$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae920ed2-97d5-458b-804a-81fcd6f09e97.roa File: ae920ed2-97d5-458b-804a-81fcd6f09e97.roa (raw, json) Hash identifier: ljJFFFaOcAbz7gWgocoS7DH0Rp3STC/ggs11ssbtRs8= Subject key identifier: 07:58:61:2D:1F:72:2E:E1:44:71:CE:CF:B8:2B:53:1E:83:47:9C:A4 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 04EBD2800EF1E47137022E7F724128B7938176EB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae920ed2-97d5-458b-804a-81fcd6f09e97.roa Signing time: Mon 27 Mar 2023 00:00:00 +0000 ROA not before: Mon 27 Mar 2023 00:00:00 +0000 ROA not after: Mon 01 May 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafc:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 28 Mar 2023 12:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:eb:d2:80:0e:f1:e4:71:37:02:2e:7f:72:41:28:b7:93:81:76:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 27 00:00:00 2023 GMT Not After : May 1 23:59:59 2023 GMT Subject: serialNumber=0a4e18931edb3098bc0ab1cbec53e11d82b6040a61ff8f18cad270399aa7f986, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81, OU=Amazon RPKI, O=Amazon.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:cb:f7:80:6c:44:bf:d9:3c:be:3a:58:c5:6b: 2e:5e:5f:fc:20:e4:0e:fa:02:69:5f:7f:88:3d:17: 57:e2:c9:a1:c0:ff:04:b5:0e:b2:cb:5b:a5:c5:ea: 83:58:5d:c0:96:60:a8:08:3e:0c:b6:6d:d7:ad:4a: 25:e5:9c:bb:df:30:bf:41:f6:77:b6:29:e0:ec:51: d6:56:e0:e5:2a:c7:ae:9b:55:f0:7c:a7:00:7b:d3: 3e:5c:20:ac:f5:77:55:5f:20:85:09:17:64:54:d7: a1:ef:e5:b8:46:27:ed:93:9a:17:9d:c5:dd:7c:81: ce:1d:8e:fb:68:9a:35:92:f9:eb:5d:be:be:1a:d9: 0f:a3:44:ce:24:6e:f1:63:74:51:91:9a:e8:87:c4: 1c:e6:3b:13:c8:63:83:3b:a8:ca:54:37:16:32:1e: 73:8c:6d:c9:fe:0c:b1:d7:09:26:bb:0b:9d:d4:0b: 4f:0f:19:f7:ba:ef:1a:92:1c:15:e5:c8:e6:41:7f: 8e:8b:0a:2c:5e:54:15:3b:e4:47:f7:d6:cd:85:9d: 7b:47:4c:9b:b7:2d:21:c3:05:77:a3:63:e1:bc:d9: 9e:e4:0d:9b:72:3c:af:c8:68:6a:56:42:8c:db:20: a1:3f:24:17:d6:a9:be:a9:b3:49:28:38:af:f6:17: a5:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:58:61:2D:1F:72:2E:E1:44:71:CE:CF:B8:2B:53:1E:83:47:9C:A4 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae920ed2-97d5-458b-804a-81fcd6f09e97.