$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/60bdc157-596d-496e-bdbc-bada0f6826ad.roa File: 60bdc157-596d-496e-bdbc-bada0f6826ad.roa (raw, json) Hash identifier: xM9cXW1fiMJCsxURppIOoxTHokTmsOco/1JueNZlqNA= Subject key identifier: 15:61:C4:2D:FE:70:42:E0:C2:74:F8:F2:16:99:69:F7:6A:C9:A7:A8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0DC696E63500406C8E27DC28C5AE8B040DF3DAB8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/60bdc157-596d-496e-bdbc-bada0f6826ad.roa Signing time: Thu 02 Mar 2023 00:00:00 +0000 ROA not before: Thu 02 Mar 2023 00:00:00 +0000 ROA not after: Thu 06 Apr 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafc:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 16 Mar 2023 12:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:c6:96:e6:35:00:40:6c:8e:27:dc:28:c5:ae:8b:04:0d:f3:da:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 2 00:00:00 2023 GMT Not After : Apr 6 23:59:59 2023 GMT Subject: serialNumber=ff8ea465d4b18b1d92bd29bb2acdabbb7c33cc2a2457afd60fa66efb078172ee, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81, OU=Amazon RPKI, O=Amazon.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:8f:72:73:d9:f5:a3:f5:25:72:ac:92:1a:73: 34:84:58:60:08:2f:da:28:48:e5:66:3c:9b:fb:5c: 05:9a:01:6a:4c:f6:b8:84:13:cf:3f:31:ed:3b:28: c2:df:0a:76:eb:ad:7b:47:df:6c:be:26:e5:e4:98: d8:23:8e:f6:9f:07:a4:44:1c:ab:97:d8:b2:b6:2a: bf:3c:de:aa:cb:2f:4b:1c:42:e5:6b:82:91:ce:6a: de:f0:32:6c:87:a4:08:bd:88:95:c6:58:4b:1d:0a: a7:23:34:c6:a3:62:d5:45:d7:b4:cf:cc:ce:31:bf: f6:6b:d1:e5:eb:e3:75:a5:fd:7f:38:65:2c:18:5f: d2:e2:3d:0c:1b:53:bc:cd:6f:40:11:35:ff:b5:b9: 29:b4:99:f4:68:5b:a5:4c:1e:69:13:e6:b4:4a:f3: 88:5d:a7:ce:50:00:e3:ef:60:13:92:f7:9c:ea:20: 7c:98:96:cf:d2:c9:fa:0e:c3:f6:38:0b:c8:e7:66: 92:42:99:f1:43:4c:01:53:d5:8c:36:a6:d0:e7:86: c9:8c:92:8c:9d:da:7a:25:ad:ab:cb:34:fe:ea:07: 7a:47:8f:cc:66:b0:ac:cb:3f:39:ab:72:6b:7e:40: b4:85:bc:ef:04:b8:f0:15:a0:c1:6c:d9:f1:f9:3c: 0c:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:61:C4:2D:FE:70:42:E0:C2:74:F8:F2:16:99:69:F7:6A:C9:A7:A8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/60bdc157-596d-496e-bdbc-bada0f6826ad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafc:a000::/40 Signature Algorithm: sha256WithRSAEncryption 9e:75:8a:ed:00:47:cb:77:64:aa:d3:43:fe:e8:8d:57:a6:95: 11:4f:a7:26:72:ca:c9:6c:2a:2c:84:0d:d4:99:72:3b:52:fb: 7b:1c:e5:c2:e1:27:17:a1:ac:16:d3:2a:c9:47:af:7b:1f:bd: 87:6d:5f:8e:50:9f:86:33:c6:2c:f4:54:81:24:e0:5e:15:83: