$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7e4e7137-138d-4ba8-8a17-81c3d6d3a98b.roa File: 7e4e7137-138d-4ba8-8a17-81c3d6d3a98b.roa (raw, json) Hash identifier: w3EiXFrrp4+y6m5AidKEMIh1HDJAKbTDuPDqvDC4Bqo= Subject key identifier: E9:31:A7:D0:58:30:27:12:D9:D8:C5:2A:24:A3:C3:E0:F0:E2:51:94 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 63A6A32F919D321D8D1CFA2A8F59271CC1329401 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7e4e7137-138d-4ba8-8a17-81c3d6d3a98b.roa Signing time: Mon 20 Mar 2023 00:00:00 +0000 ROA not before: Mon 20 Mar 2023 00:00:00 +0000 ROA not after: Mon 24 Apr 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da22::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 21 Mar 2023 12:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:a6:a3:2f:91:9d:32:1d:8d:1c:fa:2a:8f:59:27:1c:c1:32:94:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 20 00:00:00 2023 GMT Not After : Apr 24 23:59:59 2023 GMT Subject: serialNumber=eeec14c6d3527039e037b06cb25c90c3f10c36243d6c1cb51c65d9473ff4dbce, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81, OU=Amazon RPKI, O=Amazon.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:d2:f0:2e:10:e6:f2:86:ed:4b:41:89:37:93: b8:66:0c:31:9b:ad:53:74:55:3a:3a:58:d2:37:68: 83:2e:11:62:90:c1:91:1e:aa:cb:0a:e0:5f:c6:c8: 02:fe:e4:8c:be:9b:ad:dc:9b:c2:a7:68:19:47:5c: 1d:62:d7:91:4e:7b:15:bd:d2:84:d7:1b:24:b5:88: e1:8c:5b:3c:d4:5e:f8:07:7a:e1:cd:54:3f:70:99: d1:b8:b8:8f:a9:8a:01:0e:32:b8:2f:4b:46:c0:db: 52:6a:23:cd:82:44:4a:ba:f2:1c:dd:cc:41:77:18: 8b:73:b7:64:ea:23:f8:c4:c0:51:6c:77:88:03:3c: 5e:78:b8:4f:31:dc:94:c7:83:d4:08:12:38:a9:9b: 2b:f0:12:58:9a:9b:85:f9:2e:48:47:f9:50:47:83: f9:03:da:a9:42:61:69:5b:41:03:59:e9:18:33:e1: 3b:f5:37:70:c2:ef:2c:b8:51:22:51:54:fd:7b:70: a8:86:4a:90:6c:0e:03:83:2c:95:5b:91:b5:c6:04: b0:e6:ba:37:98:5e:56:03:1b:de:1f:20:9f:33:a8: 5c:ad:30:cb:25:38:74:91:86:83:04:67:0e:73:54: 9c:da:2e:8e:68:ce:ea:71:ea:49:e0:45:85:85:f8: 68:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:31:A7:D0:58:30:27:12:D9:D8:C5:2A:24:A3:C3:E0:F0:E2:51:94 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7e4e7137-138d-4ba8-8a17-81c3d6d3a98b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da22::/36 Signature Algorithm: sha256WithRSAEncryption 8f:14:55:7c:5f:7a:15:d7:e6:2a:c3:9c:95:d0:15:50:06:fe: 09:15:1a:da:a1:8a:49:a4:44:65:b7:61:04:74:03:11:ea:ff: 41:10:3b:ef:98:b9:5c:e4:07:18:f8:4d:ad:bc:07:06:a5:e0: ce:a2:c5:fd:a5:5c:5d:f0:60:8e:f4:42:b3:45:a1:2e:dc:05: