$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e15fdd3a-f841-48ca-bcbb-730223dd6595.roa File: e15fdd3a-f841-48ca-bcbb-730223dd6595.roa (raw, json) Hash identifier: 5FSJOEY9CXF/pCku5jMiZgSttgUxlQNG7TG1J/rkGik= Subject key identifier: B2:51:B6:55:D9:75:2A:52:05:B9:0B:E2:8C:BC:91:90:2C:81:7C:CF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1EF4973E5FD6B845992C84FF0FDFF4CF58E91782 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e15fdd3a-f841-48ca-bcbb-730223dd6595.roa Signing time: Sun 26 Mar 2023 00:00:00 +0000 ROA not before: Sun 26 Mar 2023 00:00:00 +0000 ROA not after: Sun 30 Apr 2023 23:59:59 +0000 asID: 16509 IP address blocks: 103.246.150.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Mar 2023 12:04:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:f4:97:3e:5f:d6:b8:45:99:2c:84:ff:0f:df:f4:cf:58:e9:17:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 26 00:00:00 2023 GMT Not After : Apr 30 23:59:59 2023 GMT Subject: serialNumber=dba25cd98e486039dc28e356457d6b28c048d8710e147246d7908947e821ae3b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81, OU=Amazon RPKI, O=Amazon.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:57:9b:f2:1f:a1:bd:04:14:76:5e:b5:a7:28: 6a:f3:7f:22:5d:65:cf:ab:9d:12:b6:5d:d2:bc:81: d3:20:98:d3:51:f9:5a:8e:b1:94:27:06:2d:3e:62: 1e:8d:5d:88:9d:8e:90:53:9a:8f:f0:b4:9e:9f:6d: d4:2a:2d:d1:40:da:14:2d:90:4e:fa:b9:74:a1:95: a9:ef:f7:1e:d6:c3:2b:59:62:fc:a8:c0:4e:b2:62: 7e:ed:91:79:f5:f7:03:ec:3b:d5:b0:7b:d3:ce:50: d8:8b:d5:c1:16:25:b4:0f:1e:31:eb:ac:08:ec:3b: 54:64:ef:1f:03:a2:5f:32:c1:a1:5f:a7:0b:2d:5d: 22:85:1a:33:57:a9:f8:92:cc:0d:41:ab:ae:25:10: 6d:ec:84:07:99:e1:60:1a:4b:f5:8f:fd:48:36:9f: 31:09:57:32:8c:8d:ee:6e:65:09:aa:66:4f:2d:f8: e3:c7:ce:26:ed:e3:3c:c3:3b:d9:8e:bf:e3:43:58: c5:da:72:b2:89:72:de:a1:cd:aa:13:9d:55:1e:36: 7e:00:fd:8c:19:c5:70:8f:2c:ee:3a:67:f2:48:4b: 1c:e2:9a:c6:0e:84:41:99:4a:f2:b4:e2:ec:66:81: 99:30:da:0c:d3:9a:b9:44:cc:8d:e7:b4:62:5e:29: 44:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:51:B6:55:D9:75:2A:52:05:B9:0B:E2:8C:BC:91:90:2C:81:7C:CF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e15fdd3a-f841-48ca-bcbb-730223dd6595.