dd:9a:06:a9:2e:9f:c0:5e:75:6c:cd:00:fa:28:21:30:3e:65: c3:f7:aa:17:4a:53:6c:a1:25:80:d8:2d:67:c2:df:ae:e2:e7: 17:73:b6:87:0d:18:be:0a:76:a6:68:15:c0:1d:cf:ae:43:c4: 42:7f:60:82:fa:3d:9f:94:96:88:99:de:67:56:73:d3:2b:c5: 70:1b:3b:22:ba:90:44:7e:f3:b6:db:5e:94:2f:40:05:c2:75: c1:1f:78:fa:84:c9:c3:d7:55:b1:3b:bb:9d:cc:87:c1:f5:3f: 26:d3:a3:3a:f9:67:40:24:d2:fb:63:3e:63:4a:1a:b4:07:0f: d5:fb:c4:9d:c8:d8:98:69:4e:ce:75:4c:e3:54:41:8e:40:14: bc:c1:61:0a:9c:b6:fd:41:66:fd:fe:a3:be:57:64:74:8b:be: 2f:6d:af:d1:51:63:f3:b6:83:24:4a:f7:67:3f:d3:b4:d1:12: 07:b5:bc:9b -----BEGIN CERTIFICATE----- MIIFyjCCBLKgAwIBAgIUDcaW5jUAQGyOJ9woxa6LBA3z2rgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDMwMjAwMDAwMFoX DTIzMDQwNjIzNTk1OVowgaUxSTBHBgNVBAUTQGZmOGVhNDY1ZDRiMThiMWQ5MmJk MjliYjJhY2RhYmJiN2MzM2NjMmEyNDU3YWZkNjBmYTY2ZWZiMDc4MTcyZWUxLTAr BgNVBAMTJGMwYmYwZmU4LTcxN2MtNGY3Mi05YjQ1LWM5YzUxOTEzMmE4MTEUMBIG A1UECxMLQW1hem9uIFJQS0kxEzARBgNVBAoTCkFtYXpvbi5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDij3Jz2fWj9SVyrJIaczSEWGAIL9ooSOVm PJv7XAWaAWpM9riEE88/Me07KMLfCnbrrXtH32y+JuXkmNgjjvafB6REHKuX2LK2 Kr883qrLL0scQuVrgpHOat7wMmyHpAi9iJXGWEsdCqcjNMajYtVF17TPzM4xv/Zr 0eXr43Wl/X84ZSwYX9LiPQwbU7zNb0ARNf+1uSm0mfRoW6VMHmkT5rRK84hdp85Q AOPvYBOS95zqIHyYls/SyfoOw/Y4C8jnZpJCmfFDTAFT1Yw2ptDnhsmMkoyd2nol ravLNP7qB3pHj8xmsKzLPzmrcmt+QLSFvO8EuPAVoMFs2fH5PAwrAgMBAAGjggJK MIICRjAdBgNVHQ4EFgQUFWHELf5wQuDCdPjyFplp92rJp6gwHwYDVR0jBBgwFoAU QHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUFBwEB BHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0 b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RTeG0w dUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEF BQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEvNjBi ZGMxNTctNTk2ZC00OTZlLWJkYmMtYmFkYTBmNjgyNmFkLnJvYTCBlQYDVR0fBIGN MIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpv bmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUwYmVj OTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAkBtr8oDANBgkqhkiG9w0BAQsFAAOCAQEAnnWK7QBHy3dkqtND/uiNV6aV EU+nJnLKyWwqLIQN1JlyO1L7exzlwuEnF6GsFtMqyUevex+9h21fjlCfhjPGLPRU gSTgXhWD3ZoGqS6fwF51bM0A+ighMD5lw/eqF0pTbKElgNgtZ8LfruLnF3O2hw0Y vgp2pmgVwB3PrkPEQn9ggvo9n5SWiJneZ1Zz0yvFcBs7IrqQRH7ztttelC9ABcJ1 wR94+oTJw9dVsTu7ncyHwfU/JtOjOvlnQCTS+2M+Y0oatAcP1fvEncjYmGlOznVM 41RBjkAUvMFhCpy2/UFm/f6jvldkdIu+L22v0VFj87aDJEr3Zz/TtNESB7W8mw== -----END CERTIFICATE-----Generated at Wed Mar 15 11:42:44 2023 by rpki-client on console-ams.rpki-client.org