$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e527b4cc-d757-4fe5-b860-39f3cd54f2dc.roa File: e527b4cc-d757-4fe5-b860-39f3cd54f2dc.roa (raw, json) Hash identifier: 9+zhUnxymVZ/Fuv0LRX5jHy7vqH/FsmejBFUX4ALXv4= Subject key identifier: D1:FF:A1:9B:DE:2F:2E:C3:5F:D0:A6:B5:00:33:E3:D1:27:09:3A:98 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4392E1FCF13A3E0130CE6D05EB5EC797412BFBC9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e527b4cc-d757-4fe5-b860-39f3cd54f2dc.roa Signing time: Sun 26 Mar 2023 00:00:00 +0000 ROA not before: Sun 26 Mar 2023 00:00:00 +0000 ROA not after: Sun 30 Apr 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Mar 2023 12:04:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:92:e1:fc:f1:3a:3e:01:30:ce:6d:05:eb:5e:c7:97:41:2b:fb:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 26 00:00:00 2023 GMT Not After : Apr 30 23:59:59 2023 GMT Subject: serialNumber=c10edc0d2a4de6e49a0d8038cf90c73d0574585bc260535af319d85ca9240ed6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81, OU=Amazon RPKI, O=Amazon.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:b9:ad:d0:08:89:bb:cd:5d:a5:39:f5:ab:38: e1:e5:3a:08:c4:ff:e3:54:79:ea:60:b3:54:d8:66: 45:31:fe:8b:54:77:8c:f6:1a:c5:e1:d0:24:6c:a8: 4c:f6:c5:71:49:ba:f4:31:6d:d4:e1:42:d0:3c:f2: ee:e7:1f:aa:e3:e1:78:73:71:0a:d2:f6:67:7e:95: 2c:36:c9:f9:e8:51:92:f6:3f:f0:d2:c2:71:19:cf: ee:db:a5:01:b1:b9:0f:d6:60:c6:b1:37:a0:a8:1c: e0:f0:e5:54:0c:22:0c:55:f3:3b:06:cc:b1:23:ee: eb:0c:7c:79:c1:56:03:50:81:a3:d5:b3:2e:77:e7: bb:41:b0:07:27:7d:90:a9:5d:60:22:dc:91:04:80: 4c:c3:f5:8f:16:24:6a:3a:4c:85:c9:f1:36:1c:4a: ae:1e:69:0d:ff:a8:94:ab:78:57:21:48:f0:b8:a5: fd:26:d8:8b:ec:38:6e:27:07:36:3b:3c:99:e9:bc: 5c:9e:09:e0:fb:c0:07:ff:58:a3:9f:b2:21:7d:3f: be:2f:3f:7d:f2:a7:ab:0b:7f:78:79:e7:48:36:08: 2e:ef:a5:4a:4e:07:f9:90:e9:f7:8d:6e:f9:d5:55: c0:1c:c4:16:e8:dd:f4:29:23:ac:07:16:0a:e8:dc: b1:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:FF:A1:9B:DE:2F:2E:C3:5F:D0:A6:B5:00:33:E3:D1:27:09:3A:98 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e527b4cc-d757-4fe5-b860-39f3cd54f2dc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:1000::/40 Signature Algorithm: sha256WithRSAEncryption 40:6a:e8:b9:74:e7:8e:a9:17:2e:82:e2:28:b7:43:57:9c:00: c3:a0:ae:31:26:66:28:8f:e0:1f:eb:c6:f4:d7:69:35:fd:3c: eb:f1:c1:ff:6b:53:e3:d2:81:f2:ba:69:c5:75:cf:e3:94:be: 93:9b:07:bc:b2:bd:31:1f:10:5c:b2:62:2f:ca:8e:a0:fb:93: 