$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa File: 9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa (raw, json) Hash identifier: ZkUNebZEJIgMmKoeDY4iLUxVbz2MiUW5gWX1k9cXWL4= Subject key identifier: 0E:51:1C:69:A3:36:45:06:F8:44:87:B9:D6:C5:9C:F5:86:A5:50:B0 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 2EC890CD04524CD58886A8E06DA694FD2CD4D754 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa Signing time: Tue 05 Nov 2024 00:00:00 +0000 ROA not before: Tue 05 Nov 2024 00:00:00 +0000 ROA not after: Tue 10 Dec 2024 23:59:59 +0000 asID: 7224 IP address blocks: 43.250.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 Nov 2024 00:23:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:c8:90:cd:04:52:4c:d5:88:86:a8:e0:6d:a6:94:fd:2c:d4:d7:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Nov 5 00:00:00 2024 GMT Not After : Dec 10 23:59:59 2024 GMT Subject: serialNumber=3591c32ea7346f36f9b5366bc63dfebc7855bf08400a86531cae797cbba2edc7, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:08:89:af:88:3d:e1:d6:e7:9b:b6:a6:1b:e9: 73:a9:d8:3d:0e:50:5b:e4:c4:06:d7:35:a2:c0:5f: 56:fa:d3:31:58:02:2a:78:78:d3:b4:9b:f1:d1:4a: 6b:9b:79:63:ca:f7:ca:cb:33:4f:27:0a:25:0e:ba: 74:66:06:88:d4:9b:9a:36:9d:76:32:67:d1:bd:8f: 55:e0:b4:2a:7f:63:ef:a6:d1:f1:c3:a1:92:e0:0c: d2:65:9b:ab:76:e4:aa:26:f7:c0:35:e1:46:24:66: c4:b6:a1:6d:ef:88:7d:f2:47:f6:85:52:a3:7d:ea: ab:3a:bf:0c:d0:b2:59:dc:db:a8:ba:36:d4:9f:09: 39:10:b6:71:56:5b:1a:46:3d:13:0d:e9:d3:fd:ba: f1:c9:9c:5b:9c:f5:71:59:ef:4b:30:d5:6a:b0:74: 10:37:45:90:87:ec:2f:57:c8:9a:92:5f:1b:cb:3a: 19:48:f4:65:3e:bc:83:c8:84:83:c6:7f:b8:a3:22: 68:48:6b:4b:2f:23:04:72:54:09:f3:06:ce:da:b0: 94:7a:1c:4d:0a:4d:8e:3d:73:2c:1b:24:8b:8a:aa: 1a:db:ca:e3:bd:14:f7:7e:44:10:21:d4:48:92:f1: 93:9f:7a:68:4e:32:c6:b1:71:45:83:af:c5:5b:30: ac:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:51:1C:69:A3:36:45:06:F8:44:87:B9:D6:C5:9C:F5:86:A5:50:B0 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.196.0/22 Signature Algorithm: sha256WithRSAEncryption b6:15:f4:69:a6:b1:06:53:66:c8:46:a9:1f:bf:51:3b:82:3c: 54:98:b9:fc:d7:31:7c:a8:e5:5f:82:24:41:7a:80:85:f9:07: 01:23:cb:a8:7c:80:5d:1f:83:2a:3a:7f:52:c5:8a:7a:94:e4: 8d:37:0a:64:0d:d7:12:04:94:a1:ca:95:83:8f:73:95:16:52: c0:76:02:bc:14:44:99:d8:79:dc:b3:8d:29:bf:9a:6d:35:14: b5:31:a2:10:22:69:45:55:25:ce:91:2b:84:b1:ce:f5:93:a6: 4c:9d:2b:14:a7:45:cc:a4:5e:bc:17:69:5c:90:2c:bc:51:7f: d2:56:9d:31:b5:07:57:9d:38:5b:75:0b:5a:92:44:e8:5b:1b: cc:41:89:ff:25:df:df:a3:96:fc:ce:8f:67:5e:b1:f5:32:bd: 76:f3:6e:be:ec:d0:a8:de:c6:93:00:a8:05:9d:01:9a:37:bb: 80:50:b7:f4:a0:35:5e:a8:54:05:a4:f4:c8:91:11:c4:4b:19: 0d:87:44:4a:16:b3:e2:05:cd:29:80:a1:d1:94:98:9e:75:da: 1c:c0:f9:15:69:f7:e3:3d:fe:d1:d7:da:0a:51:bd:d2:dd:55: ae:75:a9:3e:f2:67:af:cd:8c:3e:57:1b:4e:7e:aa:f0:a5:1a: 5e:37:66:5b -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIULsiQzQRSTNWIhqjgbaaU/SzU11QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI0MTEwNTAwMDAwMFoX DTI0MTIxMDIzNTk1OVowejFJMEcGA1UEBRNAMzU5MWMzMmVhNzM0NmYzNmY5YjUz NjZiYzYzZGZlYmM3ODU1YmYwODQwMGE4NjUzMWNhZTc5N2NiYmEyZWRjNzEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4QiJr4g94dbnm7amG+lzqdg9DlBb 5MQG1zWiwF9W+tMxWAIqeHjTtJvx0Uprm3ljyvfKyzNPJwolDrp0ZgaI1JuaNp12 MmfRvY9V4LQqf2PvptHxw6GS4AzSZZurduSqJvfANeFGJGbEtqFt74h98kf2hVKj feqrOr8M0LJZ3NuoujbUnwk5ELZxVlsaRj0TDenT/brxyZxbnPVxWe9LMNVqsHQQ N0WQh+wvV8iakl8byzoZSPRlPryDyISDxn+4oyJoSGtLLyMEclQJ8wbO2rCUehxN Ck2OPXMsGySLiqoa28rjvRT3fkQQIdRIkvGTn3poTjLGsXFFg6/FWzCs4wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFA5RHGmjNkUG+ESHudbFnPWGpVCwMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzliOGU5NjNlLTdmYTItNGJhMS1hNzhhLTRkMWZkNzk4OWIzMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rEMA0GCSqGSIb3DQEBCwUAA4IBAQC2FfRpprEGU2bIRqkfv1E7 gjxUmLn81zF8qOVfgiRBeoCF+QcBI8uofIBdH4MqOn9SxYp6lOSNNwpkDdcSBJSh ypWDj3OVFlLAdgK8FESZ2Hncs40pv5ptNRS1MaIQImlFVSXOkSuEsc71k6ZMnSsU p0XMpF68F2lckCy8UX/SVp0xtQdXnThbdQtakkToWxvMQYn/Jd/fo5b8zo9nXrH1 Mr12826+7NCo3saTAKgFnQGaN7uAULf0oDVeqFQFpPTIkRHESxkNh0RKFrPiBc0p gKHRlJieddocwPkVaffjPf7R19oKUb3S3VWudak+8mevzYw+VxtOfqrwpRpeN2Zb -----END CERTIFICATE-----Generated at Fri Nov 22 01:34:50 2024 by rpki-client on console-ams.rpki-client.org