$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9fbd7a58-e139-4ada-86fc-00bddf61bca6.roa File: 9fbd7a58-e139-4ada-86fc-00bddf61bca6.roa (raw, json) Hash identifier: qnRs8Stk/NVHOOWtnsq5rZwOuG66XaRF2l/b1pLnccI= Subject key identifier: 80:C4:F9:56:C7:12:CB:36:8B:DB:C4:3D:53:4F:30:86:90:0E:31:81 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 78C7DDBCA5873302D4663FD444B828C44203F3D1 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9fbd7a58-e139-4ada-86fc-00bddf61bca6.roa Signing time: Thu 02 Mar 2023 00:00:00 +0000 ROA not before: Thu 02 Mar 2023 00:00:00 +0000 ROA not after: Thu 06 Apr 2023 23:59:59 +0000 asID: 16509 IP address blocks: 103.21.240.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 16 Mar 2023 12:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:c7:dd:bc:a5:87:33:02:d4:66:3f:d4:44:b8:28:c4:42:03:f3:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Mar 2 00:00:00 2023 GMT Not After : Apr 6 23:59:59 2023 GMT Subject: serialNumber=044072671b54840d5276b39305f6869518429358044a5fc3f34a8979befb756d, CN=4257e925-715f-47a2-893e-0e3f97ec7e22, OU=Amazon RPKI, O=Amazon.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:06:84:99:99:32:66:d2:c3:80:c1:6b:5a:3f: f7:78:45:23:72:8d:71:98:99:9b:82:0e:85:d7:d3: 19:c1:0b:ed:eb:46:e8:8b:70:ae:20:03:7b:2f:a3: 7b:60:16:93:c0:3c:0a:f3:bd:36:ff:cb:4e:f6:b2: f2:d8:09:95:b5:78:65:b9:a1:cd:93:8a:ca:26:dd: f7:f7:19:34:3b:64:79:77:e0:a1:5c:e4:10:b0:0a: c6:c9:c7:b3:ca:98:82:74:76:8a:59:2d:81:0f:0a: 64:6c:5f:31:e9:45:03:e2:f8:01:36:a2:53:a3:54: 51:47:1b:44:02:bf:0f:7d:5e:ca:1e:4e:e6:6b:58: 30:4b:2a:01:fc:76:59:7c:43:97:bf:b0:ab:ad:97: 27:f7:fc:03:bf:de:d9:ed:49:be:aa:2f:e3:4c:24: f1:fa:7d:c1:eb:f8:ba:a4:80:45:49:fc:cf:4f:85: 3b:9d:b9:04:24:cf:52:38:95:39:64:58:74:f2:df: 76:51:56:7e:95:37:e4:9c:15:60:a5:fd:b6:f8:59: c2:e3:2e:77:9c:bd:da:72:b4:ea:b4:31:de:1e:21: d8:4e:e0:71:3c:c9:1b:5b:39:70:7a:bd:8e:6f:9a: cd:e0:6e:4c:49:4c:67:d2:df:37:db:bc:b2:2d:ec: a3:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:C4:F9:56:C7:12:CB:36:8B:DB:C4:3D:53:4F:30:86:90:0E:31:81 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9fbd7a58-e139-4ada-86fc-00bddf61bca6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.21.240.0/24 Signature Algorithm: sha256WithRSAEncryption a7:c5:34:bd:61:56:fb:39:6a:ce:f8:c4:86:7a:7e:a9:d6:32: 99:b8:0b:fa:b0:bb:91:25:bd:63:e4:2c:c8:2e:aa:e7:fb:4a: c8:2c:a6:aa:c8:b7:69:05:d2:81:f8:c6:48:4b:a3:41:d9:65: da:5a:55:3f:b1:0e:e7:56:ab:ad:0b:06:0c:71:c5:15:09:6a: 6b:5b:93:a0:14:ce:83:ff:58:33:ca:e3:ef:c4:27:67:15:76: 7a:ac:2a:ca:e8:de:8e:49:9d:c7:73:a2:57:d6:64:7a:36:db: