$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/794feada-3f8b-4a7b-8954-992fddba3191.roa File: 794feada-3f8b-4a7b-8954-992fddba3191.roa (raw, json) Hash identifier: d9Dfjh2V50gaVvZvEGsCN0vOS4B/WWS1QaUWTHSpgX0= Subject key identifier: 7E:8E:C4:B1:39:F7:27:7C:B7:36:85:22:0E:49:4A:93:D9:E0:9A:9A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 10BDA80D9EFB967E674DC6F25CD32F4086A50F78 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/794feada-3f8b-4a7b-8954-992fddba3191.roa Signing time: Thu 02 Mar 2023 00:00:00 +0000 ROA not before: Thu 02 Mar 2023 00:00:00 +0000 ROA not after: Thu 06 Apr 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 16 Mar 2023 12:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:bd:a8:0d:9e:fb:96:7e:67:4d:c6:f2:5c:d3:2f:40:86:a5:0f:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 2 00:00:00 2023 GMT Not After : Apr 6 23:59:59 2023 GMT Subject: serialNumber=9878ca3ff0a675e6694e123904b962cafb54573f47675a456e0edd3a6f74a51d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81, OU=Amazon RPKI, O=Amazon.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:11:ed:2a:02:a5:0b:db:96:a7:ce:8d:7d:8b: 57:32:24:e1:e7:81:73:f5:7c:dd:1f:4d:ad:01:f8: a0:e7:99:69:24:69:12:38:c1:2d:77:9f:c4:f4:99: 14:51:da:a9:60:6a:7a:37:85:5f:51:5e:0c:59:0b: 17:bb:e1:85:9c:d4:8b:16:62:e9:93:87:ba:55:d9: 2a:f7:c2:06:d1:ce:e2:98:d4:10:a2:59:21:fc:3b: 85:9b:fc:38:91:3e:5a:2d:f3:60:9f:47:5f:ea:a8: 00:da:6e:db:32:85:44:cd:5a:e3:55:f0:4e:36:5d: 03:fb:b2:62:33:65:6d:79:49:f2:e4:70:71:7a:2c: 07:bb:9c:77:74:5d:03:08:f6:61:ce:ee:23:9c:81: 5c:2e:73:57:c3:fb:92:b3:df:c6:f8:09:31:76:87: 26:d4:b9:35:4b:fb:b8:44:96:e1:06:85:65:ad:30: 78:6a:f3:a1:3e:d5:f2:e6:09:dd:61:c7:b9:7e:8a: b0:dd:d2:f1:77:37:72:54:d7:d6:11:6e:60:4b:f9: b6:8c:5d:f5:ba:36:7e:a5:44:8d:28:be:c3:27:59: 83:c0:18:4f:95:32:73:db:56:61:61:32:af:fc:ca: 81:a0:01:ef:b9:2c:c6:2f:f8:2e:a1:4b:8e:15:f8: 66:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:8E:C4:B1:39:F7:27:7C:B7:36:85:22:0E:49:4A:93:D9:E0:9A:9A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/794feada-3f8b-4a7b-8954-992fddba3191.