$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa File: 9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa (raw, json) Hash identifier: 7Ty3+GwkXvmfbwqMAyfRstyxhPzlq4zTN1KFv4E+hRo= Subject key identifier: F4:A6:90:82:8E:51:9D:0C:C1:F3:49:C5:72:24:3F:57:38:10:57:52 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 0DFF13F78F24E96E2645D8C58A7163597160A9AD Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa Signing time: Wed 17 Apr 2024 00:00:00 +0000 ROA not before: Wed 17 Apr 2024 00:00:00 +0000 ROA not after: Wed 22 May 2024 23:59:59 +0000 asID: 7224 IP address blocks: 43.250.196.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 15 May 2024 02:42:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:ff:13:f7:8f:24:e9:6e:26:45:d8:c5:8a:71:63:59:71:60:a9:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Apr 17 00:00:00 2024 GMT Not After : May 22 23:59:59 2024 GMT Subject: serialNumber=f158672e7195019ef39e0f7a956b8eeaa15d5b1618bdf01dc28e6b7e51af4e0a, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:28:0d:be:a8:fd:dc:02:3a:c9:61:d5:fe:88: bd:9b:66:17:fb:b7:1d:eb:a0:1a:6d:7c:d4:20:58: 72:65:c7:0b:9d:a6:00:7f:5a:83:b4:4f:6a:7d:c8: 66:09:2b:96:71:89:6c:98:60:35:5a:e7:49:c3:3b: 36:16:a1:74:a6:2e:3d:10:c2:a5:93:7a:2e:15:b0: 22:17:7e:5a:3e:dd:b9:ac:79:ba:55:09:a2:5f:66: 72:2f:41:38:1f:5b:cc:c7:d3:18:82:bd:f7:5f:28: 22:6d:fd:6c:dc:07:35:0d:95:c2:59:3a:ea:0d:97: d3:af:d8:95:a7:b1:40:5f:32:4b:cf:0b:6e:55:65: 7f:30:51:63:9d:53:0b:ca:48:15:c5:ec:c0:a3:c5: c2:56:2b:4f:04:04:cf:72:c4:b0:6f:e8:55:e1:4a: 49:60:b1:e0:4a:10:26:53:fc:4a:db:d9:0e:74:d4: d7:90:7b:39:3c:ad:9c:41:fc:eb:13:25:fb:0e:06: cd:95:a0:bc:1e:80:8b:21:62:f3:d1:75:14:96:3b: 61:d4:5c:ed:db:24:c0:d0:ec:1e:ba:2b:f0:e4:ea: 15:cb:f4:72:fd:f0:4b:86:93:74:0f:3e:ad:0c:cd: b0:a2:f6:e0:30:1c:9c:52:67:8b:f0:b2:34:b4:d3: d2:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:A6:90:82:8E:51:9D:0C:C1:F3:49:C5:72:24:3F:57:38:10:57:52 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b8e963e-7fa2-4ba1-a78a-4d1fd7989b32.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.250.196.0/22 Signature Algorithm: sha256WithRSAEncryption 6b:d5:03:14:f4:c4:d3:cc:11:9a:dd:21:66:a8:1b:26:31:13: 1b:99:2b:98:9b:26:de:1e:59:67:7c:43:61:cb:39:e2:5f:8a: a4:de:3f:9e:ef:77:1e:8d:4b:9f:7b:36:0f:bb:70:63:38:c4: 48:1a:8f:8f:3c:aa:e9:23:1d:66:9b:6e:34:53:da:93:77:01: a8:ba:4c:c3:b3:45:e8:c9:a9:e0:02:e1:01:32:41:eb:58:45: 14:fb:a3:00:9e:c9:01:6f:bf:e3:37:0c:36:5d:e8:ce:5f:4d: 8e:70:da:83:d3:e4:1d:e0:2d:3c:c4:19:eb:fb:69:2a:99:11: 8e:74:0d:68:f6:73:cc:ba:1b:e3:16:a0:77:3d:1d:7e:b2:7c: c1:20:5c:8c:3c:ee:02:87:50:bc:a5:9e:9d:8f:9b:3d:c0:27: df:ae:64:f7:50:fa:1d:d9:13:2d:02:9a:b4:67:b9:e0:a7:1f: 10:7d:34:bb:94:59:fb:df:a0:de:05:7a:8c:6d:04:ba:fd:1a: 8d:2f:6e:d3:b6:eb:70:b3:79:bc:d2:14:4a:6c:03:fe:d6:50: 6a:bf:7e:4a:9a:cf:3e:0d:51:1a:1c:2b:92:c1:d7:f2:cd:f8: 9b:99:41:6b:e6:db:74:92:85:46:93:bc:23:e0:ce:27:ad:46: ec:74:4d:95 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUDf8T948k6W4mRdjFinFjWXFgqa0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI0MDQxNzAwMDAwMFoX DTI0MDUyMjIzNTk1OVowejFJMEcGA1UEBRNAZjE1ODY3MmU3MTk1MDE5ZWYzOWUw ZjdhOTU2YjhlZWFhMTVkNWIxNjE4YmRmMDFkYzI4ZTZiN2U1MWFmNGUwYTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvygNvqj93AI6yWHV/oi9m2YX+7cd 66AabXzUIFhyZccLnaYAf1qDtE9qfchmCSuWcYlsmGA1WudJwzs2FqF0pi49EMKl k3ouFbAiF35aPt25rHm6VQmiX2ZyL0E4H1vMx9MYgr33Xygibf1s3Ac1DZXCWTrq DZfTr9iVp7FAXzJLzwtuVWV/MFFjnVMLykgVxezAo8XCVitPBATPcsSwb+hV4UpJ YLHgShAmU/xK29kOdNTXkHs5PK2cQfzrEyX7DgbNlaC8HoCLIWLz0XUUljth1Fzt 2yTA0Oweuivw5OoVy/Ry/fBLhpN0Dz6tDM2wovbgMBycUmeL8LI0tNPS0QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPSmkIKOUZ0MwfNJxXIkP1c4EFdSMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzliOGU5NjNlLTdmYTItNGJhMS1hNzhhLTRkMWZkNzk4OWIzMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQCK/rEMA0GCSqGSIb3DQEBCwUAA4IBAQBr1QMU9MTTzBGa3SFmqBsm MRMbmSuYmybeHllnfENhyzniX4qk3j+e73cejUufezYPu3BjOMRIGo+PPKrpIx1m m240U9qTdwGoukzDs0XoyangAuEBMkHrWEUU+6MAnskBb7/jNww2XejOX02OcNqD 0+Qd4C08xBnr+2kqmRGOdA1o9nPMuhvjFqB3PR1+snzBIFyMPO4Ch1C8pZ6dj5s9 wCffrmT3UPod2RMtApq0Z7ngpx8QfTS7lFn736DeBXqMbQS6/RqNL27Ttutws3m8 0hRKbAP+1lBqv35Kms8+DVEaHCuSwdfyzfibmUFr5tt0koVGk7wj4M4nrUbsdE2V -----END CERTIFICATE-----Generated at Sun May 12 01:00:48 2024 by rpki-client on console-ams.rpki-client.org