$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/b3d57ffd-cfff-4f0f-9a34-bd001a900e9e.roa File: b3d57ffd-cfff-4f0f-9a34-bd001a900e9e.roa (raw, json) Hash identifier: K/3MTj98zdbYvJO1Rvs6JQijR67JhBusxQulcShfRfs= Subject key identifier: F6:3E:51:4B:53:01:74:DC:95:82:20:01:6D:99:58:94:EA:31:D0:09 Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Certificate serial: 0FE68C3E48E15077B35F301A71BDBC4DF84A76AE Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/b3d57ffd-cfff-4f0f-9a34-bd001a900e9e.roa Signing time: Sat 25 Mar 2023 00:00:00 +0000 ROA not before: Sat 25 Mar 2023 00:00:00 +0000 ROA not after: Sat 29 Apr 2023 23:59:59 +0000 asID: 16509 IP address blocks: 2403:b300:10fc::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Mar 2023 12:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:e6:8c:3e:48:e1:50:77:b3:5f:30:1a:71:bd:bc:4d:f8:4a:76:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08 Validity Not Before: Mar 25 00:00:00 2023 GMT Not After : Apr 29 23:59:59 2023 GMT Subject: serialNumber=3a0af88921981f6921a8b4a0a98eb289da9b0f8424fc312d2445a507a87b3cf9, CN=bb9a9116-f615-462e-a680-5266b327e0fa, OU=Amazon RPKI, O=Amazon.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:5d:eb:5e:32:95:bc:e3:9c:8c:ed:de:b7:2a: 71:3d:ba:98:40:ae:e6:f9:e7:8b:ea:f7:67:cd:0c: 80:86:80:af:92:e1:b5:1b:0c:9d:71:46:20:d4:c5: 64:db:62:ab:14:83:52:5d:b9:8d:f1:8e:65:6b:af: 32:c3:43:9c:b5:1d:5c:3f:20:74:45:cd:a5:3a:fc: d8:02:50:16:47:7c:9f:a3:7e:c7:8f:d2:59:17:98: 37:67:14:1c:be:8f:2c:c0:9c:3c:7b:d8:ab:5a:3e: 9d:6d:0c:e8:21:33:83:c2:5f:84:37:64:65:78:fe: c7:12:8b:57:42:d5:5b:19:24:b5:d0:29:1b:a5:e2: ea:1a:b5:3b:94:5b:66:7b:28:39:a1:d4:14:01:57: b8:a6:a9:5f:a0:d9:d0:db:73:08:10:67:22:3c:c1: d7:f3:e5:90:d7:6f:50:dd:cc:74:be:dc:f0:5f:8f: fc:36:e9:5c:f3:b3:29:82:2a:0a:55:34:77:f3:63: 16:80:d3:16:1c:59:19:42:a4:d1:27:40:f0:9f:6a: 6d:9e:3a:1f:76:84:22:bd:51:c4:4e:d2:2c:74:f9: f5:35:3e:d2:65:dd:8c:99:cf:a0:e1:eb:66:68:69: 55:a8:2b:aa:51:17:4f:bc:ea:f6:df:48:02:53:b8: 91:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:3E:51:4B:53:01:74:DC:95:82:20:01:6D:99:58:94:EA:31:D0:09 X509v3 Authority Key Identifier: keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/b3d57ffd-cfff-4f0f-9a34-bd001a900e9e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2403:b300:10fc::/48 Signature Algorithm: sha256WithRSAEncryption 68:74:49:8a:e8:0b:4c:de:66:e0:d0:7b:ea:9a:f6:c5:c3:05: b8:56:2c:9a:8e:ef:54:93:30:10:45:7e:05:5b:f7:55:f3:49: ea:36:ee:a0:46:3c:35:3e:88:17:7c:2c:93:50:0a:c1:b3:67: 16:2e:1a:4f:45:90:6b:48:6d:cc:f5:a1:1c:c4:88:8c:c4:c9: 1d:95:1e:cd:5b:c3:93:35:fe:6e:bc:0f:b6:79:4b:6c:2e:61: 