$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/7ec71d95-427c-491b-a7cc-55afd17c6f55.roa File: 7ec71d95-427c-491b-a7cc-55afd17c6f55.roa (raw, json) Hash identifier: n97MVtdN5eXfnAPytNk+DOSm8pgd5NnkoLqmir+/dkc= Subject key identifier: 84:72:E0:A7:CC:FB:6B:D6:6E:02:03:47:36:B9:0A:2B:15:F3:E3:47 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 03CB5CCCFFE4FB319B001A25C4834AF81573FDDC Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/7ec71d95-427c-491b-a7cc-55afd17c6f55.roa Signing time: Sat 25 Mar 2023 00:00:00 +0000 ROA not before: Sat 25 Mar 2023 00:00:00 +0000 ROA not after: Sat 29 Apr 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:108c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Mar 2023 12:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:cb:5c:cc:ff:e4:fb:31:9b:00:1a:25:c4:83:4a:f8:15:73:fd:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Mar 25 00:00:00 2023 GMT Not After : Apr 29 23:59:59 2023 GMT Subject: serialNumber=a3c84ac66371c8270f40c003d598bb6d3bebee979e8fd584b979bf1f6f2a0a34, CN=bb9a9116-f615-462e-a680-5266b327e0fa, OU=Amazon RPKI, O=Amazon.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:80:04:f3:14:ef:ff:f3:00:07:83:73:02:9c: 6b:83:83:b1:0f:95:96:5f:92:1d:32:67:0d:5b:49: cc:f6:3e:43:80:bc:9d:47:32:a2:ab:91:93:65:57: 36:db:08:f4:82:f4:2b:31:ad:14:ee:fa:7e:7f:18: 6d:7c:8f:bf:4f:24:8a:bc:c8:cf:10:35:4f:4c:52: 46:95:54:b8:54:20:13:51:50:9a:18:0a:e8:04:4d: d9:c4:33:a5:0f:75:fc:4b:45:17:a0:30:ce:c9:d3: b1:b9:cb:84:5e:89:f6:89:b3:d9:99:0c:77:e2:52: ff:80:44:1d:6d:a7:28:5a:e3:7a:71:0b:fa:00:15: 5f:38:d9:ee:01:19:1d:84:4e:b8:fc:d0:a3:e3:52: dc:79:05:13:1f:3a:41:00:5d:4a:85:7c:7b:84:c9: c9:33:74:ca:1b:3e:bb:12:70:a9:6b:ac:18:7d:5f: 31:19:6f:5c:26:64:9e:84:76:e5:2b:25:8d:c5:a5: 18:ca:25:3d:9b:59:c3:4c:09:c2:47:5e:21:12:ce: 6a:44:b2:64:94:e4:04:9f:6f:b6:e5:a6:44:d8:87: a8:a0:ea:72:b2:e4:28:fb:21:db:ba:ac:15:c9:9e: ea:62:ad:07:1c:8c:14:bc:b5:af:44:47:74:dd:eb: 17:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:72:E0:A7:CC:FB:6B:D6:6E:02:03:47:36:B9:0A:2B:15:F3:E3:47 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/7ec71d95-427c-491b-a7cc-55afd17c6f55.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:108c::/48 Signature Algorithm: sha256WithRSAEncryption 41:b6:71:96:0e:4f:7b:c1:79:38:df:0d:94:6a:8e:b3:13:d4: 25:ec:7e:71:4d:21:02:41:b8:28:01:90:2f:74:47:db:79:47: 10:48:18:ef:9d:e8:ee:18:42:28:74:6c:e9:9d:df:bd:32:5c: 65:49:8d:f9:b1:ec:f3:1f:8a:2f:03:47:3c:2c:9f:b6:59:d5: ff:80:aa:2a:c1:cc:83:fc:55:78:38:87:27:f8:90:ac:0a:0c: