$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/5defafc1-b226-4bbc-87e7-556b8bee16db.roa File: 5defafc1-b226-4bbc-87e7-556b8bee16db.roa (raw, json) Hash identifier: fsEoGx74l+xUmJU1R6OyZ+uQGdbnHBbwqyvDzFAm00w= Subject key identifier: F2:6C:BA:31:C6:A7:86:8D:4B:F2:97:43:55:ED:05:FF:60:74:3E:D2 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 4FEBD21682BEBE1A5B361B7577343ADF67DD42E2 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/5defafc1-b226-4bbc-87e7-556b8bee16db.roa Signing time: Tue 05 Nov 2024 00:00:00 +0000 ROA not before: Tue 05 Nov 2024 00:00:00 +0000 ROA not after: Tue 10 Dec 2024 23:59:59 +0000 asID: 14618 IP address blocks: 43.250.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Nov 2024 00:25:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:eb:d2:16:82:be:be:1a:5b:36:1b:75:77:34:3a:df:67:dd:42:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Nov 5 00:00:00 2024 GMT Not After : Dec 10 23:59:59 2024 GMT Subject: serialNumber=0b6a190801127d57c8cf4cce06a2f63843ef2d0af63c3750a7a5672e9e62439e, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:37:52:97:17:de:9b:eb:e4:0f:c5:28:89:78: f6:e4:94:ea:6d:3f:11:ce:70:93:dd:03:5f:ac:51: 50:55:22:a0:be:23:a9:db:25:a2:1d:08:76:fb:7d: 59:e4:67:47:85:a7:04:eb:0f:7e:32:b6:24:ed:34: 0d:02:2f:ea:7f:13:06:72:5f:e2:88:d4:b5:e3:4a: dd:24:e0:b0:f0:52:c2:78:08:73:b6:15:69:aa:dc: 78:5b:f3:a1:df:68:92:c8:94:50:8f:9d:14:70:bd: 7c:cc:12:5a:c0:a9:b9:b5:74:ec:96:6b:ac:6e:e7: ae:c9:56:92:4d:37:81:9d:cd:26:d2:3e:6d:4b:91: f0:1a:a6:5f:c6:c0:26:6f:83:b4:50:cd:5c:e3:f3: 55:b8:86:e8:d3:b7:cf:f0:99:7d:42:9b:37:75:2f: cb:47:6b:a6:0c:0c:be:cb:4e:81:09:d6:55:83:7c: 80:94:45:e1:7b:55:99:26:83:d1:36:43:3c:e0:cd: 07:03:90:d6:ed:57:8e:d8:06:39:ea:ef:f7:ae:80: b1:88:31:52:07:7a:be:e6:12:77:b4:19:ef:fc:8f: da:36:91:83:a3:f1:dd:17:fd:e3:cc:8e:8d:a1:68: ab:02:02:34:d4:dd:34:5c:3c:13:f6:b9:1a:6d:de: 96:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:6C:BA:31:C6:A7:86:8D:4B:F2:97:43:55:ED:05:FF:60:74:3E:D2 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/5defafc1-b226-4bbc-87e7-556b8bee16db.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.196.0/22 Signature Algorithm: sha256WithRSAEncryption 35:15:a7:3e:59:d1:67:ab:0c:14:7c:da:a8:42:cd:7c:7d:8b: 0d:d8:02:d9:39:23:78:e3:66:91:e8:58:9e:68:76:f1:f3:41: 94:f4:0d:ef:0f:e5:00:b7:3e:63:54:7d:aa:43:5d:76:41:8b: 80:11:50:5e:cc:26:b2:28:1c:ed:a9:f2:9c:46:7b:e9:d0:bc: 05:98:da:b3:cd:31:fd:c7:ae:1d:26:c7:b5:99:f2:95:c6:f1: 77:72:16:ef:c0:cf:75:72:46:70:41:53:86:fc:6c:43:a4:eb: 39:f6:6f:d8:a9:72:d8:2c:de:57:57:f6:67:4d:13:70:ed:4a: 97:49:83:22:94:8a:76:69:a8:d7:a5:58:f7:6e:79:10:0c:08: 77:80:ad:5c:e8:1c:f6:51:e8:f2:94:89:e0:81:99:f6:a1:d1: 34:89:df:1c:e5:81:06:4f:5f:50:c8:de:3c:ce:13:ed:66:2b: 1b:dd:03:98:8e:dc:f8:be:4f:41:ab:05:c9:bb:eb:24:4a:a9: cc:92:1d:88:65:b5:6c:0e:3d:8e:27:ba:c7:73:a5:48:80:b7: c4:4d:ae:b5:6c:00:47:fb:13:84:7c:f4:d3:94:cf:42:30:04: 7d:07:3f:22:28:98:99:78:dd:89:b8:10:c5:e4:ba:27:36:a0: 28:ac:65:25 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUT+vSFoK+vhpbNht1dzQ632fdQuIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI0MTEwNTAwMDAwMFoX DTI0MTIxMDIzNTk1OVowejFJMEcGA1UEBRNAMGI2YTE5MDgwMTEyN2Q1N2M4Y2Y0 Y2NlMDZhMmY2Mzg0M2VmMmQwYWY2M2MzNzUwYTdhNTY3MmU5ZTYyNDM5ZTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojdSlxfem+vkD8UoiXj25JTqbT8R znCT3QNfrFFQVSKgviOp2yWiHQh2+31Z5GdHhacE6w9+MrYk7TQNAi/qfxMGcl/i iNS140rdJOCw8FLCeAhzthVpqtx4W/Oh32iSyJRQj50UcL18zBJawKm5tXTslmus bueuyVaSTTeBnc0m0j5tS5HwGqZfxsAmb4O0UM1c4/NVuIbo07fP8Jl9Qps3dS/L R2umDAy+y06BCdZVg3yAlEXhe1WZJoPRNkM84M0HA5DW7VeO2AY56u/3roCxiDFS B3q+5hJ3tBnv/I/aNpGDo/HdF/3jzI6NoWirAgI01N00XDwT9rkabd6WFwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPJsujHGp4aNS/KXQ1XtBf9gdD7SMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzVkZWZhZmMxLWIyMjYtNGJiYy04N2U3LTU1NmI4YmVlMTZkYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rEMA0GCSqGSIb3DQEBCwUAA4IBAQA1Fac+WdFnqwwUfNqoQs18 fYsN2ALZOSN442aR6FieaHbx80GU9A3vD+UAtz5jVH2qQ112QYuAEVBezCayKBzt qfKcRnvp0LwFmNqzzTH9x64dJse1mfKVxvF3chbvwM91ckZwQVOG/GxDpOs59m/Y qXLYLN5XV/ZnTRNw7UqXSYMilIp2aajXpVj3bnkQDAh3gK1c6Bz2UejylInggZn2 odE0id8c5YEGT19QyN48zhPtZisb3QOYjtz4vk9BqwXJu+skSqnMkh2IZbVsDj2O J7rHc6VIgLfETa61bABH+xOEfPTTlM9CMAR9Bz8iKJiZeN2JuBDF5LonNqAorGUl -----END CERTIFICATE-----Generated at Sun Nov 24 02:36:09 2024 by rpki-client on console-fra.rpki-client.org