$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bb98c08c-0f1a-4df4-a80b-caa2918ed856.roa File: bb98c08c-0f1a-4df4-a80b-caa2918ed856.roa (raw, json) Hash identifier: OV8jbHBqHTzvrWjlgqN415lGmFjSkvKc3FTdZqmWfxo= Subject key identifier: 28:6C:3C:63:74:D5:4A:04:03:52:33:1B:13:08:82:14:74:90:39:DF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6B8418E26067152238E8AFE9B4AE1F0C4FBEFC36 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bb98c08c-0f1a-4df4-a80b-caa2918ed856.roa Signing time: Wed 01 Mar 2023 00:00:00 +0000 ROA not before: Wed 01 Mar 2023 00:00:00 +0000 ROA not after: Wed 05 Apr 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 16 Mar 2023 12:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:84:18:e2:60:67:15:22:38:e8:af:e9:b4:ae:1f:0c:4f:be:fc:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 1 00:00:00 2023 GMT Not After : Apr 5 23:59:59 2023 GMT Subject: serialNumber=639a72f0981d1f3d252324fe8bd906487bddf5576bab504b596b180478ac6b83, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81, OU=Amazon RPKI, O=Amazon.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:f9:7b:14:48:c4:75:e7:92:ba:7c:9a:b4:a0: 82:ef:09:ce:e8:8b:d5:d7:83:f4:e2:31:59:5c:1d: b3:2a:2f:53:12:5c:c8:f5:8b:a0:2e:12:04:82:5c: b7:f1:e9:82:7f:0b:6a:23:6f:79:a5:4c:89:0b:3a: eb:63:ca:d6:74:06:84:4f:13:f6:37:d5:f6:61:71: 5c:8f:9f:40:99:d9:c5:a8:02:d2:7d:35:38:fc:b5: 95:64:62:ce:05:f3:7d:08:6c:90:10:e0:d4:35:a9: 5c:13:db:61:54:eb:39:81:60:dc:30:b3:20:71:f9: b0:dc:7b:89:81:30:2c:45:f4:46:98:21:0c:25:c4: 11:e5:27:d3:80:1c:bf:1b:d5:17:41:2a:47:5a:4d: d2:27:b8:cd:33:9b:ea:d6:7a:81:ce:eb:5e:01:16: d3:f2:1b:65:51:c5:20:96:48:9d:b9:4b:f1:56:12: e7:67:d8:1f:f6:29:c6:b3:92:5b:bd:6d:70:79:db: d2:35:6b:54:b8:a6:50:b8:de:b1:43:d7:6c:21:ed: e8:82:22:4b:97:d5:56:1d:da:44:ca:da:ea:48:04: 85:4a:90:2b:fa:fe:f3:96:b5:18:00:30:22:0d:6e: 3b:83:19:6e:26:59:3a:13:6b:52:38:79:6d:41:f4: 08:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:6C:3C:63:74:D5:4A:04:03:52:33:1B:13:08:82:14:74:90:39:DF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bb98c08c-0f1a-4df4-a80b-caa2918ed856.