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.246.150.0/23 Signature Algorithm: sha256WithRSAEncryption 7a:8f:58:b6:6e:1a:e1:f9:e3:f0:77:5a:3d:41:86:81:f3:b4: 3a:f7:fb:92:7a:94:c6:93:e1:a0:ec:73:a3:26:0c:96:d2:06: a0:fb:53:5a:86:45:7e:e7:c9:6c:dc:10:bf:cd:94:9e:e0:d9: f4:a5:f2:a8:1d:48:b6:c2:91:89:b2:37:5f:31:5f:a5:20:db: b4:e9:64:cd:df:bf:3a:8c:f3:86:d6:aa:e0:24:5a:25:37:d5: 92:a0:95:bf:ed:6c:83:6f:d8:bc:25:75:ee:f9:e8:93:23:f8: 0f:8d:cf:9d:09:76:86:51:2b:41:f2:09:27:98:d7:a4:e1:5b: a8:ce:d6:50:56:cc:df:0a:87:ff:d4:61:c4:d3:21:b3:86:06: ea:e4:6b:42:07:80:01:9f:5a:19:19:ed:e1:cd:f9:51:b9:3d: d9:61:3e:26:e1:03:16:64:44:bd:20:e3:c7:35:59:a4:3f:2a: f8:3f:e0:8d:20:d2:c3:85:b9:cc:df:f5:5e:33:74:14:78:ac: 3c:73:15:35:3c:a4:51:5e:90:77:4c:f6:06:34:85:95:ff:bb: db:12:5d:da:63:ac:84:cc:c9:0f:1f:5c:32:ef:75:df:86:20: 26:01:6c:75:47:28:37:08:e8:fe:cd:ca:8a:3b:92:76:ef:f6: 28:32:25:32 -----BEGIN CERTIFICATE----- MIIFyDCCBLCgAwIBAgIUHvSXPl/WuEWZLIT/D9/0z1jpF4IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDMyNjAwMDAwMFoX DTIzMDQzMDIzNTk1OVowgaUxSTBHBgNVBAUTQGRiYTI1Y2Q5OGU0ODYwMzlkYzI4 ZTM1NjQ1N2Q2YjI4YzA0OGQ4NzEwZTE0NzI0NmQ3OTA4OTQ3ZTgyMWFlM2IxLTAr BgNVBAMTJGMwYmYwZmU4LTcxN2MtNGY3Mi05YjQ1LWM5YzUxOTEzMmE4MTEUMBIG A1UECxMLQW1hem9uIFJQS0kxEzARBgNVBAoTCkFtYXpvbi5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeV5vyH6G9BBR2XrWnKGrzfyJdZc+rnRK2 XdK8gdMgmNNR+VqOsZQnBi0+Yh6NXYidjpBTmo/wtJ6fbdQqLdFA2hQtkE76uXSh lanv9x7WwytZYvyowE6yYn7tkXn19wPsO9Wwe9POUNiL1cEWJbQPHjHrrAjsO1Rk 7x8Dol8ywaFfpwstXSKFGjNXqfiSzA1Bq64lEG3shAeZ4WAaS/WP/Ug2nzEJVzKM je5uZQmqZk8t+OPHzibt4zzDO9mOv+NDWMXacrKJct6hzaoTnVUeNn4A/YwZxXCP LO46Z/JISxzimsYOhEGZSvK04uxmgZkw2gzTmrlEzI3ntGJeKUSfAgMBAAGjggJI MIICRDAdBgNVHQ4EFgQUslG2Vdl1KlIFuQvijLyRkCyBfM8wHwYDVR0jBBgwFoAU QHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUFBwEB BHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0 b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RTeG0w dUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEF BQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEvZTE1 ZmRkM2EtZjg0MS00OGNhLWJjYmItNzMwMjIzZGQ2NTk1LnJvYTCBlQYDVR0fBIGN MIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpv bmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUwYmVj OTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAFn9pYwDQYJKoZIhvcNAQELBQADggEBAHqPWLZuGuH54/B3Wj1BhoHztDr3 +5J6lMaT4aDsc6MmDJbSBqD7U1qGRX7nyWzcEL/NlJ7g2fSl8qgdSLbCkYmyN18x X6Ug27TpZM3fvzqM84bWquAkWiU31ZKglb/tbINv2Lwlde756JMj+A+Nz50JdoZR K0HyCSeY16ThW6jO1lBWzN8Kh//UYcTTIbOGBurka0IHgAGfWhkZ7eHN+VG5Pdlh PibhAxZkRL0g48c1WaQ/Kvg/4I0g0sOFuczf9V4zdBR4rDxzFTU8pFFekHdM9gY0 hZX/u9sSXdpjrITMyQ8fXDLvdd+GICYBbHVHKDcI6P7Nyoo7knbv9igyJTI= -----END CERTIFICATE-----Generated at Sun Mar 26 00:40:38 2023 by rpki-client on console-ams.rpki-client.org