:doc:`CloudTrail <../../cloudtrail>` / Client / list_public_keys

****************
list_public_keys
****************



.. py:method:: CloudTrail.Client.list_public_keys(**kwargs)

  

  Returns all public keys whose private keys were used to sign the digest files within the specified time range. The public key is needed to validate digest files that were signed with its corresponding private key.

   

  .. note::

    

    CloudTrail uses different private and public key pairs per Region. Each digest file is signed with a private key unique to its Region. When you validate a digest file from a specific Region, you must look in the same Region for its corresponding public key.

    

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/cloudtrail-2013-11-01/ListPublicKeys>`_  


  **Request Syntax**
  ::

    response = client.list_public_keys(
        StartTime=datetime(2015, 1, 1),
        EndTime=datetime(2015, 1, 1),
        NextToken='string'
    )
    
  :type StartTime: datetime
  :param StartTime: 

    Optionally specifies, in UTC, the start of the time range to look up public keys for CloudTrail digest files. If not specified, the current time is used, and the current public key is returned.

    

  
  :type EndTime: datetime
  :param EndTime: 

    Optionally specifies, in UTC, the end of the time range to look up public keys for CloudTrail digest files. If not specified, the current time is used.

    

  
  :type NextToken: string
  :param NextToken: 

    Reserved for future use.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'PublicKeyList': [
              {
                  'Value': b'bytes',
                  'ValidityStartTime': datetime(2015, 1, 1),
                  'ValidityEndTime': datetime(2015, 1, 1),
                  'Fingerprint': 'string'
              },
          ],
          'NextToken': 'string'
      }
      
    **Response Structure**

    

    - *(dict) --* 

      Returns the objects or data listed below if successful. Otherwise, returns an error.

      
      

      - **PublicKeyList** *(list) --* 

        Contains an array of PublicKey objects.

         

        .. note::

          

          The returned public keys may have validity time ranges that overlap.

          

        
        

        - *(dict) --* 

          Contains information about a returned public key.

          
          

          - **Value** *(bytes) --* 

            The DER encoded public key value in PKCS#1 format.

            
          

          - **ValidityStartTime** *(datetime) --* 

            The starting time of validity of the public key.

            
          

          - **ValidityEndTime** *(datetime) --* 

            The ending time of validity of the public key.

            
          

          - **Fingerprint** *(string) --* 

            The fingerprint of the public key.

            
      
    
      

      - **NextToken** *(string) --* 

        Reserved for future use.

        
  
  **Exceptions**
  
  *   :py:class:`CloudTrail.Client.exceptions.InvalidTimeRangeException`

  
  *   :py:class:`CloudTrail.Client.exceptions.UnsupportedOperationException`

  
  *   :py:class:`CloudTrail.Client.exceptions.OperationNotPermittedException`

  
  *   :py:class:`CloudTrail.Client.exceptions.InvalidTokenException`

  