c/4Dti7c6PNcdaNJnc5XxOZfxpBZbxYBrlq9PlZJ/b35yB8/jN 2sxlK0UVRSlT62+lCLhldaHTNzlSEXJnhGR2w6qgMF+ep9oTdTTCq/83j4Uh37xy 8ry3MWI9yPb4Enz2m5AzLLc7E6MDVg62sxkxNJ7K14Y3RM1cICywNbbiUwyfLYYr +G9nz5fosKYTI88f864PUjeGUzew+oQAKs9P2nHHFlZsKL3pmNiAJAFEBfyUBace HmwKQH54MAb5u6tno4zlJRjk4iSkmnBH6LGYJlWi9jrdViVv72y0auzk0QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFCsoqfTe95MPE9m7KyciXKHi5LhBMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M3NTllZDQ3LTdkZTEtNDg1OC1iMjA3LWM3N2IxZjdkMmMzNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZxXwMA0GCSqGSIb3DQEBCwUAA4IBAQBYg2yI0ufVu94BEwRyBqf0 q1/VN1cpuNtFyXOouAsVsqJjoC+T+Yd8zXMviTeo8BRIfW7FFq1atOHCI3dCtG25 t3y2iZmD5ykjd/uK3qQZzch0G4lp+jePNXjYnKA2WujTMeq+8BQZptBoK0UC5x7K uzMbd7rzzjm9Pgg6hBvJP5mVx6ezuUgjJ68vmPCzVYymWNreblMWmegQy4oYq9UX sUQc8dYusB/R55Y+iq6bAsnaWq31xPLbxrx/+mUPgwNO+pTdIXosWHgvrMR+Z4KY mjnZpHkgiIIKd7K3wmURKbwj0CIcpQTtkqpOnmJ4NTpO99LLSVzjpQ76Lxz9CX2B -----END CERTIFICATE-----Generated at Thu Mar 28 16:47:17 2024 by rpki-client on console-fra.rpki-client.org