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:a000::/40 Signature Algorithm: sha256WithRSAEncryption 05:e1:90:ba:ae:a4:62:03:d0:b5:b6:63:4d:5e:7f:d0:f9:66: 2d:4c:2c:67:4c:b2:93:b3:cc:7e:7f:1c:97:ad:83:22:05:2a: c9:7f:ab:df:69:70:7c:e4:bc:ef:b5:64:45:f2:25:f6:54:e5: 00:26:85:8b:ac:cb:58:a2:90:90:f2:61:00:c0:32:b3:08:80: 2e:b5:54:9a:05:cd:dc:a0:b5:42:78:94:b5:9c:dc:27:5c:75: 26:3b:41:fc:84:10:df:e4:a6:81:48:12:6f:d7:1f:d0:b2:cb: df:6f:19:95:b5:3e:59:39:19:0c:18:8f:fa:43:62:c5:13:67: b4:10:bb:1c:a6:9e:7e:0f:25:78:12:3a:0a:fc:a4:c5:2a:74: d7:90:75:c3:8f:d0:08:75:0f:12:f2:d1:d0:cd:01:2d:d4:2e: cd:7f:ab:c9:46:9e:bc:e4:72:94:0c:c5:d9:62:62:5b:c3:d1: 90:54:c9:a6:cb:80:4a:e5:d7:33:4c:d6:5c:93:7f:43:36:65: df:81:f0:65:8d:83:9d:28:11:38:b4:66:c5:7a:8d:69:54:1c: 0f:18:a0:7c:00:c6:eb:4a:6f:18:91:39:37:06:62:c5:97:13: ed:3f:10:4c:da:9b:9d:14:bc:49:62:9c:90:10:ab:3d:38:7a: ec:5e:cb:ca -----BEGIN CERTIFICATE----- MIIFyjCCBLKgAwIBAgIUEL2oDZ77ln5nTcbyXNMvQIalD3gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDMwMjAwMDAwMFoX DTIzMDQwNjIzNTk1OVowgaUxSTBHBgNVBAUTQDk4NzhjYTNmZjBhNjc1ZTY2OTRl MTIzOTA0Yjk2MmNhZmI1NDU3M2Y0NzY3NWE0NTZlMGVkZDNhNmY3NGE1MWQxLTAr BgNVBAMTJGMwYmYwZmU4LTcxN2MtNGY3Mi05YjQ1LWM5YzUxOTEzMmE4MTEUMBIG A1UECxMLQW1hem9uIFJQS0kxEzARBgNVBAoTCkFtYXpvbi5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpEe0qAqUL25anzo19i1cyJOHngXP1fN0f Ta0B+KDnmWkkaRI4wS13n8T0mRRR2qlgano3hV9RXgxZCxe74YWc1IsWYumTh7pV 2Sr3wgbRzuKY1BCiWSH8O4Wb/DiRPlot82CfR1/qqADabtsyhUTNWuNV8E42XQP7 smIzZW15SfLkcHF6LAe7nHd0XQMI9mHO7iOcgVwuc1fD+5Kz38b4CTF2hybUuTVL +7hEluEGhWWtMHhq86E+1fLmCd1hx7l+irDd0vF3N3JU19YRbmBL+baMXfW6Nn6l RI0ovsMnWYPAGE+VMnPbVmFhMq/8yoGgAe+5LMYv+C6hS44V+GafAgMBAAGjggJK MIICRjAdBgNVHQ4EFgQUfo7EsTn3J3y3NoUiDklKk9ngmpowHwYDVR0jBBgwFoAU QHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUFBwEB BHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0 b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RTeG0w dUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEF BQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEvNzk0 ZmVhZGEtM2Y4Yi00YTdiLTg5NTQtOTkyZmRkYmEzMTkxLnJvYTCBlQYDVR0fBIGN MIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpv bmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUwYmVj OTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAkBtrxoDANBgkqhkiG9w0BAQsFAAOCAQEABeGQuq6kYgPQtbZjTV5/0Plm LUwsZ0yyk7PMfn8cl62DIgUqyX+r32lwfOS877VkRfIl9lTlACaFi6zLWKKQkPJh AMAyswiALrVUmgXN3KC1QniUtZzcJ1x1JjtB/IQQ3+SmgUgSb9cf0LLL328ZlbU+ WTkZDBiP+kNixRNntBC7HKaefg8leBI6CvykxSp015B1w4/QCHUPEvLR0M0BLdQu zX+ryUaevORylAzF2WJiW8PRkFTJpsuASuXXM0zWXJN/QzZl34HwZY2DnSgROLRm xXqNaVQcDxigfADG60pvGJE5NwZixZcT7T8QTNqbnRS8SWKckBCrPTh67F7Lyg== -----END CERTIFICATE-----Generated at Wed Mar 15 11:52:18 2023 by rpki-client on console-fra.rpki-client.org