$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/4708e5f0-c14b-44f3-b781-2e7bad510965.roa File: 4708e5f0-c14b-44f3-b781-2e7bad510965.roa (raw, json) Hash identifier: LDtLRwdaGWrairaVrQVZj+Y2K8/lCSgrCTfafSQQu/I= Subject key identifier: 02:06:7E:A1:BC:74:3A:60:DE:FD:61:09:58:A5:F1:A9:07:1A:65:DC Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 6A7A61644CCA677CA1A71C175C2615354DD02EDD Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/4708e5f0-c14b-44f3-b781-2e7bad510965.roa Signing time: Wed 17 Apr 2024 00:00:00 +0000 ROA not before: Wed 17 Apr 2024 00:00:00 +0000 ROA not after: Wed 22 May 2024 23:59:59 +0000 asID: 8987 IP address blocks: 43.250.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 13 May 2024 00:03:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:7a:61:64:4c:ca:67:7c:a1:a7:1c:17:5c:26:15:35:4d:d0:2e:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Apr 17 00:00:00 2024 GMT Not After : May 22 23:59:59 2024 GMT Subject: serialNumber=a6aee8f58d57747c2702118a3a8d5cb5c6fbc78054c80c4eb364b0a679a08805, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:ec:0f:b9:b7:3e:cf:99:85:30:fc:a7:16:eb: 24:f0:44:e9:23:f4:e9:12:33:09:49:62:a4:4f:0e: 53:4c:18:26:9a:fd:af:63:38:39:ec:07:0f:be:11: 74:ab:46:bd:bf:da:a7:8b:60:e6:45:cb:f5:a7:92: fe:76:06:c0:43:05:1b:ae:27:e9:6c:fd:bb:2c:af: 90:a5:b1:1d:c2:be:36:3c:8f:e4:59:72:7b:b0:cb: f1:ca:7e:8b:e1:ba:1d:d5:9d:5b:77:14:96:f0:60: 56:1d:49:5a:2e:f5:6a:9a:1c:cd:af:95:f7:0c:d1: 23:47:dd:e7:48:c9:7a:25:4f:cb:07:f4:db:bf:e4: 49:08:8c:1c:2b:d3:13:36:74:91:48:03:12:74:43: 23:be:f9:1f:a3:c5:50:bc:a1:e6:8f:10:29:cc:18: 7b:36:bd:09:27:0e:1a:bc:d7:32:cf:07:7e:02:6b: 73:78:f1:b4:d4:4c:1d:fb:8c:e9:b4:21:ed:da:56: 4c:e3:37:a6:7d:77:f2:a3:fb:2f:ec:57:1f:b7:74: 23:a0:3b:fa:5f:f3:70:3a:c8:97:eb:e6:57:a6:63: 7f:c1:87:ef:ea:3c:5c:0a:1c:d1:15:60:e3:7b:08: 0b:05:eb:17:25:9b:07:79:ee:c9:42:29:bf:37:72: 8d:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:06:7E:A1:BC:74:3A:60:DE:FD:61:09:58:A5:F1:A9:07:1A:65:DC X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/4708e5f0-c14b-44f3-b781-2e7bad510965.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.196.0/22 Signature Algorithm: sha256WithRSAEncryption 43:17:0b:ec:02:fc:b0:5d:75:2d:ef:94:b3:4b:ba:39:c9:71: c7:67:1d:6b:eb:6b:b4:97:b3:1f:d3:2c:52:42:c2:1f:92:e8: 25:09:58:e9:2f:fe:01:2d:2b:c9:50:ce:e8:dc:a2:18:37:00: 11:ad:0e:34:b5:e6:f4:b1:15:14:7a:b1:00:8b:5a:3e:47:b9: e9:31:38:01:c9:fb:97:0c:b9:61:ac:ef:da:8d:83:49:ef:d6: 90:85:0c:dc:0c:2a:b7:5e:38:c9:c2:ea:c0:80:d2:d1:33:e0: 61:fc:25:16:ab:59:bc:65:2e:b5:78:49:0e:56:8a:d4:86:e7: 3d:bb:af:43:98:57:95:ed:87:c9:35:ea:1e:60:43:b0:73:3f: 92:62:52:ac:42:b9:6a:2d:4f:14:e3:32:fa:8e:76:b7:fe:20: 4e:3f:ef:47:14:10:18:90:e8:5d:49:a7:ca:43:53:20:dd:ae: 27:33:33:58:f5:ad:cb:9a:77:b0:47:0b:b5:62:bd:70:ad:6c: 46:ff:1d:7b:ad:87:1d:0d:19:cc:b7:eb:64:fa:77:ea:0a:67: 8a:15:93:fd:ad:e7:d5:5c:34:0d:a8:33:7d:35:c8:bc:15:1e: 45:6d:d1:9c:c1:b4:40:77:48:d6:36:55:d9:b3:58:cc:c7:34: 33:79:33:c1 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUanphZEzKZ3yhpxwXXCYVNU3QLt0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI0MDQxNzAwMDAwMFoX DTI0MDUyMjIzNTk1OVowejFJMEcGA1UEBRNAYTZhZWU4ZjU4ZDU3NzQ3YzI3MDIx MThhM2E4ZDVjYjVjNmZiYzc4MDU0YzgwYzRlYjM2NGIwYTY3OWEwODgwNTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ewPubc+z5mFMPynFusk8ETpI/Tp EjMJSWKkTw5TTBgmmv2vYzg57AcPvhF0q0a9v9qni2DmRcv1p5L+dgbAQwUbrifp bP27LK+QpbEdwr42PI/kWXJ7sMvxyn6L4bod1Z1bdxSW8GBWHUlaLvVqmhzNr5X3 DNEjR93nSMl6JU/LB/Tbv+RJCIwcK9MTNnSRSAMSdEMjvvkfo8VQvKHmjxApzBh7 Nr0JJw4avNcyzwd+AmtzePG01Ewd+4zptCHt2lZM4zemfXfyo/sv7Fcft3QjoDv6 X/NwOsiX6+ZXpmN/wYfv6jxcChzRFWDjewgLBesXJZsHee7JQim/N3KNDwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFAIGfqG8dDpg3v1hCVil8akHGmXcMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzQ3MDhlNWYwLWMxNGItNDRmMy1iNzgxLTJlN2JhZDUxMDk2NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rEMA0GCSqGSIb3DQEBCwUAA4IBAQBDFwvsAvywXXUt75SzS7o5 yXHHZx1r62u0l7Mf0yxSQsIfkuglCVjpL/4BLSvJUM7o3KIYNwARrQ40teb0sRUU erEAi1o+R7npMTgByfuXDLlhrO/ajYNJ79aQhQzcDCq3XjjJwurAgNLRM+Bh/CUW q1m8ZS61eEkOVorUhuc9u69DmFeV7YfJNeoeYEOwcz+SYlKsQrlqLU8U4zL6jna3 /iBOP+9HFBAYkOhdSafKQ1Mg3a4nMzNY9a3LmnewRwu1Yr1wrWxG/x17rYcdDRnM t+tk+nfqCmeKFZP9refVXDQNqDN9Nci8FR5FbdGcwbRAd0jWNlXZs1jMxzQzeTPB -----END CERTIFICATE-----Generated at Thu May 9 00:30:03 2024 by rpki-client on console-ams.rpki-client.org