$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/4708e5f0-c14b-44f3-b781-2e7bad510965.roa File: 4708e5f0-c14b-44f3-b781-2e7bad510965.roa (raw, json) Hash identifier: VPZWr6PtWna0rnCz4j3MASHw8mbCfaWShmCWdHiXPpE= Subject key identifier: B9:F7:20:E3:09:03:15:33:34:D7:FB:60:E4:06:1A:F0:36:DC:37:A3 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 778E2ABF2D2A19E3FE6B06FE5EA1DB7FEDEE22B3 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/4708e5f0-c14b-44f3-b781-2e7bad510965.roa Signing time: Tue 05 Nov 2024 00:00:00 +0000 ROA not before: Tue 05 Nov 2024 00:00:00 +0000 ROA not after: Tue 10 Dec 2024 23:59:59 +0000 asID: 8987 IP address blocks: 43.250.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:23:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:8e:2a:bf:2d:2a:19:e3:fe:6b:06:fe:5e:a1:db:7f:ed:ee:22:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Nov 5 00:00:00 2024 GMT Not After : Dec 10 23:59:59 2024 GMT Subject: serialNumber=abe7136502e7d9b6b6356d315695c8ec62d8bda997004743dadfa8d11e1bad8f, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:53:a8:90:a0:07:24:27:4a:7d:38:8f:4b:cf: ee:12:e6:65:41:3e:85:c4:e8:ce:8f:aa:20:ab:89: bc:56:7f:b8:52:c4:e9:95:01:0e:23:10:58:28:23: 65:20:b5:93:a7:42:4c:23:ca:92:84:f7:bb:09:cb: 2c:52:9a:02:99:a3:1c:cf:95:09:7d:88:4d:0a:86: db:d0:07:14:41:00:f5:29:67:7d:84:3c:8c:bf:d7: a2:34:49:f4:12:1e:87:a6:2e:55:18:b7:ce:49:4b: 32:0e:77:de:5d:e7:d1:aa:ec:4f:e4:50:c0:a7:b4: db:83:7e:52:00:71:ac:1f:05:6d:72:0d:01:66:db: aa:b2:fe:94:72:4c:ba:5f:23:1f:bd:c9:b6:4d:50: 59:8a:05:1a:bc:92:74:a4:cf:02:3e:5c:ac:f0:d1: 18:30:d4:1a:4e:a4:95:94:3d:21:ca:d6:6a:85:43: 4e:d2:68:ac:43:e4:2a:5a:a1:cf:70:8b:51:c8:df: 90:8a:6c:05:38:25:7d:51:80:56:28:2b:46:83:ce: c0:be:8d:0b:97:09:35:e1:1f:16:e0:04:60:5c:1c: bc:e2:1f:36:43:bf:cc:14:4f:fb:56:a8:57:74:5b: ee:29:f6:3c:90:d8:03:74:7c:99:b4:79:61:ff:be: a3:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:F7:20:E3:09:03:15:33:34:D7:FB:60:E4:06:1A:F0:36:DC:37:A3 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/4708e5f0-c14b-44f3-b781-2e7bad510965.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.196.0/22 Signature Algorithm: sha256WithRSAEncryption 36:77:1c:4b:93:3e:4e:36:c6:ee:f6:16:b5:2d:cc:98:2b:bb: b7:3f:b0:c0:41:31:62:23:6c:88:22:67:fd:fa:78:df:b0:9d: d7:00:13:13:6e:f7:6f:f6:88:32:58:31:4d:4c:e5:c8:b9:b0: 6f:74:d4:73:e8:d9:3b:71:95:03:2c:2c:0d:d5:f3:d0:98:97: 39:eb:0a:2a:72:39:28:ea:0f:09:31:b8:5b:2a:88:f8:7d:68: 36:27:e2:61:41:c0:1d:96:13:0a:03:d6:b5:ba:38:74:34:7e: 63:f6:dc:57:7f:44:75:76:8d:97:f1:7b:dd:5a:9d:cf:b6:1e: af:14:f7:92:84:1e:57:94:d8:ba:94:c7:d7:1f:84:a3:0f:c2: 2f:92:a9:0c:9e:25:e4:10:bb:bb:87:7b:31:49:5c:9d:96:64: a2:98:ce:1b:98:21:51:5c:b5:00:38:bb:e8:c2:c8:dd:b4:81: c4:a0:6f:eb:ae:00:78:5b:f9:5a:49:26:75:32:b4:5f:59:87: f8:19:2c:8b:2a:27:87:cf:b6:47:10:51:c2:14:90:5d:a6:b2: 38:7b:d7:7f:47:06:0c:b9:a7:b7:32:dc:2f:8c:00:47:23:4f: 9a:2f:c4:f3:74:ae:bf:c6:b3:80:ed:25:49:5a:df:20:ae:ca: d8:db:ea:11 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUd44qvy0qGeP+awb+XqHbf+3uIrMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI0MTEwNTAwMDAwMFoX DTI0MTIxMDIzNTk1OVowejFJMEcGA1UEBRNAYWJlNzEzNjUwMmU3ZDliNmI2MzU2 ZDMxNTY5NWM4ZWM2MmQ4YmRhOTk3MDA0NzQzZGFkZmE4ZDExZTFiYWQ4ZjEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlOokKAHJCdKfTiPS8/uEuZlQT6F xOjOj6ogq4m8Vn+4UsTplQEOIxBYKCNlILWTp0JMI8qShPe7CcssUpoCmaMcz5UJ fYhNCobb0AcUQQD1KWd9hDyMv9eiNEn0Eh6Hpi5VGLfOSUsyDnfeXefRquxP5FDA p7Tbg35SAHGsHwVtcg0BZtuqsv6Ucky6XyMfvcm2TVBZigUavJJ0pM8CPlys8NEY MNQaTqSVlD0hytZqhUNO0misQ+QqWqHPcItRyN+QimwFOCV9UYBWKCtGg87Avo0L lwk14R8W4ARgXBy84h82Q7/MFE/7VqhXdFvuKfY8kNgDdHyZtHlh/76jRwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFLn3IOMJAxUzNNf7YOQGGvA23DejMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzQ3MDhlNWYwLWMxNGItNDRmMy1iNzgxLTJlN2JhZDUxMDk2NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rEMA0GCSqGSIb3DQEBCwUAA4IBAQA2dxxLkz5ONsbu9ha1LcyY K7u3P7DAQTFiI2yIImf9+njfsJ3XABMTbvdv9ogyWDFNTOXIubBvdNRz6Nk7cZUD LCwN1fPQmJc56woqcjko6g8JMbhbKoj4fWg2J+JhQcAdlhMKA9a1ujh0NH5j9txX f0R1do2X8XvdWp3Pth6vFPeShB5XlNi6lMfXH4SjD8IvkqkMniXkELu7h3sxSVyd lmSimM4bmCFRXLUAOLvowsjdtIHEoG/rrgB4W/laSSZ1MrRfWYf4GSyLKieHz7ZH EFHCFJBdprI4e9d/RwYMuae3MtwvjABHI0+aL8TzdK6/xrOA7SVJWt8grsrY2+oR -----END CERTIFICATE-----Generated at Fri Nov 22 02:08:48 2024 by rpki-client on console-fra.rpki-client.org