$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/117722c6-e4ab-4a2f-a2ae-11a9762a1547.roa File: 117722c6-e4ab-4a2f-a2ae-11a9762a1547.roa (raw, json) Hash identifier: tqhtr51Kkv/zeZ6vnIf3tAxH+ragv0v6TQqm6n2xQ1E= Subject key identifier: 21:8E:15:EB:57:BC:66:7B:17:1E:89:2B:F3:59:29:6A:FB:45:2A:38 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3D0539B103F58D50B16270866809A80E4FAE99EE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/117722c6-e4ab-4a2f-a2ae-11a9762a1547.roa Signing time: Sun 26 Mar 2023 00:00:00 +0000 ROA not before: Sun 26 Mar 2023 00:00:00 +0000 ROA not after: Sun 30 Apr 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Mar 2023 12:04:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:05:39:b1:03:f5:8d:50:b1:62:70:86:68:09:a8:0e:4f:ae:99:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 26 00:00:00 2023 GMT Not After : Apr 30 23:59:59 2023 GMT Subject: serialNumber=03c81c16cbeaa54faa71bdf3f0772a0a871ff50f27b56d5e9ab79aae052e6d70, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81, OU=Amazon RPKI, O=Amazon.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:8a:ed:33:f3:d9:a6:b8:74:1c:1d:1b:70:5b: 53:ec:14:a5:5c:d8:40:50:e6:9a:cf:ab:6a:7e:94: 2b:f1:38:c2:26:3b:d0:6f:3a:fb:24:b7:d8:2e:c7: eb:d8:cb:7b:16:15:e8:2a:2d:71:91:4c:ed:de:99: de:08:c5:0f:84:a2:19:1e:22:73:52:25:64:04:07: 99:0e:4d:4a:65:b1:bc:0a:04:a1:df:fc:00:f3:82: 67:0e:4c:33:76:4c:f9:a5:18:92:77:0f:14:bd:f5: b2:84:ae:7f:5a:6c:67:37:8d:d9:b7:b4:85:ef:78: 1f:4f:ec:9d:bf:b9:c4:c9:c5:20:42:fd:d9:32:a5: 2d:d9:4f:c3:d7:91:c5:bc:0c:b3:c3:4f:0e:19:20: 19:d5:68:9d:09:26:e3:34:c8:33:69:39:4d:e7:5a: 48:eb:61:a7:b0:73:32:a0:50:92:c9:a7:b0:9e:ae: 52:dd:6b:4a:46:f5:68:a8:cc:35:2e:d5:cc:80:b8: 27:10:e7:62:b6:61:28:c1:3e:52:6d:5b:44:51:65: 5e:ce:74:6a:95:c6:1a:13:75:1a:2b:5f:4b:6b:1b: fd:47:f0:19:c6:33:d5:18:4e:28:f7:e1:ab:bc:6e: f7:8f:2f:50:b0:40:a3:d0:f4:3e:9b:e4:e0:29:fc: 60:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:8E:15:EB:57:BC:66:7B:17:1E:89:2B:F3:59:29:6A:FB:45:2A:38 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/117722c6-e4ab-4a2f-a2ae-11a9762a1547.