$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cb170b77-8177-4929-971d-9c220aff91d9.roa File: cb170b77-8177-4929-971d-9c220aff91d9.roa (raw, json) Hash identifier: Gff3c4JMYnNXRKvFv9Ly1fCK/h9P/jrXbn8WQ7haWWE= Subject key identifier: A8:E8:A2:58:C5:CB:40:AA:E1:35:8B:1F:2A:18:08:F7:AA:C4:3F:93 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0768C9AF9B998F9C7FDF7CC30B84B143071959D7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cb170b77-8177-4929-971d-9c220aff91d9.roa Signing time: Sun 26 Mar 2023 00:00:00 +0000 ROA not before: Sun 26 Mar 2023 00:00:00 +0000 ROA not after: Sun 30 Apr 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Mar 2023 12:04:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:68:c9:af:9b:99:8f:9c:7f:df:7c:c3:0b:84:b1:43:07:19:59:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 26 00:00:00 2023 GMT Not After : Apr 30 23:59:59 2023 GMT Subject: serialNumber=03ab538aaa356549b479e31709988a33331c44d1de758e254d6c543ebdc8ff0b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81, OU=Amazon RPKI, O=Amazon.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:85:0f:3a:b1:b7:75:57:05:53:f2:e2:93:24: 80:eb:92:2e:e3:ef:b0:8f:3b:2d:9b:34:af:66:68: 53:e5:15:89:2a:aa:01:5b:f4:83:42:d7:45:83:ff: e6:31:02:a4:9a:55:dc:4c:4e:fe:f4:97:87:ee:d9: e1:83:23:6f:ec:ed:af:3b:40:6d:59:a0:48:e1:75: 81:7c:7a:1a:5e:ab:ac:24:62:bd:52:38:47:22:10: 7a:51:25:b5:d4:54:03:81:1d:cc:7d:57:27:a3:ee: fb:3f:ed:24:6d:5e:fd:1c:3d:58:1b:ed:b1:43:90: 16:3c:20:22:6e:68:f2:1a:9e:fa:1e:c1:df:4a:94: e0:0f:96:0d:8b:90:9d:c6:df:c2:65:81:4b:ff:91: d9:5e:91:63:ae:96:a4:55:67:0f:48:44:17:a8:6e: a7:2b:29:0c:e9:91:6f:05:ba:7c:69:1d:78:dc:0e: 2c:97:57:08:14:0f:f0:7a:57:db:d4:3b:8c:20:21: c0:ce:34:d9:33:dc:3c:5c:27:8d:96:87:b7:88:f5: 5c:54:93:51:ee:06:9d:6f:6f:e6:ec:42:f3:da:9b: dc:57:06:59:16:90:25:56:81:ee:c8:e1:70:09:0b: cd:07:12:73:d4:04:3f:9c:80:06:ff:3b:77:9e:01: 87:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:E8:A2:58:C5:CB:40:AA:E1:35:8B:1F:2A:18:08:F7:AA:C4:3F:93 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cb170b77-8177-4929-971d-9c220aff91d9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:7000::/40 Signature Algorithm: sha256WithRSAEncryption 80:2a:f3:67:f1:b4:cf:73:9e:3d:dc:51:b2:2e:22:a0:1c:be: 58:e4:8c:bb:26:77:4a:c4:4f:14:c5:5d:97:2b:d2:ef:2d:69: 07:c1:6c:8f:af:53:11:8f:40:59:e0:12:85:32:e5:7c:cc:08: 0b:bc:a6:b9:12:be:6b:bf:2a:0c:7d:ce:3a:a8:d8:5d:42:45: 