$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c46839c-3f15-4f81-8b34-6fe264045216.roa File: 4c46839c-3f15-4f81-8b34-6fe264045216.roa (raw, json) Hash identifier: nfzlTY+hNfbSVYOfPRqoRF0QtyOPjeBO/9gJDRJUXtc= Subject key identifier: 60:B2:B9:B4:65:1D:82:00:20:A1:A5:5D:80:6E:76:F9:C4:4B:86:2C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6430C45764ADE0B1E4113646BEE5DF308326C137 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c46839c-3f15-4f81-8b34-6fe264045216.roa Signing time: Mon 06 Mar 2023 00:00:00 +0000 ROA not before: Mon 06 Mar 2023 00:00:00 +0000 ROA not after: Mon 10 Apr 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 16 Mar 2023 12:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:30:c4:57:64:ad:e0:b1:e4:11:36:46:be:e5:df:30:83:26:c1:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 6 00:00:00 2023 GMT Not After : Apr 10 23:59:59 2023 GMT Subject: serialNumber=9dde63a2b11025a8913dfe817bb57121965eda765f88a0b6902a8ec86853e619, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81, OU=Amazon RPKI, O=Amazon.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:80:88:33:40:1c:a5:cf:b1:f1:82:01:1e:08: d8:26:b0:d7:fe:53:e9:31:e4:0c:a3:e9:0f:ff:7b: 92:f7:32:ce:35:88:b9:06:cd:32:11:25:51:1d:4f: 39:24:57:f8:03:64:e5:87:62:f6:c5:2b:9c:c6:ab: 21:5f:67:16:d7:45:34:46:34:70:cf:24:c3:10:26: dc:94:bf:32:9f:5a:dc:4e:d7:72:28:1a:30:2a:5c: 55:aa:c2:50:e5:c1:26:3c:94:44:25:51:75:ef:aa: 70:99:44:98:72:a4:8f:a7:36:d9:dc:4a:55:6c:da: dc:27:1d:34:78:e3:ea:c9:a5:ab:44:ea:ca:30:13: a2:31:27:6b:07:0c:14:00:90:72:25:24:37:7c:f0: 9d:e2:02:20:71:87:a4:1b:14:8b:1f:91:fa:f1:04: 97:ef:97:ed:44:ea:cb:26:30:03:07:f2:87:a4:a8: 29:6c:41:34:58:26:06:f7:38:83:e0:de:da:08:19: 86:31:a3:04:72:c4:6b:ca:5f:0d:cb:05:4e:18:b2: 83:6f:bc:05:6f:71:b2:13:a0:29:c1:d0:df:26:35: 2d:dd:96:ab:d4:1d:78:d6:c8:a4:66:a5:d7:2d:c3: 20:2c:23:7d:08:8b:f1:52:ab:99:f9:00:5f:72:24: 96:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:B2:B9:B4:65:1D:82:00:20:A1:A5:5D:80:6E:76:F9:C4:4B:86:2C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c46839c-3f15-4f81-8b34-6fe264045216.