$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa File: c759ed47-7de1-4858-b207-c77b1f7d2c35.roa (raw, json) Hash identifier: v0Q/+FzBB25Y43PuFp1YiU8fPyimezlYhT4BRh5AHeo= Subject key identifier: 60:88:04:66:D8:62:ED:E2:56:FA:42:28:42:13:F3:DC:A4:DF:C5:4A Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 7ADD26A38E810A6A9E1B137E335EC9BF03FABED6 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa Signing time: Sat 30 Sep 2023 00:00:00 +0000 ROA not before: Sat 30 Sep 2023 00:00:00 +0000 ROA not after: Sat 04 Nov 2023 23:59:59 +0000 asID: 16509 IP address blocks: 103.21.240.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 01 Oct 2023 12:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:dd:26:a3:8e:81:0a:6a:9e:1b:13:7e:33:5e:c9:bf:03:fa:be:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Sep 30 00:00:00 2023 GMT Not After : Nov 4 23:59:59 2023 GMT Subject: serialNumber=1aa23372392cf5da1c864e76177d4119260c81bc38f98bccae2bdf8697107124, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:f4:af:7b:99:77:75:29:2f:f8:8b:51:cb:6d: 41:28:25:a5:5c:0b:74:ee:7b:42:12:5b:7e:91:dc: 9f:1a:a8:79:be:0b:17:ea:e1:04:46:e0:c3:9a:c2: ba:d0:c8:26:34:32:85:9c:20:c2:0f:01:67:8a:45: b6:6f:1d:a1:28:de:29:4c:dd:c8:6d:2d:9a:17:57: 27:8c:a1:dc:ed:63:bc:3d:25:49:84:46:aa:66:9a: 63:cc:22:8d:9a:d3:b1:d0:7b:57:54:8d:fc:0e:18: 65:30:e8:af:3d:5e:29:70:ec:ee:a9:62:7a:54:e0: ba:d1:b4:fb:95:ce:33:38:f4:d5:91:b3:1b:d7:8a: 34:44:c4:be:57:c9:5e:2f:74:9a:d2:9f:9a:86:67: 17:0c:a1:30:82:9e:11:03:a3:31:5a:e8:77:26:16: a4:8b:ee:45:4c:8d:5f:d4:bd:ea:53:1e:35:74:29: e7:63:4d:21:ee:66:ad:83:2e:33:2e:6f:b3:e8:06: 20:71:2a:0c:83:d4:58:f1:fc:70:db:79:53:31:c7: 89:8c:24:df:0e:7b:77:4e:93:9e:71:64:0f:ce:39: 7b:d6:8f:20:d8:ad:bf:ea:a6:85:67:ca:eb:50:10: 3f:34:9b:3a:17:06:46:b3:26:01:cf:63:2c:36:57: 9e:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:88:04:66:D8:62:ED:E2:56:FA:42:28:42:13:F3:DC:A4:DF:C5:4A X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c759ed47-7de1-4858-b207-c77b1f7d2c35.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.21.240.0/22 Signature Algorithm: sha256WithRSAEncryption 74:40:92:6e:94:68:49:59:90:72:3a:45:5a:ba:bc:36:2a:9a: 21:a8:aa:cc:73:03:4a:df:63:43:e8:00:2b:f6:31:9d:49:78: 29:cd:3f:c2:41:f2:16:40:e3:7a:3c:e7:31:28:79:85:af:d4: a0:b8:48:84:27:41:cd:93:8c:b9:a5:b3:ab:03:88:7a:46:b2: 69:ce:c6:2d:97:2c:9e:cc:e3:12:ef:4c:68:04:43:43:06:a2: ce:51:86:60:81:57:ca:55:92:9f:3b:1d:4b:bf:50:30:7d:fe: b3:5d:89:fe:91:f1:2f:38:4e:21:9b:8f:45:47:49:e2:73:e5: 4a:fd:e9:ee:ce:64:be:ec:e5:49:dd:f1:67:fa:ed:1c:ad:d3: f6:5a:3d:d6:99:3b:79:32:e6:e9:0d:02:73:b7:e9:d0:26:b8: ab:c1:e1:3d:33:9a:ce:59:e9:b5:88:17:1c:a0:8d:2f:4f:a2: 95:2a:17:ad:68:64:f4:28:91:3d:e2:01:4a:27:bc:bc:b2:9a: e6:28:32:f7:d5:2b:0d:7b:cc:e0:aa:4d:3b:48:90:89:5d:77: d1:34:66:43:f4:e1:57:ee:93:a2:fc:8d:34:cd:e5:b4:85:48: a5:6b:fa:4d:5f:62:e0:20:ca:00:d8:76:2d:a0:e5:71:a1:b7: 0e:a4:84:b9 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUet0mo46BCmqeGxN+M17JvwP6vtYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTIzMDkzMDAwMDAwMFoX DTIzMTEwNDIzNTk1OVowejFJMEcGA1UEBRNAMWFhMjMzNzIzOTJjZjVkYTFjODY0 ZTc2MTc3ZDQxMTkyNjBjODFiYzM4Zjk4YmNjYWUyYmRmODY5NzEwNzEyNDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vSve5l3dSkv+ItRy21BKCWlXAt0 7ntCElt+kdyfGqh5vgsX6uEERuDDmsK60MgmNDKFnCDCDwFnikW2bx2hKN4pTN3I bS2aF1cnjKHc7WO8PSVJhEaqZppjzCKNmtOx0HtXVI38DhhlMOivPV4pcOzuqWJ6 VOC60bT7lc4zOPTVkbMb14o0RMS+V8leL3Sa0p+ahmcXDKEwgp4RA6MxWuh3Jhak i+5FTI1f1L3qUx41dCnnY00h7matgy4zLm+z6AYgcSoMg9RY8fxw23lTMceJjCTf Dnt3TpOecWQPzjl71o8g2K2/6qaFZ8rrUBA/NJs6FwZGsyYBz2MsNleeqQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFGCIBGbYYu3iVvpCKEIT89yk38VKMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M3NTllZDQ3LTdkZTEtNDg1OC1iMjA3LWM3N2IxZjdkMmMzNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCZxXwMA0GCSqGSIb3DQEBCwUAA4IBAQB0QJJulGhJWZByOkVaurw2 KpohqKrMcwNK32ND6AAr9jGdSXgpzT/CQfIWQON6POcxKHmFr9SguEiEJ0HNk4y5 pbOrA4h6RrJpzsYtlyyezOMS70xoBENDBqLOUYZggVfKVZKfOx1Lv1Awff6zXYn+ kfEvOE4hm49FR0nic+VK/enuzmS+7OVJ3fFn+u0crdP2Wj3WmTt5MubpDQJzt+nQ JrirweE9M5rOWem1iBccoI0vT6KVKhetaGT0KJE94gFKJ7y8sprmKDL31SsNe8zg qk07SJCJXXfRNGZD9OFX7pOi/I00zeW0hUila/pNX2LgIMoA2HYtoOVxobcOpIS5 -----END CERTIFICATE-----Generated at Sat Sep 30 00:19:18 2023 by rpki-client on console-fra.rpki-client.org