3a:74:3d:bb:dd:fc:70:ec:23:9c:62:05:b4:7f:da:17:18:58: 2e:26:43:fb:21:0f:a4:42:b6:18:2e:8c:e3:0f:0b:d8:23:37: 25:b8:21:93:cf:af:bb:00:bb:22:0e:0f:90:de:de:50:32:cf: e2:f6:67:a1:47:7b:34:e3:c0:d3:36:e1:e1:4b:43:65:33:56: 2d:74:40:71:40:1a:b1:11:61:e4:be:b7:d5:51:f6:97:8a:c5: af:f5:d0:b3:17:5e:07:a3:2a:0a:ac:7a:37:b1:69:e0:45:ea: 38:8b:f3:64:c6:24:01:0f:39:eb:c2:44:11:97:b6:a6:1e:ae: ed:19:a6:d9:ff:a9:d2:78:d5:48:04:39:10:30:d0:1b:ba:d8: f9:56:90:70:89:fb:8f:31:4d:f6:25:53:96:6a:07:7f:55:5d: ad:2e:bf:3a:78:7d:71:85:c9:67:d6:fa:b7:d8:49:23:4e:f3: 6c:de:4f:f0 -----BEGIN CERTIFICATE----- MIIFyjCCBLKgAwIBAgIUB2jJr5uZj5x/33zDC4SxQwcZWdcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDMyNjAwMDAwMFoX DTIzMDQzMDIzNTk1OVowgaUxSTBHBgNVBAUTQDAzYWI1MzhhYWEzNTY1NDliNDc5 ZTMxNzA5OTg4YTMzMzMxYzQ0ZDFkZTc1OGUyNTRkNmM1NDNlYmRjOGZmMGIxLTAr BgNVBAMTJGMwYmYwZmU4LTcxN2MtNGY3Mi05YjQ1LWM5YzUxOTEzMmE4MTEUMBIG A1UECxMLQW1hem9uIFJQS0kxEzARBgNVBAoTCkFtYXpvbi5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQD5hQ86sbd1VwVT8uKTJIDrki7j77CPOy2b NK9maFPlFYkqqgFb9INC10WD/+YxAqSaVdxMTv70l4fu2eGDI2/s7a87QG1ZoEjh dYF8ehpeq6wkYr1SOEciEHpRJbXUVAOBHcx9Vyej7vs/7SRtXv0cPVgb7bFDkBY8 ICJuaPIanvoewd9KlOAPlg2LkJ3G38JlgUv/kdlekWOulqRVZw9IRBeobqcrKQzp kW8FunxpHXjcDiyXVwgUD/B6V9vUO4wgIcDONNkz3DxcJ42Wh7eI9VxUk1HuBp1v b+bsQvPam9xXBlkWkCVWge7I4XAJC80HEnPUBD+cgAb/O3eeAYdNAgMBAAGjggJK MIICRjAdBgNVHQ4EFgQUqOiiWMXLQKrhNYsfKhgI96rEP5MwHwYDVR0jBBgwFoAU QHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUFBwEB BHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0 b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RTeG0w dUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEF BQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEvY2Ix NzBiNzctODE3Ny00OTI5LTk3MWQtOWMyMjBhZmY5MWQ5LnJvYTCBlQYDVR0fBIGN MIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpv bmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUwYmVj OTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAkBtpgcDANBgkqhkiG9w0BAQsFAAOCAQEAgCrzZ/G0z3OePdxRsi4ioBy+ WOSMuyZ3SsRPFMVdlyvS7y1pB8Fsj69TEY9AWeAShTLlfMwIC7ymuRK+a78qDH3O OqjYXUJFOnQ9u938cOwjnGIFtH/aFxhYLiZD+yEPpEK2GC6M4w8L2CM3Jbghk8+v uwC7Ig4PkN7eUDLP4vZnoUd7NOPA0zbh4UtDZTNWLXRAcUAasRFh5L631VH2l4rF r/XQsxdeB6MqCqx6N7Fp4EXqOIvzZMYkAQ8568JEEZe2ph6u7Rmm2f+p0njVSAQ5 EDDQG7rY+VaQcIn7jzFN9iVTlmoHf1VdrS6/Onh9cYXJZ9b6t9hJI07zbN5P8A== -----END CERTIFICATE-----Generated at Sun Mar 26 00:25:44 2023 by rpki-client on console-fra.rpki-client.org