1b:65:21:a3:e3:86:3b:16:d7:35:2e:9a:e3:8f:0b:81:f7:2c: 27:95:4c:c1:55:1a:86:1f:e3:74:07:0b:67:70:4d:0c:18:fe: da:b4:2c:93:e2:c2:24:8c:0e:70:e4:53:b0:cd:95:72:ab:0a: 0c:2c:0c:76:fb:09:65:79:ac:7f:1e:b2:84:9f:ba:4a:ad:99: f5:e4:2f:24:18:e6:2f:0e:ba:3a:85:61:46:63:d8:a2:25:33: e9:3d:16:04:9c:72:9d:4b:d0:e2:d5:71:4a:dd:3c:b1:a7:5c: a6:5c:91:c3:6d:aa:e5:39:22:55:a5:87:7b:36:fa:67:1e:a7: 9e:cc:2d:8d:51:f3:78:8c:21:b9:8a:85:13:76:e8:8e:2f:87: 15:7f:74:28:f4:35:57:9b:2a:66:2a:34:d0:3a:28:15:73:f6: 8c:b3:a2:8f -----BEGIN CERTIFICATE----- MIIFyzCCBLOgAwIBAgIUD+aMPkjhUHezXzAacb28TfhKdq4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4 ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTIzMDMyNTAwMDAwMFoX DTIzMDQyOTIzNTk1OVowgaUxSTBHBgNVBAUTQDNhMGFmODg5MjE5ODFmNjkyMWE4 YjRhMGE5OGViMjg5ZGE5YjBmODQyNGZjMzEyZDI0NDVhNTA3YTg3YjNjZjkxLTAr BgNVBAMTJGJiOWE5MTE2LWY2MTUtNDYyZS1hNjgwLTUyNjZiMzI3ZTBmYTEUMBIG A1UECxMLQW1hem9uIFJQS0kxEzARBgNVBAoTCkFtYXpvbi5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1XeteMpW845yM7d63KnE9uphArub554vq 92fNDICGgK+S4bUbDJ1xRiDUxWTbYqsUg1JduY3xjmVrrzLDQ5y1HVw/IHRFzaU6 /NgCUBZHfJ+jfseP0lkXmDdnFBy+jyzAnDx72KtaPp1tDOghM4PCX4Q3ZGV4/scS i1dC1VsZJLXQKRul4uoatTuUW2Z7KDmh1BQBV7imqV+g2dDbcwgQZyI8wdfz5ZDX b1DdzHS+3PBfj/w26VzzsymCKgpVNHfzYxaA0xYcWRlCpNEnQPCfam2eOh92hCK9 UcRO0ix0+fU1PtJl3YyZz6Dh62ZoaVWoK6pRF0+86vbfSAJTuJFjAgMBAAGjggJL MIICRzAdBgNVHQ4EFgQU9j5RS1MBdNyVgiABbZlYlOox0AkwHwYDVR0jBBgwFoAU 58raXwiB13vqSLB2ijdmtQBlrwgwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUFBwEB BHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0 b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyLzU4cmFYd2lCMTN2 cVNMQjJpamRtdFFCbHJ3Zy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEF BQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMyY2EzMGY1N2IvYjNk NTdmZmQtY2ZmZi00ZjBmLTlhMzQtYmQwMDFhOTAwZTllLnJvYTCBlQYDVR0fBIGN MIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpv bmF3cy5jb20vdm9sdW1lLzcwOGFhZmFmLTAwYjQtNDg1Yi04NTRjLTBiMzJjYTMw ZjU3Yi8xMmU1OTAwMS0zNWFjLTRhYmYtODU4Zi0zN2I5NTVhMjRiM2YuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwAkA7MAEPwwDQYJKoZIhvcNAQELBQADggEBAGh0SYroC0zeZuDQe+qa9sXD BbhWLJqO71STMBBFfgVb91XzSeo27qBGPDU+iBd8LJNQCsGzZxYuGk9FkGtIbcz1 oRzEiIzEyR2VHs1bw5M1/m68D7Z5S2wuYRtlIaPjhjsW1zUumuOPC4H3LCeVTMFV GoYf43QHC2dwTQwY/tq0LJPiwiSMDnDkU7DNlXKrCgwsDHb7CWV5rH8esoSfukqt mfXkLyQY5i8OujqFYUZj2KIlM+k9FgSccp1L0OLVcUrdPLGnXKZckcNtquU5IlWl h3s2+mcep57MLY1R83iMIbmKhRN26I4vhxV/dCj0NVebKmYqNNA6KBVz9oyzoo8= -----END CERTIFICATE-----Generated at Sat Mar 25 00:36:14 2023 by rpki-client on console-fra.rpki-client.org