$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8746c50-b2c6-438f-ad79-3b608da68b61.roa File: a8746c50-b2c6-438f-ad79-3b608da68b61.roa (raw, json) Hash identifier: mA6FeWekQfz1tdZOyZvHNkuH0l4I9zZRiibV9eTJUCo= Subject key identifier: EC:63:81:7F:78:C9:66:BD:1B:FA:27:61:EE:04:43:16:7D:DB:5C:76 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1ABD37B782C0DB8DFB014D2862CB300715ABD11E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8746c50-b2c6-438f-ad79-3b608da68b61.roa Signing time: Wed 01 Mar 2023 00:00:00 +0000 ROA not before: Wed 01 Mar 2023 00:00:00 +0000 ROA not after: Wed 05 Apr 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 16 Mar 2023 12:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:bd:37:b7:82:c0:db:8d:fb:01:4d:28:62:cb:30:07:15:ab:d1:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 1 00:00:00 2023 GMT Not After : Apr 5 23:59:59 2023 GMT Subject: serialNumber=7dd60864c3c3fa815368ece6b00bd9dc4cee74452e423aa70a7cc6e8a83f3b53, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81, OU=Amazon RPKI, O=Amazon.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:ae:c2:5f:93:0b:0f:91:f0:af:2c:0c:cd:09: d5:30:4e:bb:89:cd:ed:c4:3c:c5:06:c7:49:67:b0: 92:c8:d4:00:eb:b8:ea:42:1d:a3:ba:11:30:47:26: b4:3d:82:15:1d:55:2e:ac:39:dc:74:67:d3:c9:2d: f2:bc:d0:fd:5c:21:0c:f3:3d:05:16:13:24:d1:ac: 7d:86:84:3d:7c:4b:b7:68:be:94:0c:79:bd:ea:4f: b5:9c:b3:7b:7f:ed:96:a7:44:85:d0:06:cc:63:6e: 60:7b:07:b5:d6:3d:e2:73:eb:3e:1f:f3:41:67:f4: ac:b5:78:8e:1c:98:60:2d:d9:83:bb:59:48:9b:df: 1b:13:7c:ac:a0:66:65:0b:26:71:6a:bf:00:3e:4e: 20:1a:36:91:3f:7f:31:d4:5b:93:14:3a:0b:71:d1: 2c:fe:dc:6a:8b:31:c0:e9:72:e0:aa:cf:11:60:25: 2a:97:ad:f8:4c:c6:9f:64:35:a1:3e:80:6d:1b:10: 5e:75:44:6d:64:63:2e:03:76:ff:97:bd:68:de:58: e3:e8:66:53:11:8e:96:cf:b0:cf:ca:ae:15:06:0a: ed:59:86:c5:07:b9:63:e2:11:b5:a4:4b:66:ad:63: 93:3a:e9:d2:87:f3:ff:b0:ae:a2:85:f7:eb:29:4f: a5:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:63:81:7F:78:C9:66:BD:1B:FA:27:61:EE:04:43:16:7D:DB:5C:76 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a8746c50-b2c6-438f-ad79-3b608da68b61.