$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/64aa810d-cc7f-45fe-b794-d290c3a511c5.roa File: 64aa810d-cc7f-45fe-b794-d290c3a511c5.roa (raw, json) Hash identifier: f7TCQ2U2jdgonevH+2IDqvpIHv5lcFms+9UxbnTnJAc= Subject key identifier: DF:14:84:98:E1:30:AB:E1:CA:36:54:9E:AE:5A:E9:48:09:56:C1:F7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 424400091C85A47F4A91E7190B3BF2B756058D5D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/64aa810d-cc7f-45fe-b794-d290c3a511c5.roa Signing time: Mon 27 Mar 2023 00:00:00 +0000 ROA not before: Mon 27 Mar 2023 00:00:00 +0000 ROA not after: Mon 01 May 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Mar 2023 12:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:44:00:09:1c:85:a4:7f:4a:91:e7:19:0b:3b:f2:b7:56:05:8d:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 27 00:00:00 2023 GMT Not After : May 1 23:59:59 2023 GMT Subject: serialNumber=be833ad69f4e03516531d6adf248d10d9eff492a607a54335726c9ecdf10811b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81, OU=Amazon RPKI, O=Amazon.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:33:dc:b7:4e:6b:52:60:47:79:46:8b:28:e2: 03:23:d2:cc:fb:5b:d2:bb:7d:4e:d9:30:32:99:84: dc:e2:ff:b4:3c:c6:7e:8e:16:46:48:a1:68:e3:d9: 78:5e:28:0d:e7:4e:32:8d:6d:f4:b1:d4:72:f7:13: 03:72:79:21:7a:cf:3b:35:ae:0b:e7:67:d4:0f:d8: da:b0:25:2c:ae:d1:ce:e5:97:f1:35:db:3c:a0:6a: e5:a2:cf:c4:bd:91:25:51:5e:64:86:bb:b5:e9:c8: 48:cf:19:9d:62:44:bd:a9:7d:67:b5:b5:00:26:44: ae:29:19:f5:1a:31:ed:d9:a0:f2:bb:f2:dd:07:2b: a2:a7:b0:4c:99:4a:9f:3e:bd:0b:7c:99:fe:56:c2: 2a:96:63:41:84:d5:bf:22:0d:fd:78:ff:75:df:6d: cd:ae:5f:bf:81:49:cf:c1:a0:60:89:f0:07:77:db: 5f:d1:b3:47:50:ec:c6:89:3f:b1:6b:5f:31:03:21: 40:db:4d:43:68:3f:b4:49:5d:e8:fa:d8:69:49:cc: b4:01:84:c4:b8:1a:f8:1b:c9:8a:9e:59:b0:ee:61: 21:42:bd:ad:2d:17:40:52:35:9c:72:3a:a0:a0:c8: a5:73:57:92:a0:b5:3e:bd:9e:23:6e:78:5c:6c:a9: 86:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:14:84:98:E1:30:AB:E1:CA:36:54:9E:AE:5A:E9:48:09:56:C1:F7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/64aa810d-cc7f-45fe-b794-d290c3a511c5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:e000::/40 Signature Algorithm: sha256WithRSAEncryption 28:72:39:c4:fa:bb:67:e9:5a:3b:37:f1:42:fb:5f:a8:a9:1c: fd:2c:14:52:1b:9d:c4:78:4d:3f:cd:69:9a:76:95:24:a1:a5: 9b:2d:0c:45:f0:03:16:45:1a:94:81:68:86:15:18:b1:72:e1: 5d:cc:29:3e:e3:9d:85:0a:49:25:88:ad:e4:99:2e:a2:f3:02: 