$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/97e51edc-22c5-4cb0-846c-06d6751df3b4.roa File: 97e51edc-22c5-4cb0-846c-06d6751df3b4.roa (raw, json) Hash identifier: GLK5Bpmt+3TPYtuxMBRtBuI82km6Vk60KVBinqoCQys= Subject key identifier: 96:60:5D:CA:1E:BA:95:C0:F8:88:AA:98:C7:F3:93:63:32:55:2F:12 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 5DA251FFF3B86E96703A92A56517EEBC05F643D4 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/97e51edc-22c5-4cb0-846c-06d6751df3b4.roa Signing time: Sat 25 Mar 2023 00:00:00 +0000 ROA not before: Sat 25 Mar 2023 00:00:00 +0000 ROA not after: Sat 29 Apr 2023 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Mar 2023 12:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:a2:51:ff:f3:b8:6e:96:70:3a:92:a5:65:17:ee:bc:05:f6:43:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Mar 25 00:00:00 2023 GMT Not After : Apr 29 23:59:59 2023 GMT Subject: serialNumber=9f58354559127f329d5e5c71d7faa2830909564a3af40c574eb08d74c0825033, CN=4257e925-715f-47a2-893e-0e3f97ec7e22, OU=Amazon RPKI, O=Amazon.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:9b:92:48:d6:01:89:ae:54:c5:1c:59:5b:45: f3:e0:e7:47:2e:ee:6f:8d:91:ab:0d:00:0e:21:19: 34:d8:d7:2a:c4:d6:f5:b5:40:49:4f:89:78:af:4b: ec:ca:46:cb:e9:e4:7c:bc:e0:e6:91:5b:55:40:a9: c8:3a:b4:48:e5:ca:2d:b1:da:15:03:08:25:7a:3a: 1b:6f:cc:fe:d2:be:d6:c5:b6:e9:4c:62:7d:1b:fb: 29:97:84:62:81:7b:3b:56:77:d0:1f:0b:7f:6f:f3: 39:b0:64:2c:c8:f0:65:a4:79:f5:9d:93:b7:f0:d8: 38:04:9f:dd:72:30:28:4d:30:2f:f5:d7:8a:0d:00: 80:e6:0c:1f:4c:f2:d0:64:d2:d9:75:70:e2:d4:7d: 27:15:f3:2e:75:ac:fa:22:0d:f4:08:8b:d4:23:31: 33:f9:b5:35:99:15:f0:9a:03:93:c8:33:8b:5b:65: 7a:36:50:95:d8:fd:0b:f4:86:92:55:7f:1f:00:cb: d4:f9:93:08:e0:93:4e:7f:b1:f3:e3:8c:ad:a4:ac: e8:f7:93:5a:6c:01:b1:54:51:2b:e3:e3:14:26:2e: 3f:89:a1:29:f2:f4:0b:f6:62:f1:62:e2:2c:66:8f: 40:2a:7c:64:bd:1a:71:b9:92:5e:8c:5c:cc:35:96: 53:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:60:5D:CA:1E:BA:95:C0:F8:88:AA:98:C7:F3:93:63:32:55:2F:12 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/97e51edc-22c5-4cb0-846c-06d6751df3b4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:8000::/40 Signature Algorithm: sha256WithRSAEncryption 2c:ae:85:88:db:ff:78:ca:1c:26:f4:40:54:8b:ac:cc:4c:78: 7d:0a:2a:c4:8f:bd:54:e4:c3:88:f9:1e:3e:f8:b0:2c:5a:c4: bd:2f:dd:68:bd:db:1d:45:90:df:49:6b:77:0e:6a:c8:1f:d1: 11:a7:f4:15:ad:de:fe:16:13:88:de:80:9c:d6:83:7e:85:65: 9c:8d:b0:39:32:66:cd:7c:b7:a2:af:0b:e8:76:21:71:59:34: e8:3d:13:78:d4:8c:9c:49:08:e7:24:07:e3:da:63:14:a1:f6: