Amazon web services – How can i download rds-ca-rsa2048-g1 cert for AWS RDS

The global bundle has all of the certs, including the new rds-ca-rsa2048-g1.

The rds-ca-2019 certs…

keytool -printcert -v -file global-bundle.pem | grep -A2 "RDS Root 2019 CA"

Owner: CN=Amazon RDS Root 2019 CA, OU=Amazon RDS, O="Amazon Web Services, Inc.", ST=Washington, L=Seattle, C=US
Issuer: CN=Amazon RDS Root 2019 CA, OU=Amazon RDS, O="Amazon Web Services, Inc.", ST=Washington, L=Seattle, C=US
Serial number: c73467369250ae75
Valid from: Thu Aug 22 18:08:50 BST 2019 until: Thu Aug 22 18:08:50 BST 2024
--
Issuer: CN=Amazon RDS Root 2019 CA, OU=Amazon RDS, O="Amazon Web Services, Inc.", ST=Washington, L=Seattle, C=US
Serial number: 5486
Valid from: Wed Sep 04 18:13:04 BST 2019 until: Thu Aug 22 18:08:50 BST 2024
--
...

as well as the rds-ca-rsa2048-g1 CA certs that are due to expire in 2061/2062:

keytool -printcert -v -file global-bundle.pem | grep -A2 "Root CA RSA2048 G1"

Owner: L=Seattle, CN=Amazon RDS sa-east-1 Root CA RSA2048 G1, ST=WA, OU=Amazon RDS, O="Amazon Web Services, Inc.", C=US
Issuer: L=Seattle, CN=Amazon RDS sa-east-1 Root CA RSA2048 G1, ST=WA, OU=Amazon RDS, O="Amazon Web Services, Inc.", C=US
Serial number: 74e092b80f69b01a5077c108dfaf3fd0
Valid from: Wed May 19 19:06:26 BST 2021 until: Thu May 19 20:06:26 BST 2061
--
Owner: L=Seattle, CN=Amazon RDS me-central-1 Root CA RSA2048 G1, ST=WA, OU=Amazon RDS, O="Amazon Web Services, Inc.", C=US
Issuer: L=Seattle, CN=Amazon RDS me-central-1 Root CA RSA2048 G1, ST=WA, OU=Amazon RDS, O="Amazon Web Services, Inc.", C=US
Serial number: 51f55ba9aa642d8a54a9c2da8e94c95b
Valid from: Sat May 07 00:20:09 BST 2022 until: Sun May 07 01:20:09 BST 2062
--
...