$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e0fbaecf-3318-488e-80aa-57f0a5202e27.roa File: e0fbaecf-3318-488e-80aa-57f0a5202e27.roa (raw, json) Hash identifier: dYHPIDPskrPiTPPbBfgQXyAqbyzoYSK6ZCSBiDlCKhw= Subject key identifier: C3:DD:12:ED:42:7A:BB:B2:BA:BE:37:C3:38:95:62:EB:D8:2D:7D:CE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 376009120AFB70A81A7FD785BFF4A294AF619BCE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e0fbaecf-3318-488e-80aa-57f0a5202e27.roa Signing time: Mon 06 Mar 2023 00:00:00 +0000 ROA not before: Mon 06 Mar 2023 00:00:00 +0000 ROA not after: Mon 10 Apr 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 16 Mar 2023 12:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:60:09:12:0a:fb:70:a8:1a:7f:d7:85:bf:f4:a2:94:af:61:9b:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 6 00:00:00 2023 GMT Not After : Apr 10 23:59:59 2023 GMT Subject: serialNumber=bcec9014ecd9216c891f30b81f5dd643df6758bf422fedda65b231c4072d945b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81, OU=Amazon RPKI, O=Amazon.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:12:4a:e4:4e:c0:ad:8f:b6:fe:cc:24:fb:b6: 53:7f:7e:13:c4:ec:ed:00:d3:17:0c:3a:a2:70:dc: 36:c1:5e:6b:31:30:29:50:01:4d:33:9a:6a:81:c7: ae:8f:65:e2:ec:43:33:19:58:68:83:0d:cf:c6:34: 46:94:b6:4f:99:38:20:d6:2b:38:5f:04:96:a7:14: b9:92:43:cd:05:dd:14:a5:59:eb:df:d1:9b:77:fb: 45:28:2d:66:ce:6c:06:07:9d:89:3c:80:f2:ae:1b: 0b:34:aa:11:2e:8b:11:46:0f:24:b1:96:1c:d8:de: 77:ea:d5:ae:aa:94:74:98:72:2c:24:3a:77:9d:ac: a6:69:e0:ee:9c:ec:ac:e9:ec:6c:db:4b:79:9a:6e: 08:45:9f:74:8e:ef:33:70:2e:e1:7d:21:5f:16:87: 37:a7:8e:de:a8:9c:8c:19:da:a3:ea:9d:61:98:d2: 32:62:3c:38:e3:63:26:53:7a:e7:35:16:de:5f:52: 0f:3a:94:74:61:bb:bc:b2:fd:fd:00:3f:a8:ef:de: b8:af:e8:6e:86:35:75:77:d9:62:fa:cc:4c:08:7e: ce:25:1c:a0:8f:b3:b4:ae:b8:55:ab:0a:f1:be:bb: d6:27:4a:89:0a:10:86:30:9b:3a:23:c4:da:b4:9b: 52:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:DD:12:ED:42:7A:BB:B2:BA:BE:37:C3:38:95:62:EB:D8:2D:7D:CE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e0fbaecf-3318-488e-80aa-57f0a5202e27.