9c:f0:89:37:38:e2:87:bc:09:99:f1:cc:1a:8c:fa:2f:15:31: 6f:76:6f:b6:4d:22:21:13:fc:08:6d:58:f7:23:41:4c:3b:50: 2b:7c:4f:4d:41:18:d2:c1:b9:5c:8b:5d:76:4d:cb:5a:2c:b5: b7:50:80:0e:84:b4:81:12:e0:b0:91:aa:ea:ce:9a:9d:7a:dc: fc:4c:db:cf:34:57:40:c4:04:6b:d8:50:d8:72:19:e8:47:0e: ce:62:fd:d6:78:6b:1e:2c:be:84:0a:16:1f:68:3f:c5:44:c5: e6:aa:a9:69:98:e9:4d:91:f6:c8:d2:18:c7:f3:7e:47:bb:09: f8:de:2a:6e:dc:ed:8b:17:98:b6:47:3e:8f:ab:31:3e:3c:61: 5b:ec:e8:f9:e1:53:3d:ea:c6:3b:f1:aa:8e:13:de:f7:ae:52: 1c:0e:b9:b7:6a:ec:7a:67:0a:27:e0:21:af:17:68:1c:6e:f5: 3d:8b:81:53 -----BEGIN CERTIFICATE----- MIIFyjCCBLKgAwIBAgIUQkQACRyFpH9KkecZCzvyt1YFjV0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDMyNzAwMDAwMFoX DTIzMDUwMTIzNTk1OVowgaUxSTBHBgNVBAUTQGJlODMzYWQ2OWY0ZTAzNTE2NTMx ZDZhZGYyNDhkMTBkOWVmZjQ5MmE2MDdhNTQzMzU3MjZjOWVjZGYxMDgxMWIxLTAr BgNVBAMTJGMwYmYwZmU4LTcxN2MtNGY3Mi05YjQ1LWM5YzUxOTEzMmE4MTEUMBIG A1UECxMLQW1hem9uIFJQS0kxEzARBgNVBAoTCkFtYXpvbi5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVM9y3TmtSYEd5Roso4gMj0sz7W9K7fU7Z MDKZhNzi/7Q8xn6OFkZIoWjj2XheKA3nTjKNbfSx1HL3EwNyeSF6zzs1rgvnZ9QP 2NqwJSyu0c7ll/E12zygauWiz8S9kSVRXmSGu7XpyEjPGZ1iRL2pfWe1tQAmRK4p GfUaMe3ZoPK78t0HK6KnsEyZSp8+vQt8mf5WwiqWY0GE1b8iDf14/3Xfbc2uX7+B Sc/BoGCJ8Ad321/Rs0dQ7MaJP7FrXzEDIUDbTUNoP7RJXej62GlJzLQBhMS4Gvgb yYqeWbDuYSFCva0tF0BSNZxyOqCgyKVzV5KgtT69niNueFxsqYZhAgMBAAGjggJK MIICRjAdBgNVHQ4EFgQU3xSEmOEwq+HKNlSerlrpSAlWwfcwHwYDVR0jBBgwFoAU QHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUFBwEB BHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0 b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RTeG0w dUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEF BQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEvNjRh YTgxMGQtY2M3Zi00NWZlLWI3OTQtZDI5MGMzYTUxMWM1LnJvYTCBlQYDVR0fBIGN MIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpv bmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUwYmVj OTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAkBtrx4DANBgkqhkiG9w0BAQsFAAOCAQEAKHI5xPq7Z+laOzfxQvtfqKkc /SwUUhudxHhNP81pmnaVJKGlmy0MRfADFkUalIFohhUYsXLhXcwpPuOdhQpJJYit 5JkuovMCnPCJNzjih7wJmfHMGoz6LxUxb3Zvtk0iIRP8CG1Y9yNBTDtQK3xPTUEY 0sG5XItddk3LWiy1t1CADoS0gRLgsJGq6s6anXrc/EzbzzRXQMQEa9hQ2HIZ6EcO zmL91nhrHiy+hAoWH2g/xUTF5qqpaZjpTZH2yNIYx/N+R7sJ+N4qbtztixeYtkc+ j6sxPjxhW+zo+eFTPerGO/GqjhPe965SHA65t2rsemcKJ+AhrxdoHG71PYuBUw== -----END CERTIFICATE-----Generated at Mon Mar 27 00:42:43 2023 by rpki-client on console-ams.rpki-client.org