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:9000::/40 Signature Algorithm: sha256WithRSAEncryption aa:33:46:ad:dd:e9:2b:1e:21:a1:a1:29:bf:6f:b7:a0:99:13: e7:92:2d:52:a8:87:0e:19:4e:d2:d8:f4:77:28:73:c9:b7:44: f9:ee:a0:14:f3:ff:2f:f8:a9:5c:f2:93:1b:cc:b2:6a:5f:69: 17:85:15:16:9a:20:f7:95:bd:d2:cc:80:02:d9:fd:cd:74:aa: 1e:e9:fa:ed:81:36:86:e6:55:90:c1:31:3a:8c:17:52:b4:79: f2:cd:ad:cf:c0:f8:5f:ff:80:7e:0c:29:39:b0:0b:cd:6c:61: e5:5d:f9:b9:39:5f:a8:f2:8a:19:7d:e7:e8:6d:f8:2e:18:83: 89:05:6b:a6:c6:6a:6d:a8:a5:e3:05:c7:99:1f:c3:35:ec:38: 60:a0:92:d3:96:07:3e:a6:11:b1:6f:e7:c1:a5:cc:bd:85:53: 7d:16:00:26:16:4a:d6:ed:2e:be:3e:48:7f:7a:61:56:74:60: 25:32:b9:49:57:77:5f:99:35:3e:82:6a:4d:47:34:fe:e7:18: 78:8e:83:7f:36:65:dd:26:cb:dd:c2:c8:64:c0:37:93:ed:2a: 91:fb:ec:33:b5:aa:82:e3:a3:14:2e:f1:63:ab:3d:36:e2:72: 02:90:2e:79:eb:fd:79:aa:28:4a:55:28:2f:95:2d:b2:08:46: d4:94:ec:3f -----BEGIN CERTIFICATE----- MIIFyjCCBLKgAwIBAgIUZDDEV2St4LHkETZGvuXfMIMmwTcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDMwNjAwMDAwMFoX DTIzMDQxMDIzNTk1OVowgaUxSTBHBgNVBAUTQDlkZGU2M2EyYjExMDI1YTg5MTNk ZmU4MTdiYjU3MTIxOTY1ZWRhNzY1Zjg4YTBiNjkwMmE4ZWM4Njg1M2U2MTkxLTAr BgNVBAMTJGMwYmYwZmU4LTcxN2MtNGY3Mi05YjQ1LWM5YzUxOTEzMmE4MTEUMBIG A1UECxMLQW1hem9uIFJQS0kxEzARBgNVBAoTCkFtYXpvbi5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJgIgzQBylz7HxggEeCNgmsNf+U+kx5Ayj 6Q//e5L3Ms41iLkGzTIRJVEdTzkkV/gDZOWHYvbFK5zGqyFfZxbXRTRGNHDPJMMQ JtyUvzKfWtxO13IoGjAqXFWqwlDlwSY8lEQlUXXvqnCZRJhypI+nNtncSlVs2twn HTR44+rJpatE6sowE6IxJ2sHDBQAkHIlJDd88J3iAiBxh6QbFIsfkfrxBJfvl+1E 6ssmMAMH8oekqClsQTRYJgb3OIPg3toIGYYxowRyxGvKXw3LBU4YsoNvvAVvcbIT oCnB0N8mNS3dlqvUHXjWyKRmpdctwyAsI30Ii/FSq5n5AF9yJJanAgMBAAGjggJK MIICRjAdBgNVHQ4EFgQUYLK5tGUdggAgoaVdgG52+cRLhiwwHwYDVR0jBBgwFoAU QHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUFBwEB BHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0 b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RTeG0w dUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEF BQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEvNGM0 NjgzOWMtM2YxNS00ZjgxLThiMzQtNmZlMjY0MDQ1MjE2LnJvYTCBlQYDVR0fBIGN MIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpv bmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUwYmVj OTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAkBtpwkDANBgkqhkiG9w0BAQsFAAOCAQEAqjNGrd3pKx4hoaEpv2+3oJkT 55ItUqiHDhlO0tj0dyhzybdE+e6gFPP/L/ipXPKTG8yyal9pF4UVFpog95W90syA Atn9zXSqHun67YE2huZVkMExOowXUrR58s2tz8D4X/+AfgwpObALzWxh5V35uTlf qPKKGX3n6G34LhiDiQVrpsZqbail4wXHmR/DNew4YKCS05YHPqYRsW/nwaXMvYVT fRYAJhZK1u0uvj5If3phVnRgJTK5SVd3X5k1PoJqTUc0/ucYeI6DfzZl3SbL3cLI ZMA3k+0qkfvsM7WqguOjFC7xY6s9NuJyApAueev9eaooSlUoL5UtsghG1JTsPw== -----END CERTIFICATE-----Generated at Wed Mar 15 11:42:44 2023 by rpki-client on console-ams.rpki-client.org