$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/7a18d866-9fb0-44dc-8cfd-5461500736e2.roa File: 7a18d866-9fb0-44dc-8cfd-5461500736e2.roa (raw, json) Hash identifier: E9qIcuAEDrAv+BhnY25Cwu8WQ4algh8I7+1fjARh5NY= Subject key identifier: 7D:C9:D9:60:DB:8E:9F:0C:19:FB:00:A4:46:FD:40:BC:22:9D:4C:67 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 317938F6BAD0731F360F6AEEC118E3BB79C926F1 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/7a18d866-9fb0-44dc-8cfd-5461500736e2.roa Signing time: Mon 04 Sep 2023 00:00:00 +0000 ROA not before: Mon 04 Sep 2023 00:00:00 +0000 ROA not after: Mon 09 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.192.0/18 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 06 Sep 2023 03:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:79:38:f6:ba:d0:73:1f:36:0f:6a:ee:c1:18:e3:bb:79:c9:26:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Sep 4 00:00:00 2023 GMT Not After : Oct 9 23:59:59 2023 GMT Subject: serialNumber=1c8af69e57043494543566e4f22947a638536b8aefa38f748afa08f1b4fa3908, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:79:f1:4d:e0:88:ac:30:38:db:3c:8c:e1:14: 7c:6f:73:ea:c3:c5:f0:e6:42:f0:59:4e:e9:43:a7: eb:90:2d:53:6d:a2:7f:b7:fa:dc:2a:e6:55:bd:59: 49:e3:20:f0:ed:ac:c4:a0:d9:10:9b:c0:d5:16:07: 83:3a:03:33:96:f2:e8:7d:13:5d:11:96:1b:50:da: 70:bf:a8:c6:08:8c:96:46:72:41:0d:05:37:f1:04: c0:3c:26:e3:fd:ab:1c:14:bb:e1:73:78:4b:ab:7a: 49:7c:82:1e:96:d9:55:ba:ff:3c:06:c3:72:58:f9: 30:27:18:a2:c1:0e:58:46:c2:22:04:a9:ff:60:91: 09:40:88:b0:64:33:8f:55:37:91:39:18:66:0c:b6: c5:cb:03:d2:d4:0c:e3:55:eb:13:1b:7f:71:57:c8: b5:9e:6f:7f:99:40:fb:c1:5f:27:c0:eb:a7:9b:b8: 69:fe:8b:98:ef:b5:21:2c:4d:87:df:e9:cf:f1:f3: d9:73:f1:96:43:1b:99:74:19:bd:50:25:d2:81:63: c1:16:45:5a:30:af:c0:80:0d:8d:93:6e:34:2f:59: 6c:c8:94:ca:2d:c7:32:c1:1e:9a:68:4f:2a:3c:24: 90:43:90:52:66:9a:64:a9:e1:90:5c:4f:48:bd:51: af:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:C9:D9:60:DB:8E:9F:0C:19:FB:00:A4:46:FD:40:BC:22:9D:4C:67 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/7a18d866-9fb0-44dc-8cfd-5461500736e2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.192.0/18 Signature Algorithm: sha256WithRSAEncryption 19:36:48:b6:cd:a7:91:0b:ac:ca:78:8c:50:0d:7b:d6:79:28: 9d:ce:fd:4b:52:da:b3:25:59:c0:aa:27:ea:60:b5:0a:01:b7: 01:a8:68:3f:47:81:43:59:1f:7d:0a:2b:11:a3:4b:44:8c:34: 2f:20:da:01:85:4b:1a:b1:be:21:1b:00:7b:34:cb:d2:ec:73: 1f:55:e5:8a:15:e9:fa:84:51:a2:7b:26:b0:f3:d4:9d:9b:f4: da:26:60:ea:91:55:3a:2d:55:f6:4a:d6:28:bb:0b:09:9b:e0: 39:16:67:c4:e9:d5:fb:bc:6b:53:cd:cf:23:ee:56:a4:75:83: 80:d2:c2:f6:32:cf:16:9f:f7:b2:cb:61:f8:2a:de:60:1c:8a: 49:bb:49:19:b7:18:6c:fa:d1:49:e0:44:20:3e:58:81:0f:1e: 48:38:93:63:40:5b:3e:0f:d3:13:32:98:58:f0:0f:50:1c:16: 2c:34:70:01:27:b0:e8:75:0c:e0:7f:30:fd:ef:ef:38:0a:78: 47:55:73:bc:62:ea:7e:3a:60:27:f0:ee:d4:90:90:46:7f:a3: fe:a5:3a:1b:80:4d:c9:39:c5:9e:9f:91:a9:5b:cd:c9:8e:e6: b8:22:89:c1:2e:a3:f2:2a:5e:00:c2:e6:ef:f7:7f:57:39:cd: d3:cd:89:41 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUMXk49rrQcx82D2ruwRjju3nJJvEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTIzMDkwNDAwMDAwMFoX DTIzMTAwOTIzNTk1OVowejFJMEcGA1UEBRNAMWM4YWY2OWU1NzA0MzQ5NDU0MzU2 NmU0ZjIyOTQ3YTYzODUzNmI4YWVmYTM4Zjc0OGFmYTA4ZjFiNGZhMzkwODEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHnxTeCIrDA42zyM4RR8b3Pqw8Xw 5kLwWU7pQ6frkC1TbaJ/t/rcKuZVvVlJ4yDw7azEoNkQm8DVFgeDOgMzlvLofRNd EZYbUNpwv6jGCIyWRnJBDQU38QTAPCbj/ascFLvhc3hLq3pJfIIeltlVuv88BsNy WPkwJxiiwQ5YRsIiBKn/YJEJQIiwZDOPVTeRORhmDLbFywPS1AzjVesTG39xV8i1 nm9/mUD7wV8nwOunm7hp/ouY77UhLE2H3+nP8fPZc/GWQxuZdBm9UCXSgWPBFkVa MK/AgA2Nk240L1lsyJTKLccywR6aaE8qPCSQQ5BSZppkqeGQXE9IvVGvSwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFH3J2WDbjp8MGfsApEb9QLwinUxnMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzdhMThkODY2LTlmYjAtNDRkYy04Y2ZkLTU0NjE1MDA3MzZlMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQGrynAMA0GCSqGSIb3DQEBCwUAA4IBAQAZNki2zaeRC6zKeIxQDXvW eSidzv1LUtqzJVnAqifqYLUKAbcBqGg/R4FDWR99CisRo0tEjDQvINoBhUsasb4h GwB7NMvS7HMfVeWKFen6hFGieyaw89Sdm/TaJmDqkVU6LVX2StYouwsJm+A5FmfE 6dX7vGtTzc8j7lakdYOA0sL2Ms8Wn/eyy2H4Kt5gHIpJu0kZtxhs+tFJ4EQgPliB Dx5IOJNjQFs+D9MTMphY8A9QHBYsNHABJ7DodQzgfzD97+84CnhHVXO8Yup+OmAn 8O7UkJBGf6P+pTobgE3JOcWen5GpW83Jjua4IonBLqPyKl4Awubv939XOc3TzYlB -----END CERTIFICATE-----Generated at Mon Sep 4 15:12:34 2023 by rpki-client on console-fra.rpki-client.org