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafc:7000::/40 Signature Algorithm: sha256WithRSAEncryption a9:96:87:4b:07:f7:ef:10:83:b7:c7:c7:e5:6b:20:92:ee:75: ba:8d:87:15:f9:44:9f:f8:6c:01:e6:c4:5c:ff:d9:d4:35:5d: 82:89:4c:34:1f:19:14:5f:bf:42:fa:12:8f:99:9a:94:14:71: d8:a6:93:3d:25:63:c7:93:cf:8f:bd:ee:d0:f7:92:34:3c:31: a9:e2:58:da:39:4c:4a:db:5d:38:05:22:74:aa:10:a1:69:bf: 66:f5:a4:9c:e6:e7:42:44:fa:10:4a:61:61:37:d3:d1:41:81: c2:ab:dd:57:52:2b:4f:1f:82:71:93:17:60:9a:a8:38:8f:2e: c0:32:66:2d:28:11:8e:73:f2:d0:38:3a:08:f8:05:a4:76:f5: 5c:e3:b9:af:c1:b4:dd:7e:3a:67:60:58:7f:a8:d8:65:8a:6e: 36:ea:69:8d:35:33:0d:d8:33:79:28:ba:0c:2c:6d:30:b8:99: 6b:9f:bd:ed:36:49:5f:18:b8:4c:90:10:72:fe:b3:35:3d:30: ef:c8:dd:e2:3c:32:38:63:d2:64:cc:d8:c7:1e:e9:ea:5d:67: 3c:25:3e:68:2a:bd:c9:93:1a:e9:88:5a:28:fe:fa:bd:27:30: 80:68:dd:bd:3e:a0:bd:0e:41:c4:d3:61:0e:b8:95:8c:82:a0: e6:64:ff:f5 -----BEGIN CERTIFICATE----- MIIFyjCCBLKgAwIBAgIUBOvSgA7x5HE3Ai5/ckEot5OBduswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDMyNzAwMDAwMFoX DTIzMDUwMTIzNTk1OVowgaUxSTBHBgNVBAUTQDBhNGUxODkzMWVkYjMwOThiYzBh YjFjYmVjNTNlMTFkODJiNjA0MGE2MWZmOGYxOGNhZDI3MDM5OWFhN2Y5ODYxLTAr BgNVBAMTJGMwYmYwZmU4LTcxN2MtNGY3Mi05YjQ1LWM5YzUxOTEzMmE4MTEUMBIG A1UECxMLQW1hem9uIFJQS0kxEzARBgNVBAoTCkFtYXpvbi5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTy/eAbES/2Ty+OljFay5eX/wg5A76Amlf f4g9F1fiyaHA/wS1DrLLW6XF6oNYXcCWYKgIPgy2bdetSiXlnLvfML9B9ne2KeDs UdZW4OUqx66bVfB8pwB70z5cIKz1d1VfIIUJF2RU16Hv5bhGJ+2Tmhedxd18gc4d jvtomjWS+etdvr4a2Q+jRM4kbvFjdFGRmuiHxBzmOxPIY4M7qMpUNxYyHnOMbcn+ DLHXCSa7C53UC08PGfe67xqSHBXlyOZBf46LCixeVBU75Ef31s2FnXtHTJu3LSHD BXejY+G82Z7kDZtyPK/IaGpWQozbIKE/JBfWqb6ps0koOK/2F6WZAgMBAAGjggJK MIICRjAdBgNVHQ4EFgQUB1hhLR9yLuFEcc7PuCtTHoNHnKQwHwYDVR0jBBgwFoAU QHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUFBwEB BHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0 b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RTeG0w dUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEF BQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEvYWU5 MjBlZDItOTdkNS00NThiLTgwNGEtODFmY2Q2ZjA5ZTk3LnJvYTCBlQYDVR0fBIGN MIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpv bmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUwYmVj OTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAkBtr8cDANBgkqhkiG9w0BAQsFAAOCAQEAqZaHSwf37xCDt8fH5Wsgku51 uo2HFflEn/hsAebEXP/Z1DVdgolMNB8ZFF+/QvoSj5malBRx2KaTPSVjx5PPj73u 0PeSNDwxqeJY2jlMSttdOAUidKoQoWm/ZvWknObnQkT6EEphYTfT0UGBwqvdV1Ir Tx+CcZMXYJqoOI8uwDJmLSgRjnPy0Dg6CPgFpHb1XOO5r8G03X46Z2BYf6jYZYpu NuppjTUzDdgzeSi6DCxtMLiZa5+97TZJXxi4TJAQcv6zNT0w78jd4jwyOGPSZMzY xx7p6l1nPCU+aCq9yZMa6YhaKP76vScwgGjdvT6gvQ5BxNNhDriVjIKg5mT/9Q== -----END CERTIFICATE-----Generated at Mon Mar 27 00:26:57 2023 by rpki-client on console-fra.rpki-client.org