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:7000::/40 Signature Algorithm: sha256WithRSAEncryption 38:c4:cf:00:98:6f:c6:1e:0f:ff:cf:8b:c3:bf:67:41:5a:d1: 30:25:71:bf:93:20:e8:ef:d4:29:41:60:4c:b3:67:97:d1:52: f9:d3:86:62:bb:5f:b4:01:b7:64:b3:8f:1f:a6:f6:95:b2:b8: 14:8d:7c:2e:71:d3:33:9c:6a:64:6e:64:73:38:27:c4:ec:7c: 90:4b:7d:73:bf:77:0b:b0:52:14:35:bc:eb:2a:41:e4:05:1c: d7:21:05:b3:78:17:f8:ae:ff:bc:8c:cf:bf:20:f7:51:db:1d: 81:b3:5d:88:17:3a:68:2c:42:d0:7f:d4:49:f7:18:0e:d6:f3: 37:2a:16:fd:a8:b6:4c:c6:35:2a:2f:7c:8d:80:82:cf:63:8d: e1:73:e6:69:ca:f9:92:10:71:07:3b:46:68:b7:8a:83:fe:44: bb:69:94:17:24:f6:d7:a9:0a:1c:ed:84:28:c5:a6:91:4e:84: e2:e2:f0:79:e3:da:aa:64:8e:b7:a7:b7:5a:c5:28:1c:88:36: 4e:ef:ee:9a:b2:70:29:3c:33:eb:62:ff:76:d3:57:c8:a6:0a: a1:5e:25:fd:95:d5:94:aa:c5:fd:49:f9:b1:fa:bd:0f:75:2e: 06:89:71:44:81:f0:dd:53:50:e7:b4:e5:2c:84:d8:f2:72:dc: e2:6c:fb:60 -----BEGIN CERTIFICATE----- MIIFyjCCBLKgAwIBAgIUa4QY4mBnFSI46K/ptK4fDE++/DYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDMwMTAwMDAwMFoX DTIzMDQwNTIzNTk1OVowgaUxSTBHBgNVBAUTQDYzOWE3MmYwOTgxZDFmM2QyNTIz MjRmZThiZDkwNjQ4N2JkZGY1NTc2YmFiNTA0YjU5NmIxODA0NzhhYzZiODMxLTAr BgNVBAMTJGMwYmYwZmU4LTcxN2MtNGY3Mi05YjQ1LWM5YzUxOTEzMmE4MTEUMBIG A1UECxMLQW1hem9uIFJQS0kxEzARBgNVBAoTCkFtYXpvbi5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDt+XsUSMR155K6fJq0oILvCc7oi9XXg/Ti MVlcHbMqL1MSXMj1i6AuEgSCXLfx6YJ/C2ojb3mlTIkLOutjytZ0BoRPE/Y31fZh cVyPn0CZ2cWoAtJ9NTj8tZVkYs4F830IbJAQ4NQ1qVwT22FU6zmBYNwwsyBx+bDc e4mBMCxF9EaYIQwlxBHlJ9OAHL8b1RdBKkdaTdInuM0zm+rWeoHO614BFtPyG2VR xSCWSJ25S/FWEudn2B/2Kcazklu9bXB529I1a1S4plC43rFD12wh7eiCIkuX1VYd 2kTK2upIBIVKkCv6/vOWtRgAMCINbjuDGW4mWToTa1I4eW1B9AinAgMBAAGjggJK MIICRjAdBgNVHQ4EFgQUKGw8Y3TVSgQDUjMbEwiCFHSQOd8wHwYDVR0jBBgwFoAU QHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUFBwEB BHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0 b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RTeG0w dUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEF BQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEvYmI5 OGMwOGMtMGYxYS00ZGY0LWE4MGItY2FhMjkxOGVkODU2LnJvYTCBlQYDVR0fBIGN MIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpv bmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUwYmVj OTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAkBtphcDANBgkqhkiG9w0BAQsFAAOCAQEAOMTPAJhvxh4P/8+Lw79nQVrR MCVxv5Mg6O/UKUFgTLNnl9FS+dOGYrtftAG3ZLOPH6b2lbK4FI18LnHTM5xqZG5k czgnxOx8kEt9c793C7BSFDW86ypB5AUc1yEFs3gX+K7/vIzPvyD3UdsdgbNdiBc6 aCxC0H/USfcYDtbzNyoW/ai2TMY1Ki98jYCCz2ON4XPmacr5khBxBztGaLeKg/5E u2mUFyT216kKHO2EKMWmkU6E4uLweePaqmSOt6e3WsUoHIg2Tu/umrJwKTwz62L/ dtNXyKYKoV4l/ZXVlKrF/Un5sfq9D3UuBolxRIHw3VNQ57TlLITY8nLc4mz7YA== -----END CERTIFICATE-----Generated at Wed Mar 15 11:42:45 2023 by rpki-client on console-ams.rpki-client.org