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:8000::/40 Signature Algorithm: sha256WithRSAEncryption 43:15:dd:96:d6:3a:fa:66:ae:21:7c:ef:a0:dd:53:c0:3f:6a: c3:58:af:01:12:4c:6d:1d:24:45:a5:9c:1c:2f:a0:df:85:3d: 01:3f:56:50:50:e5:e3:13:fb:29:bc:62:62:41:e7:ac:8f:5e: 1a:a2:06:33:19:c4:7a:f2:5d:25:eb:90:21:f0:85:d9:f7:7d: d9:8a:3d:70:7b:d4:8c:67:73:2d:72:67:d8:6b:2a:38:8c:db: cc:17:d0:21:93:98:92:7b:fb:a8:a1:c2:69:0d:06:fd:97:b9: fa:5c:79:40:59:90:d7:db:50:f5:17:2d:df:4f:ae:a0:07:2d: 05:aa:9c:da:b1:83:89:76:b0:0e:8d:fd:4a:e4:32:ec:c8:14: 70:78:fa:e0:40:14:b5:d6:03:92:34:85:99:21:43:43:c8:9c: 2d:b0:8c:c2:2f:99:e6:cb:f5:04:f3:2b:ab:17:88:90:fd:78: f1:55:07:96:62:f4:ab:60:a3:1c:16:17:64:dd:c5:c9:c0:32: c7:6b:c2:48:0d:3e:64:9f:0d:53:35:2a:5d:f0:11:ce:13:97: 97:17:a1:2f:e1:61:82:3d:e7:12:06:f8:98:af:8a:e4:17:26: 68:f0:4b:4d:dc:fe:7d:5f:b0:03:c4:6f:e0:8e:0c:65:84:bc: f0:40:8f:bb -----BEGIN CERTIFICATE----- MIIFyjCCBLKgAwIBAgIUPQU5sQP1jVCxYnCGaAmoDk+ume4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDMyNjAwMDAwMFoX DTIzMDQzMDIzNTk1OVowgaUxSTBHBgNVBAUTQDAzYzgxYzE2Y2JlYWE1NGZhYTcx YmRmM2YwNzcyYTBhODcxZmY1MGYyN2I1NmQ1ZTlhYjc5YWFlMDUyZTZkNzAxLTAr BgNVBAMTJGMwYmYwZmU4LTcxN2MtNGY3Mi05YjQ1LWM5YzUxOTEzMmE4MTEUMBIG A1UECxMLQW1hem9uIFJQS0kxEzARBgNVBAoTCkFtYXpvbi5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeiu0z89mmuHQcHRtwW1PsFKVc2EBQ5prP q2p+lCvxOMImO9BvOvskt9gux+vYy3sWFegqLXGRTO3emd4IxQ+EohkeInNSJWQE B5kOTUplsbwKBKHf/ADzgmcOTDN2TPmlGJJ3DxS99bKErn9abGc3jdm3tIXveB9P 7J2/ucTJxSBC/dkypS3ZT8PXkcW8DLPDTw4ZIBnVaJ0JJuM0yDNpOU3nWkjrYaew czKgUJLJp7CerlLda0pG9WiozDUu1cyAuCcQ52K2YSjBPlJtW0RRZV7OdGqVxhoT dRorX0trG/1H8BnGM9UYTij34au8bvePL1CwQKPQ9D6b5OAp/GDvAgMBAAGjggJK MIICRjAdBgNVHQ4EFgQUIY4V61e8ZnsXHokr81kpavtFKjgwHwYDVR0jBBgwFoAU QHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUFBwEB BHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0 b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RTeG0w dUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEF BQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEvMTE3 NzIyYzYtZTRhYi00YTJmLWEyYWUtMTFhOTc2MmExNTQ3LnJvYTCBlQYDVR0fBIGN MIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpv bmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUwYmVj OTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAkBtphgDANBgkqhkiG9w0BAQsFAAOCAQEAQxXdltY6+mauIXzvoN1TwD9q w1ivARJMbR0kRaWcHC+g34U9AT9WUFDl4xP7KbxiYkHnrI9eGqIGMxnEevJdJeuQ IfCF2fd92Yo9cHvUjGdzLXJn2GsqOIzbzBfQIZOYknv7qKHCaQ0G/Ze5+lx5QFmQ 19tQ9Rct30+uoActBaqc2rGDiXawDo39SuQy7MgUcHj64EAUtdYDkjSFmSFDQ8ic LbCMwi+Z5sv1BPMrqxeIkP148VUHlmL0q2CjHBYXZN3FycAyx2vCSA0+ZJ8NUzUq XfARzhOXlxehL+Fhgj3nEgb4mK+K5BcmaPBLTdz+fV+wA8Rv4I4MZYS88ECPuw== -----END CERTIFICATE-----Generated at Sun Mar 26 00:25:44 2023 by rpki-client on console-fra.rpki-client.org