$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa File: 4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa (raw, json) Hash identifier: YooI/Fk5F7e5tp5y78ofrZTMDvYBJ6BCFIpYz6qSTYw= Subject key identifier: 8F:78:55:EC:57:AC:AE:27:2F:C4:71:0E:BE:A5:37:83:6B:09:98:C2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 41D26E302441773A74B3A4501B4751E246A1913E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa Signing time: Mon 06 Mar 2023 00:00:00 +0000 ROA not before: Mon 06 Mar 2023 00:00:00 +0000 ROA not after: Mon 10 Apr 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafa:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 16 Mar 2023 12:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:d2:6e:30:24:41:77:3a:74:b3:a4:50:1b:47:51:e2:46:a1:91:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 6 00:00:00 2023 GMT Not After : Apr 10 23:59:59 2023 GMT Subject: serialNumber=eaeef08f907d8fda2b32f687af13fe0a2dd72826dc03c2b0fdcf9994189acdd3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81, OU=Amazon RPKI, O=Amazon.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:e6:aa:14:cb:6a:54:74:95:97:c6:6b:2e:82: a0:8f:ed:f2:9f:5f:0e:59:4a:18:d0:ad:ec:c1:31: 2b:3e:e7:17:c4:fc:9a:2e:b6:a3:c8:8c:7e:86:d6: a6:c5:eb:22:3d:00:a6:6f:02:39:8b:ca:a5:c4:27: 71:dd:f4:b5:c9:f9:67:98:98:fd:f3:94:93:5c:54: 19:39:c0:b3:b2:ec:a0:88:ca:c1:53:7c:1d:9e:9d: 12:78:ec:cb:74:1a:97:52:e5:0b:85:45:4b:38:ba: b8:06:ac:2e:8f:69:74:e0:e0:13:f6:8e:16:8a:0f: 8d:65:c2:b6:1c:8d:cf:15:cc:ac:81:1a:c2:ca:5b: 68:3f:03:2f:17:72:92:95:00:85:a3:ff:f4:7b:37: 38:28:fc:71:ac:88:48:6f:8e:ac:19:6b:c5:ec:ae: 73:52:3f:da:c5:72:e4:bc:df:c6:61:63:16:dd:ba: 8a:e0:f8:dd:cf:7a:23:b3:2e:2b:4e:14:86:c3:81: 19:bc:cd:4b:5d:2d:3d:17:22:8e:c8:a9:38:d8:e4: 5c:ca:9b:ab:86:4c:07:76:3a:56:83:40:3e:88:46: 0b:e0:34:45:d0:3c:8b:38:02:78:63:95:97:00:3f: 54:bf:93:13:05:6b:30:26:ec:fd:a0:ce:34:67:cd: 4e:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:78:55:EC:57:AC:AE:27:2F:C4:71:0E:BE:A5:37:83:6B:09:98:C2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafa:4000::/40 Signature Algorithm: sha256WithRSAEncryption 18:b7:9e:09:ad:22:fe:97:3d:5f:9f:d5:b7:d0:c8:06:87:75: cb:91:50:72:bf:fc:fe:91:04:c5:a9:69:15:0c:47:06:17:5c: 65:13:8a:4f:45:3e:30:d6:1c:dd:e8:42:7a:dc:06:53:4b:89: a4:4e:76:52:d4:21:c5:b5:3f:9d:83:8f:84:e7:43:a8:c4:99: eb:20:97:95:81:1a:0c:1c:a8:69:15:53:4b:e7:be:25:23:e1: 