$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d0d3d64-afcc-4838-bca0-f7693f145edf.roa File: 4d0d3d64-afcc-4838-bca0-f7693f145edf.roa (raw, json) Hash identifier: hkOJsq22jf6AK7T725ZkIP7htTQRCyvsorB3pRDA7DI= Subject key identifier: 23:57:2D:AF:F4:0C:4A:B0:9D:1A:F0:09:40:85:F4:63:B6:F6:DE:C3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1B0BD9901D4040E814E5E8FDC354DF62267380A6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d0d3d64-afcc-4838-bca0-f7693f145edf.roa Signing time: Mon 27 Mar 2023 00:00:00 +0000 ROA not before: Mon 27 Mar 2023 00:00:00 +0000 ROA not after: Mon 01 May 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Mar 2023 12:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:0b:d9:90:1d:40:40:e8:14:e5:e8:fd:c3:54:df:62:26:73:80:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 27 00:00:00 2023 GMT Not After : May 1 23:59:59 2023 GMT Subject: serialNumber=391dcffab8d7795f1ee010291570ae55e5602b355a1ef30431c79271f7f37f29, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81, OU=Amazon RPKI, O=Amazon.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:56:68:d5:51:83:25:89:d3:6e:83:7a:43:3c: 9b:9b:86:92:0e:39:c2:28:18:71:4c:87:3e:b5:96: 35:20:fc:4d:bf:22:30:1e:26:41:78:d8:cb:8b:29: ba:01:f6:14:8d:ee:d5:c1:a4:3c:82:f7:9f:1b:0e: 4a:22:b8:64:6d:19:a8:5f:3c:37:49:40:8b:fa:a9: 5f:61:84:5d:44:14:55:86:50:fc:43:94:e0:74:28: 76:41:52:1a:ea:31:44:22:9d:fa:29:cd:bf:d9:d0: e2:7e:6d:18:c7:d9:ae:65:35:0b:65:c0:c6:63:2d: 80:2c:c8:dc:92:bb:fa:58:28:6a:ae:ff:b0:86:3a: a0:5b:c3:54:75:2e:bd:b2:68:71:43:7b:b3:3b:6a: 1a:c5:5d:00:6d:7b:8a:c0:2c:cd:83:d7:85:fa:0c: ef:fe:5a:1b:75:70:11:f2:38:5b:01:cb:16:30:85: e4:2f:6b:f4:b8:31:2e:a3:c2:5a:b8:a5:8d:ed:69: 13:82:ab:8b:6a:64:31:a1:44:5c:3b:f0:95:73:2d: 7c:77:9c:68:dd:c7:df:66:c1:bc:2f:e8:be:35:21: 84:ff:61:13:d4:89:e1:46:ef:15:1f:ea:05:8c:e0: f2:c4:c9:29:bf:c1:70:79:c1:97:0a:d3:eb:a4:82: 81:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:57:2D:AF:F4:0C:4A:B0:9D:1A:F0:09:40:85:F4:63:B6:F6:DE:C3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d0d3d64-afcc-4838-bca0-f7693f145edf.