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:6000::/40 Signature Algorithm: sha256WithRSAEncryption 9e:42:d2:41:e7:ad:8a:80:3e:67:29:ef:cc:31:21:b1:e9:5b: fb:ed:fd:d7:73:29:35:6e:0a:bd:97:29:cb:92:28:1d:b5:96: 5d:65:dd:e7:80:f4:c9:b1:08:4e:8a:0a:8b:53:82:0e:7c:34: af:d1:35:93:94:35:ae:7c:98:e1:6c:66:85:cd:4c:b7:45:98: fc:0b:9b:fb:fc:ad:68:57:25:6a:7b:07:71:da:f8:e3:1d:4e: 6b:bc:ee:11:d8:bd:ad:9b:30:1a:81:87:d5:26:66:ce:55:2c: 98:c3:7c:0b:ff:a4:73:91:fd:3c:59:9c:54:f8:2c:3b:f8:eb: 3c:1f:b2:2d:22:2f:77:d9:52:d5:18:e8:fc:ac:32:88:5a:c6: b0:f9:ec:6f:73:23:09:98:c5:10:79:2a:a9:92:b0:b2:b9:4d: 8a:3f:a7:fa:bb:f0:77:21:52:fd:27:e0:1d:ef:b1:05:6d:79: 4e:00:e7:c7:a8:1b:d6:4f:33:2b:8a:64:a5:61:48:18:1d:ed: 54:18:b1:d6:70:49:2c:5d:cf:39:e6:a9:7f:08:94:d3:db:e0: ed:19:64:71:51:ff:59:01:a9:f4:6d:8b:cd:74:9a:1e:e8:d3: 63:7f:ee:1c:01:b4:5f:29:b6:3c:c0:33:fb:f0:30:fa:92:d4: ee:71:6b:e9 -----BEGIN CERTIFICATE----- MIIFyjCCBLKgAwIBAgIUGr03t4LA2437AU0oYsswBxWr0R4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDMwMTAwMDAwMFoX DTIzMDQwNTIzNTk1OVowgaUxSTBHBgNVBAUTQDdkZDYwODY0YzNjM2ZhODE1MzY4 ZWNlNmIwMGJkOWRjNGNlZTc0NDUyZTQyM2FhNzBhN2NjNmU4YTgzZjNiNTMxLTAr BgNVBAMTJGMwYmYwZmU4LTcxN2MtNGY3Mi05YjQ1LWM5YzUxOTEzMmE4MTEUMBIG A1UECxMLQW1hem9uIFJQS0kxEzARBgNVBAoTCkFtYXpvbi5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1rsJfkwsPkfCvLAzNCdUwTruJze3EPMUG x0lnsJLI1ADruOpCHaO6ETBHJrQ9ghUdVS6sOdx0Z9PJLfK80P1cIQzzPQUWEyTR rH2GhD18S7dovpQMeb3qT7Wcs3t/7ZanRIXQBsxjbmB7B7XWPeJz6z4f80Fn9Ky1 eI4cmGAt2YO7WUib3xsTfKygZmULJnFqvwA+TiAaNpE/fzHUW5MUOgtx0Sz+3GqL McDpcuCqzxFgJSqXrfhMxp9kNaE+gG0bEF51RG1kYy4Ddv+XvWjeWOPoZlMRjpbP sM/KrhUGCu1ZhsUHuWPiEbWkS2atY5M66dKH8/+wrqKF9+spT6W1AgMBAAGjggJK MIICRjAdBgNVHQ4EFgQU7GOBf3jJZr0b+idh7gRDFn3bXHYwHwYDVR0jBBgwFoAU QHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUFBwEB BHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0 b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RTeG0w dUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEF BQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEvYTg3 NDZjNTAtYjJjNi00MzhmLWFkNzktM2I2MDhkYTY4YjYxLnJvYTCBlQYDVR0fBIGN MIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpv bmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUwYmVj OTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAkBtpoYDANBgkqhkiG9w0BAQsFAAOCAQEAnkLSQeetioA+ZynvzDEhselb ++3913MpNW4KvZcpy5IoHbWWXWXd54D0ybEITooKi1OCDnw0r9E1k5Q1rnyY4Wxm hc1Mt0WY/Aub+/ytaFclansHcdr44x1Oa7zuEdi9rZswGoGH1SZmzlUsmMN8C/+k c5H9PFmcVPgsO/jrPB+yLSIvd9lS1Rjo/KwyiFrGsPnsb3MjCZjFEHkqqZKwsrlN ij+n+rvwdyFS/SfgHe+xBW15TgDnx6gb1k8zK4pkpWFIGB3tVBix1nBJLF3POeap fwiU09vg7RlkcVH/WQGp9G2LzXSaHujTY3/uHAG0Xym2PMAz+/Aw+pLU7nFr6Q== -----END CERTIFICATE-----Generated at Wed Mar 15 11:52:18 2023 by rpki-client on console-fra.rpki-client.org