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:8000::/40 Signature Algorithm: sha256WithRSAEncryption 88:c5:d9:b8:e3:06:55:7c:b5:f8:bb:76:fb:1a:0b:56:8c:88: 6c:af:27:09:71:b6:cb:46:dd:c0:7c:d4:37:87:ac:67:8b:f1: d4:22:ed:99:a3:cd:bd:5a:3d:b0:c9:e7:32:8b:d6:87:08:d1: 57:ff:24:26:ee:32:cc:93:de:c6:3c:fa:7b:20:ad:0e:50:72: 1d:58:ee:25:e5:94:89:af:1d:8f:7c:7a:0a:7d:24:33:9c:5f: 71:f5:c3:66:1a:4f:a3:fc:c0:88:08:a9:f4:85:5b:f1:17:f3: b0:bc:cb:dd:b7:7e:33:b3:6c:29:a3:9c:f3:c2:d7:9c:8a:59: dc:a7:64:ba:e7:73:e0:32:12:74:9e:e1:fe:a3:3c:3f:51:96: 5d:57:90:db:a4:ce:e5:20:03:26:13:c0:b4:ca:20:bc:1a:bb: fa:66:37:10:2e:b8:7e:81:2b:06:d2:c0:16:c7:a0:a8:22:11: 0f:e4:5a:21:72:2b:52:6e:c7:9b:27:f5:08:b1:61:38:cc:a7: 21:41:e8:d4:91:75:97:02:c0:d5:67:27:32:44:ed:81:1a:d5: 63:13:72:cf:b1:95:b9:70:43:b5:ce:ea:01:e0:12:17:ad:3e: 05:5b:8c:5f:a6:a8:46:a9:04:8b:11:ad:0f:64:02:d3:74:22: 73:f5:3e:be -----BEGIN CERTIFICATE----- MIIFyjCCBLKgAwIBAgIUN2AJEgr7cKgaf9eFv/SilK9hm84wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDMwNjAwMDAwMFoX DTIzMDQxMDIzNTk1OVowgaUxSTBHBgNVBAUTQGJjZWM5MDE0ZWNkOTIxNmM4OTFm MzBiODFmNWRkNjQzZGY2NzU4YmY0MjJmZWRkYTY1YjIzMWM0MDcyZDk0NWIxLTAr BgNVBAMTJGMwYmYwZmU4LTcxN2MtNGY3Mi05YjQ1LWM5YzUxOTEzMmE4MTEUMBIG A1UECxMLQW1hem9uIFJQS0kxEzARBgNVBAoTCkFtYXpvbi5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdEkrkTsCtj7b+zCT7tlN/fhPE7O0A0xcM OqJw3DbBXmsxMClQAU0zmmqBx66PZeLsQzMZWGiDDc/GNEaUtk+ZOCDWKzhfBJan FLmSQ80F3RSlWevf0Zt3+0UoLWbObAYHnYk8gPKuGws0qhEuixFGDySxlhzY3nfq 1a6qlHSYciwkOnedrKZp4O6c7Kzp7GzbS3mabghFn3SO7zNwLuF9IV8Whzenjt6o nIwZ2qPqnWGY0jJiPDjjYyZTeuc1Ft5fUg86lHRhu7yy/f0AP6jv3riv6G6GNXV3 2WL6zEwIfs4lHKCPs7SuuFWrCvG+u9YnSokKEIYwmzojxNq0m1LjAgMBAAGjggJK MIICRjAdBgNVHQ4EFgQUw90S7UJ6u7K6vjfDOJVi69gtfc4wHwYDVR0jBBgwFoAU QHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUFBwEB BHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0 b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RTeG0w dUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEF BQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEvZTBm YmFlY2YtMzMxOC00ODhlLTgwYWEtNTdmMGE1MjAyZTI3LnJvYTCBlQYDVR0fBIGN MIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpv bmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUwYmVj OTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAkBtoAgDANBgkqhkiG9w0BAQsFAAOCAQEAiMXZuOMGVXy1+Lt2+xoLVoyI bK8nCXG2y0bdwHzUN4esZ4vx1CLtmaPNvVo9sMnnMovWhwjRV/8kJu4yzJPexjz6 eyCtDlByHVjuJeWUia8dj3x6Cn0kM5xfcfXDZhpPo/zAiAip9IVb8RfzsLzL3bd+ M7NsKaOc88LXnIpZ3Kdkuudz4DISdJ7h/qM8P1GWXVeQ26TO5SADJhPAtMogvBq7 +mY3EC64foErBtLAFsegqCIRD+RaIXIrUm7Hmyf1CLFhOMynIUHo1JF1lwLA1Wcn MkTtgRrVYxNyz7GVuXBDtc7qAeASF60+BVuMX6aoRqkEixGtD2QC03Qic/U+vg== -----END CERTIFICATE-----Generated at Wed Mar 15 11:52:18 2023 by rpki-client on console-fra.rpki-client.org