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:b000::/40 Signature Algorithm: sha256WithRSAEncryption 65:30:f4:1d:e4:47:5e:53:ff:1a:95:fc:56:51:da:07:ce:fc: 67:ae:f8:94:b1:bb:5b:55:c8:8b:9f:c3:7b:11:8c:e7:39:6e: bf:03:46:bb:5f:d6:35:ab:41:f0:a1:73:66:ec:b6:04:1e:34: 8f:f4:f2:6d:58:1f:17:e3:04:e2:ab:b7:bb:d4:3a:76:46:28: 5b:25:02:d1:56:ab:24:be:82:70:90:f2:14:0f:3b:e0:f9:1d: 5d:8a:a9:fa:4a:fa:b6:e2:f6:aa:cb:d9:1e:4c:2b:b6:ae:53: b8:6a:28:f2:17:8a:19:15:30:de:b6:b2:30:04:ac:9a:d9:3e: 5d:fd:e2:ee:8b:d4:db:2b:55:f8:0a:2b:3a:fe:ff:5b:98:42: 53:b6:55:85:11:61:af:df:c3:ba:10:19:67:f0:60:88:7f:cb: 66:ed:fe:e0:62:3b:3a:a3:6c:8b:6e:d8:fa:0d:4a:63:57:73: 46:a6:1e:a1:1b:a1:71:85:1d:19:2d:ea:71:e6:e7:60:7b:60: bd:9f:c8:3e:dc:d8:70:3e:d6:45:32:ae:ea:77:7e:10:5b:97: bf:f7:2c:0f:61:ad:d7:4d:5b:61:a0:ac:b3:81:a2:51:58:c4: 97:af:b5:2c:aa:97:61:bf:95:9b:64:92:34:ec:ea:0c:11:6e: 5d:4f:3f:64 -----BEGIN CERTIFICATE----- MIIFyjCCBLKgAwIBAgIUGwvZkB1AQOgU5ej9w1TfYiZzgKYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDMyNzAwMDAwMFoX DTIzMDUwMTIzNTk1OVowgaUxSTBHBgNVBAUTQDM5MWRjZmZhYjhkNzc5NWYxZWUw MTAyOTE1NzBhZTU1ZTU2MDJiMzU1YTFlZjMwNDMxYzc5MjcxZjdmMzdmMjkxLTAr BgNVBAMTJGMwYmYwZmU4LTcxN2MtNGY3Mi05YjQ1LWM5YzUxOTEzMmE4MTEUMBIG A1UECxMLQW1hem9uIFJQS0kxEzARBgNVBAoTCkFtYXpvbi5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyVmjVUYMlidNug3pDPJubhpIOOcIoGHFM hz61ljUg/E2/IjAeJkF42MuLKboB9hSN7tXBpDyC958bDkoiuGRtGahfPDdJQIv6 qV9hhF1EFFWGUPxDlOB0KHZBUhrqMUQinfopzb/Z0OJ+bRjH2a5lNQtlwMZjLYAs yNySu/pYKGqu/7CGOqBbw1R1Lr2yaHFDe7M7ahrFXQBte4rALM2D14X6DO/+Wht1 cBHyOFsByxYwheQva/S4MS6jwlq4pY3taROCq4tqZDGhRFw78JVzLXx3nGjdx99m wbwv6L41IYT/YRPUieFG7xUf6gWM4PLEySm/wXB5wZcK0+ukgoH7AgMBAAGjggJK MIICRjAdBgNVHQ4EFgQUI1ctr/QMSrCdGvAJQIX0Y7b23sMwHwYDVR0jBBgwFoAU QHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUFBwEB BHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0 b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RTeG0w dUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEF BQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEvNGQw ZDNkNjQtYWZjYy00ODM4LWJjYTAtZjc2OTNmMTQ1ZWRmLnJvYTCBlQYDVR0fBIGN MIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpv bmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUwYmVj OTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAkBtrxsDANBgkqhkiG9w0BAQsFAAOCAQEAZTD0HeRHXlP/GpX8VlHaB878 Z674lLG7W1XIi5/DexGM5zluvwNGu1/WNatB8KFzZuy2BB40j/TybVgfF+ME4qu3 u9Q6dkYoWyUC0VarJL6CcJDyFA874PkdXYqp+kr6tuL2qsvZHkwrtq5TuGoo8heK GRUw3rayMASsmtk+Xf3i7ovU2ytV+AorOv7/W5hCU7ZVhRFhr9/DuhAZZ/BgiH/L Zu3+4GI7OqNsi27Y+g1KY1dzRqYeoRuhcYUdGS3qcebnYHtgvZ/IPtzYcD7WRTKu 6nd+EFuXv/csD2Gt101bYaCss4GiUVjEl6+1LKqXYb+Vm2SSNOzqDBFuXU8/ZA== -----END CERTIFICATE-----Generated at Mon Mar 27 00:26:57 2023 by rpki-client on console-fra.rpki-client.org