e0:e4:23:f0:54:c6:95:ea:2b:e3:87:8c:4f:a8:87:8e:39:7c: a3:96:2a:8a:26:fa:9a:cd:e9:ef:8a:87:85:fb:eb:61:df:96: 8c:d0:96:f7:16:15:1e:88:aa:de:02:1a:fb:1b:92:5c:2c:a1: 8f:2e:92:c7:6d:80:07:7c:d6:84:fd:e8:38:73:95:95:fa:e0: 28:49:2b:c6:5d:5b:b9:82:95:8a:9e:c2:36:df:00:b5:4b:3d: 53:db:6c:15:6d:fc:25:ff:86:33:06:a5:64:63:96:97:eb:fd: ef:0d:b1:f6:8d:b7:45:51:85:fd:40:03:82:03:f9:e0:8d:c5: 74:86:e0:1a:cb:79:61:2d:d8:54:76:60:ac:af:cb:63:ac:e4: 8e:c4:03:2f:b5:b2:37:cd:bb:a6:af:e1:08:34:fc:2c:88:9d: 40:4b:81:9d -----BEGIN CERTIFICATE----- MIIFyzCCBLOgAwIBAgIUA8tczP/k+zGbABolxINK+BVz/dwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTIzMDMyNTAwMDAwMFoX DTIzMDQyOTIzNTk1OVowgaUxSTBHBgNVBAUTQGEzYzg0YWM2NjM3MWM4MjcwZjQw YzAwM2Q1OThiYjZkM2JlYmVlOTc5ZThmZDU4NGI5NzliZjFmNmYyYTBhMzQxLTAr BgNVBAMTJGJiOWE5MTE2LWY2MTUtNDYyZS1hNjgwLTUyNjZiMzI3ZTBmYTEUMBIG A1UECxMLQW1hem9uIFJQS0kxEzARBgNVBAoTCkFtYXpvbi5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxgATzFO//8wAHg3MCnGuDg7EPlZZfkh0y Zw1bScz2PkOAvJ1HMqKrkZNlVzbbCPSC9CsxrRTu+n5/GG18j79PJIq8yM8QNU9M UkaVVLhUIBNRUJoYCugETdnEM6UPdfxLRRegMM7J07G5y4ReifaJs9mZDHfiUv+A RB1tpyha43pxC/oAFV842e4BGR2ETrj80KPjUtx5BRMfOkEAXUqFfHuEyckzdMob PrsScKlrrBh9XzEZb1wmZJ6EduUrJY3FpRjKJT2bWcNMCcJHXiESzmpEsmSU5ASf b7blpkTYh6ig6nKy5Cj7Idu6rBXJnupirQccjBS8ta9ER3Td6xetAgMBAAGjggJL MIICRzAdBgNVHQ4EFgQUhHLgp8z7a9ZuAgNHNrkKKxXz40cwHwYDVR0jBBgwFoAU 58raXwiB13vqSLB2ijdmtQBlrwgwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUFBwEB BHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0 b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyLzU4cmFYd2lCMTN2 cVNMQjJpamRtdFFCbHJ3Zy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEF BQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvN2Vj NzFkOTUtNDI3Yy00OTFiLWE3Y2MtNTVhZmQxN2M2ZjU1LnJvYTCBlQYDVR0fBIGN MIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpv bmF3cy5jb20vdm9sdW1lLzcwOGFhZmFmLTAwYjQtNDg1Yi04NTRjLTBiMzJjYTMw ZjU3Yi8xMmU1OTAwMS0zNWFjLTRhYmYtODU4Zi0zN2I5NTVhMjRiM2YuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwAkA7MAEIwwDQYJKoZIhvcNAQELBQADggEBAEG2cZYOT3vBeTjfDZRqjrMT 1CXsfnFNIQJBuCgBkC90R9t5RxBIGO+d6O4YQih0bOmd370yXGVJjfmx7PMfii8D Rzwsn7ZZ1f+AqirBzIP8VXg4hyf4kKwKDODkI/BUxpXqK+OHjE+oh445fKOWKoom +prN6e+Kh4X762HflozQlvcWFR6Iqt4CGvsbklwsoY8uksdtgAd81oT96DhzlZX6 4ChJK8ZdW7mClYqewjbfALVLPVPbbBVt/CX/hjMGpWRjlpfr/e8NsfaNt0VRhf1A A4ID+eCNxXSG4BrLeWEt2FR2YKyvy2Os5I7EAy+1sjfNu6av4Qg0/CyInUBLgZ0= -----END CERTIFICATE-----Generated at Sat Mar 25 00:23:11 2023 by rpki-client on console-ams.rpki-client.org