79:a0:e1:a2:11:a6:64:2c:76:df:19:7b:0a:a9:ba:dd:a6:7e: 6a:e7:cb:44:65:4c:24:da:8c:04:32:b8:f4:c3:10:fb:0e:85: 47:f1:2c:d5:73:e1:ba:9f:92:8e:73:5a:88:79:eb:c2:77:15: 8b:38:07:5b:ce:21:6c:f8:cb:13:e5:24:85:74:a4:47:66:1e: 7a:38:b0:09:b0:4e:fa:12:e0:4c:5a:14:a5:37:19:58:9c:7c: 4f:d5:40:59:7d:b2:e8:3e:9a:ba:8a:ea:ce:c2:07:c7:cb:7d: 7e:49:35:08:b3:71:a7:fc:66:6e:ad:12:64:35:75:32:23:00: ec:65:2b:bc:2e:02:8c:fd:b8:ee:85:54:b1:e8:d2:af:be:88: 55:c3:59:60:ca:43:59:53:e9:79:d6:87:c1:1f:ee:66:b9:da: 83:31:65:d4 -----BEGIN CERTIFICATE----- MIIFyjCCBLKgAwIBAgIUQdJuMCRBdzp0s6RQG0dR4kahkT4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDMwNjAwMDAwMFoX DTIzMDQxMDIzNTk1OVowgaUxSTBHBgNVBAUTQGVhZWVmMDhmOTA3ZDhmZGEyYjMy ZjY4N2FmMTNmZTBhMmRkNzI4MjZkYzAzYzJiMGZkY2Y5OTk0MTg5YWNkZDMxLTAr BgNVBAMTJGMwYmYwZmU4LTcxN2MtNGY3Mi05YjQ1LWM5YzUxOTEzMmE4MTEUMBIG A1UECxMLQW1hem9uIFJQS0kxEzARBgNVBAoTCkFtYXpvbi5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl5qoUy2pUdJWXxmsugqCP7fKfXw5ZShjQ rezBMSs+5xfE/JoutqPIjH6G1qbF6yI9AKZvAjmLyqXEJ3Hd9LXJ+WeYmP3zlJNc VBk5wLOy7KCIysFTfB2enRJ47Mt0GpdS5QuFRUs4urgGrC6PaXTg4BP2jhaKD41l wrYcjc8VzKyBGsLKW2g/Ay8XcpKVAIWj//R7Nzgo/HGsiEhvjqwZa8XsrnNSP9rF cuS838ZhYxbduorg+N3PeiOzLitOFIbDgRm8zUtdLT0XIo7IqTjY5FzKm6uGTAd2 OlaDQD6IRgvgNEXQPIs4AnhjlZcAP1S/kxMFazAm7P2gzjRnzU69AgMBAAGjggJK MIICRjAdBgNVHQ4EFgQUj3hV7FesricvxHEOvqU3g2sJmMIwHwYDVR0jBBgwFoAU QHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUFBwEB BHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0 b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RTeG0w dUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEF BQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEvNGQ1 YTg1MTMtMjFlNS00YWY3LWIxYjktZTg1YmM4ZTE2ZWI4LnJvYTCBlQYDVR0fBIGN MIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpv bmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUwYmVj OTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAkBtr6QDANBgkqhkiG9w0BAQsFAAOCAQEAGLeeCa0i/pc9X5/Vt9DIBod1 y5FQcr/8/pEExalpFQxHBhdcZROKT0U+MNYc3ehCetwGU0uJpE52UtQhxbU/nYOP hOdDqMSZ6yCXlYEaDByoaRVTS+e+JSPheaDhohGmZCx23xl7Cqm63aZ+aufLRGVM JNqMBDK49MMQ+w6FR/Es1XPhup+SjnNaiHnrwncVizgHW84hbPjLE+UkhXSkR2Ye ejiwCbBO+hLgTFoUpTcZWJx8T9VAWX2y6D6auorqzsIHx8t9fkk1CLNxp/xmbq0S ZDV1MiMA7GUrvC4CjP247oVUsejSr76IVcNZYMpDWVPpedaHwR/uZrnagzFl1A== -----END CERTIFICATE-----Generated at Wed Mar 15 11:42:44 2023 by rpki-client on console-ams.rpki-client.org