81:b1:d1:9e:cb:c0:f8:7c:5f:d0:f6:9d:0f:9a:38:b3:cf:69: 4c:10:70:44:78:62:8a:1e:cd:c7:4e:9c:b7:fd:ad:34:22:9f: 62:02:83:ad:a8:1f:80:fc:be:ec:4a:e8:cf:16:42:1c:0d:4a: 22:3e:e3:f3:30:3c:e9:cc:6d:e3:47:f1:ea:3d:f0:55:af:63: f2:26:d5:80:f8:ee:41:c7:44:76:d4:1e:ff:42:4a:06:61:4b: 27:9f:f9:07:b2:97:44:97:5d:7d:37:7e:4f:2c:f3:4c:31:69: 2e:f5:7a:07:d3:f4:19:b5:32:de:a7:de:00:4f:c1:c4:e9:d4: 50:75:7c:7d:d0:6f:f1:0b:61:25:18:04:b3:07:ab:8d:34:18: b3:20:60:46:46:b0:85:43:25:e3:df:2b:af:e0:a5:aa:eb:bc: e8:6a:24:e7:69:62:9a:37:87:cf:06:50:5f:9f:15:62:a7:a3: 63:82:37:fe -----BEGIN CERTIFICATE----- MIIFyjCCBLKgAwIBAgIUQ5Lh/PE6PgEwzm0F617Hl0Er+8kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTIzMDMyNjAwMDAwMFoX DTIzMDQzMDIzNTk1OVowgaUxSTBHBgNVBAUTQGMxMGVkYzBkMmE0ZGU2ZTQ5YTBk ODAzOGNmOTBjNzNkMDU3NDU4NWJjMjYwNTM1YWYzMTlkODVjYTkyNDBlZDYxLTAr BgNVBAMTJGMwYmYwZmU4LTcxN2MtNGY3Mi05YjQ1LWM5YzUxOTEzMmE4MTEUMBIG A1UECxMLQW1hem9uIFJQS0kxEzARBgNVBAoTCkFtYXpvbi5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2ua3QCIm7zV2lOfWrOOHlOgjE/+NUeepg s1TYZkUx/otUd4z2GsXh0CRsqEz2xXFJuvQxbdThQtA88u7nH6rj4XhzcQrS9md+ lSw2yfnoUZL2P/DSwnEZz+7bpQGxuQ/WYMaxN6CoHODw5VQMIgxV8zsGzLEj7usM fHnBVgNQgaPVsy5357tBsAcnfZCpXWAi3JEEgEzD9Y8WJGo6TIXJ8TYcSq4eaQ3/ qJSreFchSPC4pf0m2IvsOG4nBzY7PJnpvFyeCeD7wAf/WKOfsiF9P74vP33yp6sL f3h550g2CC7vpUpOB/mQ6feNbvnVVcAcxBbo3fQpI6wHFgro3LHNAgMBAAGjggJK MIICRjAdBgNVHQ4EFgQU0f+hm94vLsNf0Ka1ADPj0ScJOpgwHwYDVR0jBBgwFoAU QHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUFBwEB BHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0 b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RTeG0w dUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEF BQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEvZTUy N2I0Y2MtZDc1Ny00ZmU1LWI4NjAtMzlmM2NkNTRmMmRjLnJvYTCBlQYDVR0fBIGN MIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpv bmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUwYmVj OTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAkBtryEDANBgkqhkiG9w0BAQsFAAOCAQEAQGrouXTnjqkXLoLiKLdDV5wA w6CuMSZmKI/gH+vG9NdpNf086/HB/2tT49KB8rppxXXP45S+k5sHvLK9MR8QXLJi L8qOoPuTgbHRnsvA+Hxf0PadD5o4s89pTBBwRHhiih7Nx06ct/2tNCKfYgKDragf gPy+7ErozxZCHA1KIj7j8zA86cxt40fx6j3wVa9j8ibVgPjuQcdEdtQe/0JKBmFL J5/5B7KXRJddfTd+TyzzTDFpLvV6B9P0GbUy3qfeAE/BxOnUUHV8fdBv8QthJRgE swerjTQYsyBgRkawhUMl498rr+Clquu86Gok52limjeHzwZQX58VYqejY4I3/g== -----END CERTIFICATE-----Generated at Sun Mar 26 00:40:38 2023 by rpki-client on console-ams.rpki-client.org