bd:b5:66:53:e6:e0:96:ee:5d:90:98:d3:3d:c1:00:59:f5:fe: 96:9e:ea:29:8c:7f:eb:21:02:79:86:1d:11:dc:5c:8d:25:c3: 8d:3f:69:05:16:1c:0e:4e:de:6f:0e:fa:96:0f:ab:0f:28:2f: bb:f3:e1:ce:55:aa:4d:c7:40:d1:9d:a7:0e:25:c8:1e:af:59: cc:7a:b2:9d:9b:56:50:7d:c6:b1:88:d6:8c:77:72:ef:d8:d4: 14:e6:8d:48:12:af:39:26:fa:05:9e:de:46:8e:1f:e9:5e:6d: ef:02:6c:f6:8b:1a:20:4e:76:f5:46:45:a9:28:2d:81:d5:6e: 53:f8:57:73:52:23:53:99:13:fb:f1:5d:47:ee:37:d1:57:b2: 2f:23:8f:d3 -----BEGIN CERTIFICATE----- MIIFyjCCBLKgAwIBAgIUXaJR//O4bpZwOpKlZRfuvAX2Q9QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTIzMDMyNTAwMDAwMFoX DTIzMDQyOTIzNTk1OVowgaUxSTBHBgNVBAUTQDlmNTgzNTQ1NTkxMjdmMzI5ZDVl NWM3MWQ3ZmFhMjgzMDkwOTU2NGEzYWY0MGM1NzRlYjA4ZDc0YzA4MjUwMzMxLTAr BgNVBAMTJDQyNTdlOTI1LTcxNWYtNDdhMi04OTNlLTBlM2Y5N2VjN2UyMjEUMBIG A1UECxMLQW1hem9uIFJQS0kxEzARBgNVBAoTCkFtYXpvbi5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsm5JI1gGJrlTFHFlbRfPg50cu7m+NkasN AA4hGTTY1yrE1vW1QElPiXivS+zKRsvp5Hy84OaRW1VAqcg6tEjlyi2x2hUDCCV6 OhtvzP7SvtbFtulMYn0b+ymXhGKBeztWd9AfC39v8zmwZCzI8GWkefWdk7fw2DgE n91yMChNMC/114oNAIDmDB9M8tBk0tl1cOLUfScV8y51rPoiDfQIi9QjMTP5tTWZ FfCaA5PIM4tbZXo2UJXY/Qv0hpJVfx8Ay9T5kwjgk05/sfPjjK2krOj3k1psAbFU USvj4xQmLj+JoSny9Av2YvFi4ixmj0AqfGS9GnG5kl6MXMw1llPVAgMBAAGjggJK MIICRjAdBgNVHQ4EFgQUlmBdyh66lcD4iKqYx/OTYzJVLxIwHwYDVR0jBBgwFoAU l+vzSPN2uGf8drKyuRB4w91JSIMwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUFBwEB BHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0 b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL2wtdnpTUE4ydUdm OGRyS3l1UkI0dzkxSlNJTS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEF BQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJiY2JiODVhZTYvOTdl NTFlZGMtMjJjNS00Y2IwLTg0NmMtMDZkNjc1MWRmM2I0LnJvYTCBlQYDVR0fBIGN MIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpv bmF3cy5jb20vdm9sdW1lL2MzY2Q3YzI0LTEyY2ItNGFiYy04ZmQyLTVlMmJjYmI4 NWFlNi85MGNhOTBhOS1hMTBhLTQ0ZTctODJiOS0xMzY1NzQ2YmE1NWUuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAkD4D/gDANBgkqhkiG9w0BAQsFAAOCAQEALK6FiNv/eMocJvRAVIuszEx4 fQoqxI+9VOTDiPkePviwLFrEvS/daL3bHUWQ30lrdw5qyB/REaf0Fa3e/hYTiN6A nNaDfoVlnI2wOTJmzXy3oq8L6HYhcVk06D0TeNSMnEkI5yQH49pjFKH2vbVmU+bg lu5dkJjTPcEAWfX+lp7qKYx/6yECeYYdEdxcjSXDjT9pBRYcDk7ebw76lg+rDygv u/PhzlWqTcdA0Z2nDiXIHq9ZzHqynZtWUH3GsYjWjHdy79jUFOaNSBKvOSb6BZ7e Ro4f6V5t7wJs9osaIE529UZFqSgtgdVuU/hXc1IjU5kT+/FdR+430VeyLyOP0w== -----END CERTIFICATE-----Generated at Sat Mar 25 00:13:39 2023 by rpki-client on console-fra.rpki-client.org