$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/5defafc1-b226-4bbc-87e7-556b8bee16db.roa File: 5defafc1-b226-4bbc-87e7-556b8bee16db.roa (raw, json) Hash identifier: PQjnGj0/0+pf0a6HgWOb8W7kb+x/b2RNkPI2XiJ3vPo= Subject key identifier: 30:3F:9D:02:FB:B9:DF:4A:77:7D:4A:77:91:C4:98:17:E6:3E:A5:BF Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 6480A37FAF118338F677C67995F99455E8679407 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/5defafc1-b226-4bbc-87e7-556b8bee16db.roa Signing time: Sat 23 Mar 2024 00:00:00 +0000 ROA not before: Sat 23 Mar 2024 00:00:00 +0000 ROA not after: Sat 27 Apr 2024 23:59:59 +0000 asID: 14618 IP address blocks: 43.250.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Mar 2024 12:03:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:80:a3:7f:af:11:83:38:f6:77:c6:79:95:f9:94:55:e8:67:94:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Mar 23 00:00:00 2024 GMT Not After : Apr 27 23:59:59 2024 GMT Subject: serialNumber=76ec10cd3db275ff7612254dc462e1ab85b88a8e5dec2cacfd5ad963447df176, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:5c:ad:60:24:35:8b:55:ce:e5:f2:86:ea:e2: dc:f7:2e:58:26:f6:56:ae:74:e1:4f:28:58:89:c7: 01:ef:dd:d0:82:f8:01:a8:3a:10:92:f0:c6:0f:1c: e9:ca:f5:76:85:66:e3:07:88:26:63:ca:7d:05:51: 5c:97:01:0e:b0:26:95:82:ef:a0:2b:23:5f:de:4f: 2b:a3:7e:c6:2e:fc:cd:92:21:37:c3:78:93:15:41: fe:b2:59:8f:5f:16:73:2a:e6:20:8f:c4:7e:f4:25: 9c:52:10:f7:3e:8f:67:d1:0b:51:b2:8d:36:b7:72: e9:0f:08:b4:71:d5:da:46:10:de:ad:7b:0d:f4:a9: 77:c6:66:5c:66:b4:a0:f1:d4:d6:bf:7e:5b:e2:dd: ee:b7:78:15:32:c9:9d:81:79:22:91:b7:5f:31:86: 54:3d:aa:ff:b7:84:b7:65:b4:21:db:b0:23:64:b0: 36:9c:45:d5:2e:9b:4d:2d:fd:9a:cf:72:2c:d4:a0: 0c:8e:a2:32:1a:d1:eb:3a:72:96:74:29:eb:cc:68: 6b:b3:22:8e:53:ec:86:06:71:f9:20:c8:27:9e:d0: cf:29:b6:ac:aa:98:fa:90:a0:14:69:34:86:48:5e: 22:4b:d3:42:37:ac:b8:8c:0e:9d:c8:66:30:a3:7d: 19:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:3F:9D:02:FB:B9:DF:4A:77:7D:4A:77:91:C4:98:17:E6:3E:A5:BF X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/5defafc1-b226-4bbc-87e7-556b8bee16db.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.196.0/22 Signature Algorithm: sha256WithRSAEncryption 2b:f6:49:34:6a:84:ea:28:30:b2:28:12:c5:1c:55:39:ee:00: fa:0b:25:26:47:a8:83:cd:9e:98:44:84:78:f4:6e:7d:e6:6c: e7:7d:02:5d:72:d6:82:a2:8e:10:ce:fc:1d:20:84:eb:c1:41: ad:b1:79:ea:ae:94:cc:30:c1:09:cb:3c:28:f8:bc:b9:bc:e0: c8:4a:77:58:36:5e:79:1e:d3:be:2b:61:22:df:10:ba:88:36: 7b:fc:3f:77:92:3b:6b:91:8c:61:e5:c1:72:78:3e:44:b2:40: 11:99:b2:d3:25:b7:6d:8d:46:db:41:71:89:a7:5e:1f:6f:3c: e6:36:3d:62:19:dd:f2:86:09:aa:78:32:be:2e:a6:06:09:01: d9:ec:8d:7b:bf:6c:80:39:11:00:3c:c2:fb:af:d3:18:7b:7b: fb:6b:86:a3:c9:66:a1:be:8c:5f:6f:e6:c5:c6:1a:ff:67:fa: 96:86:79:af:4e:59:c0:e7:03:8b:be:16:f8:9d:13:3e:38:7a: 16:0e:95:fc:af:4d:d8:90:c8:5e:fe:79:29:7a:69:7a:4a:d5: 91:68:5b:9c:b9:5c:84:50:1c:86:be:9c:5d:d0:dd:6a:5b:43: 0e:16:b3:ca:b4:fe:e6:45:c2:22:61:f8:b2:49:bf:5f:04:c4: c6:db:7e:28 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUZICjf68Rgzj2d8Z5lfmUVehnlAcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI0MDMyMzAwMDAwMFoX DTI0MDQyNzIzNTk1OVowejFJMEcGA1UEBRNANzZlYzEwY2QzZGIyNzVmZjc2MTIy NTRkYzQ2MmUxYWI4NWI4OGE4ZTVkZWMyY2FjZmQ1YWQ5NjM0NDdkZjE3NjEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVytYCQ1i1XO5fKG6uLc9y5YJvZW rnThTyhYiccB793QgvgBqDoQkvDGDxzpyvV2hWbjB4gmY8p9BVFclwEOsCaVgu+g KyNf3k8ro37GLvzNkiE3w3iTFUH+slmPXxZzKuYgj8R+9CWcUhD3Po9n0QtRso02 t3LpDwi0cdXaRhDerXsN9Kl3xmZcZrSg8dTWv35b4t3ut3gVMsmdgXkikbdfMYZU Par/t4S3ZbQh27AjZLA2nEXVLptNLf2az3Is1KAMjqIyGtHrOnKWdCnrzGhrsyKO U+yGBnH5IMgnntDPKbasqpj6kKAUaTSGSF4iS9NCN6y4jA6dyGYwo30ZJQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFDA/nQL7ud9Kd31Kd5HEmBfmPqW/MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzVkZWZhZmMxLWIyMjYtNGJiYy04N2U3LTU1NmI4YmVlMTZkYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rEMA0GCSqGSIb3DQEBCwUAA4IBAQAr9kk0aoTqKDCyKBLFHFU5 7gD6CyUmR6iDzZ6YRIR49G595mznfQJdctaCoo4QzvwdIITrwUGtsXnqrpTMMMEJ yzwo+Ly5vODISndYNl55HtO+K2Ei3xC6iDZ7/D93kjtrkYxh5cFyeD5EskARmbLT JbdtjUbbQXGJp14fbzzmNj1iGd3yhgmqeDK+LqYGCQHZ7I17v2yAOREAPML7r9MY e3v7a4ajyWahvoxfb+bFxhr/Z/qWhnmvTlnA5wOLvhb4nRM+OHoWDpX8r03YkMhe /nkpeml6StWRaFucuVyEUByGvpxd0N1qW0MOFrPKtP7mRcIiYfiySb9fBMTG234o -----END CERTIFICATE-----Generated at Thu Mar 28 01:01:25 2024 by rpki-client on console-fra.rpki-client.org