cf:c2:70:1d:fb:85:c4:d8:0d:14:c2:be:a7:51:6c:11:b2:69: 6b:ad:ab:28:fd:08:f7:d0:28:88:9d:87:e8:e8:83:e0:a5:ae: 3b:06:76:20:ce:e7:b1:59:c6:22:09:86:c0:eb:e1:f9:cf:46: 87:27:a0:6f:6e:7a:0d:f0:cc:66:a4:c8:27:64:43:01:e9:ad: fe:4e:1f:ba:05:9b:8f:b6:f2:7d:8d:5f:f4:02:27:ad:89:7e: cf:7e:4e:00:c8:8f:76:63:3f:0f:bc:9b:47:6f:3b:77:c5:1b: 57:aa:a8:25:b5:a5:cf:86:b4:7c:2f:a9:f0:8d:85:e0:82:df: 94:0f:d7:6e:ef:2e:23:83:34:1c:58:bb:c3:5c:4d:55:50:6c: db:fd:f2:cc:d0:ee:16:88:5a:00:e1:3d:80:97:17:57:bb:e5: 4b:4b:32:1a:d7:5a:ee:db:6d:72:df:34:30:20:66:8c:2c:e1: 89:ea:43:c2 -----BEGIN CERTIFICATE----- MIIFyjCCBLKgAwIBAgIUY6ajL5GdMh2NHPoqj1knHMEylAEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDMyMDAwMDAwMFoX DTIzMDQyNDIzNTk1OVowgaUxSTBHBgNVBAUTQGVlZWMxNGM2ZDM1MjcwMzllMDM3 YjA2Y2IyNWM5MGMzZjEwYzM2MjQzZDZjMWNiNTFjNjVkOTQ3M2ZmNGRiY2UxLTAr BgNVBAMTJGMwYmYwZmU4LTcxN2MtNGY3Mi05YjQ1LWM5YzUxOTEzMmE4MTEUMBIG A1UECxMLQW1hem9uIFJQS0kxEzARBgNVBAoTCkFtYXpvbi5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC30vAuEObyhu1LQYk3k7hmDDGbrVN0VTo6 WNI3aIMuEWKQwZEeqssK4F/GyAL+5Iy+m63cm8KnaBlHXB1i15FOexW90oTXGyS1 iOGMWzzUXvgHeuHNVD9wmdG4uI+pigEOMrgvS0bA21JqI82CREq68hzdzEF3GItz t2TqI/jEwFFsd4gDPF54uE8x3JTHg9QIEjipmyvwEliam4X5LkhH+VBHg/kD2qlC YWlbQQNZ6Rgz4Tv1N3DC7yy4USJRVP17cKiGSpBsDgODLJVbkbXGBLDmujeYXlYD G94fIJ8zqFytMMslOHSRhoMEZw5zVJzaLo5ozupx6kngRYWF+GjzAgMBAAGjggJK MIICRjAdBgNVHQ4EFgQU6TGn0FgwJxLZ2MUqJKPD4PDiUZQwHwYDVR0jBBgwFoAU QHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUFBwEB BHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0 b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RTeG0w dUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEF BQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEvN2U0 ZTcxMzctMTM4ZC00YmE4LThhMTctODFjM2Q2ZDNhOThiLnJvYTCBlQYDVR0fBIGN MIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpv bmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUwYmVj OTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgQkBtoiADANBgkqhkiG9w0BAQsFAAOCAQEAjxRVfF96FdfmKsOcldAVUAb+ CRUa2qGKSaREZbdhBHQDEer/QRA775i5XOQHGPhNrbwHBqXgzqLF/aVcXfBgjvRC s0WhLtwFz8JwHfuFxNgNFMK+p1FsEbJpa62rKP0I99AoiJ2H6OiD4KWuOwZ2IM7n sVnGIgmGwOvh+c9Ghyegb256DfDMZqTIJ2RDAemt/k4fugWbj7byfY1f9AInrYl+ z35OAMiPdmM/D7ybR287d8UbV6qoJbWlz4a0fC+p8I2F4ILflA/Xbu8uI4M0HFi7 w1xNVVBs2/3yzNDuFohaAOE9gJcXV7vlS0syGtda7tttct80MCBmjCzhiepDwg== -----END CERTIFICATE-----Generated at Mon Mar 20 00:26:27 2023 by rpki-client on console-fra.rpki-client.org