e7:ba:d4:4d:58:71:e3:57:15:68:70:3e:9a:a7:14:8b:5c:24: 8b:5e:63:2e:43:f0:cd:49:a0:f4:43:52:74:42:05:23:d3:3e: 66:4e:b5:04:c2:d0:a7:69:c2:2f:8c:25:e2:93:17:cc:e1:3f: 52:53:68:3c:51:33:f8:66:28:05:1c:93:1f:ee:9e:bb:86:9f: 89:94:a3:1e:72:18:58:eb:4c:dd:ff:97:2e:4b:fd:b2:1f:39: f3:c8:f4:d4:df:fd:c8:47:66:02:69:6e:1e:c7:32:db:12:86: db:8c:ff:a2:76:61:54:68:ca:8b:0c:71:48:4a:c6:90:c7:b9: 78:1f:e9:b9:32:f0:63:7c:f5:3c:5e:4e:7a:9d:7b:8e:ab:f7: 24:a6:42:6e -----BEGIN CERTIFICATE----- MIIFyDCCBLCgAwIBAgIUeMfdvKWHMwLUZj/URLgoxEID89EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTIzMDMwMjAwMDAwMFoX DTIzMDQwNjIzNTk1OVowgaUxSTBHBgNVBAUTQDA0NDA3MjY3MWI1NDg0MGQ1Mjc2 YjM5MzA1ZjY4Njk1MTg0MjkzNTgwNDRhNWZjM2YzNGE4OTc5YmVmYjc1NmQxLTAr BgNVBAMTJDQyNTdlOTI1LTcxNWYtNDdhMi04OTNlLTBlM2Y5N2VjN2UyMjEUMBIG A1UECxMLQW1hem9uIFJQS0kxEzARBgNVBAoTCkFtYXpvbi5jb20wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDABoSZmTJm0sOAwWtaP/d4RSNyjXGYmZuC DoXX0xnBC+3rRuiLcK4gA3svo3tgFpPAPArzvTb/y072svLYCZW1eGW5oc2Tisom 3ff3GTQ7ZHl34KFc5BCwCsbJx7PKmIJ0dopZLYEPCmRsXzHpRQPi+AE2olOjVFFH G0QCvw99XsoeTuZrWDBLKgH8dll8Q5e/sKutlyf3/AO/3tntSb6qL+NMJPH6fcHr +LqkgEVJ/M9PhTuduQQkz1I4lTlkWHTy33ZRVn6VN+ScFWCl/bb4WcLjLnecvdpy tOq0Md4eIdhO4HE8yRtbOXB6vY5vms3gbkxJTGfS3zfbvLIt7KO9AgMBAAGjggJI MIICRDAdBgNVHQ4EFgQUgMT5VscSyzaL28Q9U08whpAOMYEwHwYDVR0jBBgwFoAU l+vzSPN2uGf8drKyuRB4w91JSIMwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUFBwEB BHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0 b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL2wtdnpTUE4ydUdm OGRyS3l1UkI0dzkxSlNJTS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEF BQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3MuY29t L3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJiY2JiODVhZTYvOWZi ZDdhNTgtZTEzOS00YWRhLTg2ZmMtMDBiZGRmNjFiY2E2LnJvYTCBlQYDVR0fBIGN MIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpv bmF3cy5jb20vdm9sdW1lL2MzY2Q3YzI0LTEyY2ItNGFiYy04ZmQyLTVlMmJjYmI4 NWFlNi85MGNhOTBhOS1hMTBhLTQ0ZTctODJiOS0xMzY1NzQ2YmE1NWUuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBABnFfAwDQYJKoZIhvcNAQELBQADggEBAKfFNL1hVvs5as74xIZ6fqnWMpm4 C/qwu5ElvWPkLMguquf7SsgspqrIt2kF0oH4xkhLo0HZZdpaVT+xDudWq60LBgxx xRUJamtbk6AUzoP/WDPK4+/EJ2cVdnqsKsro3o5JncdzolfWZHo22+e61E1YceNX FWhwPpqnFItcJIteYy5D8M1JoPRDUnRCBSPTPmZOtQTC0Kdpwi+MJeKTF8zhP1JT aDxRM/hmKAUckx/unruGn4mUox5yGFjrTN3/ly5L/bIfOfPI9NTf/chHZgJpbh7H MtsShtuM/6J2YVRoyosMcUhKxpDHuXgf6bky8GN89TxeTnqde46r9ySmQm4= -----END CERTIFICATE-----Generated at Wed Mar 15 11:52:45 2023 by rpki-client on console-fra.rpki-client.org