$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/298d72e4-354c-46bd-a3f9-9f69844f1676.roa File: 298d72e4-354c-46bd-a3f9-9f69844f1676.roa (raw, json) Hash identifier: tD4e7KT/z9UMYCW7VKbTq/Dzd5mWvVpWdMmlbG2WfmA= Subject key identifier: 55:B7:1A:4E:34:FB:F1:D9:E6:AB:29:C9:B2:6D:11:CF:25:88:4F:C2 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 0F9199CEB9C48E87342F90E9D5D638CA9731EB16 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/298d72e4-354c-46bd-a3f9-9f69844f1676.roa Signing time: Fri 14 Mar 2025 00:11:37 +0000 ROA not before: Fri 14 Mar 2025 00:11:37 +0000 ROA not after: Fri 18 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 209.177.20.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 06 Apr 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:91:99:ce:b9:c4:8e:87:34:2f:90:e9:d5:d6:38:ca:97:31:eb:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Mar 14 00:11:37 2025 GMT Not After : Apr 18 23:59:59 2025 GMT Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:68:fc:3e:8c:3c:3c:09:b9:2b:45:fb:54:b4: 91:3e:35:51:30:34:11:30:bb:24:9a:8a:cf:05:b3: b7:cd:7e:0a:bf:9d:b0:75:5e:24:5d:84:b0:70:b8: 1f:20:98:0d:e0:08:18:91:46:da:0c:11:64:2e:13: 2b:22:14:99:92:1c:e5:55:24:f9:df:46:a3:7b:a5: 7e:02:c4:ac:48:2a:48:fc:b2:4a:58:f0:13:45:8a: b8:10:1b:cc:51:f8:bb:f4:5b:be:5b:4b:f4:88:f6: 7f:59:b5:d8:a9:89:54:f8:62:43:12:1e:d0:6a:36: 6f:34:e2:f5:5d:b0:c7:d9:47:ec:75:4c:36:6c:07: c6:b6:05:d8:06:fe:88:81:39:f2:0e:12:be:0c:b1: b0:a2:7e:23:ec:9d:45:ec:11:10:73:f8:a9:56:e0: 65:79:89:b8:ae:ec:18:66:89:6d:3f:69:9d:87:49: 75:33:4d:55:fd:c6:2e:8c:ca:e7:ac:be:e2:31:63: 97:19:f3:94:01:34:aa:c1:0c:b2:bc:b4:64:d6:42: 67:21:4e:e6:dd:2b:99:a5:45:75:05:fb:4a:fc:07: 00:93:ce:f1:18:a2:30:00:a3:31:1f:2e:5a:c0:53: cb:99:7d:bf:d8:4e:39:2d:e0:e5:ab:c6:b2:a3:e1: 2e:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:B7:1A:4E:34:FB:F1:D9:E6:AB:29:C9:B2:6D:11:CF:25:88:4F:C2 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/298d72e4-354c-46bd-a3f9-9f69844f1676.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 209.177.20.0/22 Signature Algorithm: sha256WithRSAEncryption ab:06:d2:9b:4c:06:c5:2a:63:59:d4:fd:85:b2:4e:52:09:75: ba:db:c3:8b:61:7c:28:33:44:b2:1f:e3:c9:37:2c:9c:71:90: 6a:2e:bf:b7:44:f6:0a:2e:5a:23:e8:10:81:c3:35:09:31:08: 19:4c:1c:0b:10:43:b4:d7:68:a6:ac:55:bc:a9:28:30:77:54: c9:f4:b6:98:d5:0b:2f:16:97:ec:77:e8:ee:dc:39:44:25:1c: 12:39:a9:60:ad:2b:d3:fe:29:ba:b9:4f:92:69:68:ed:02:dd: 1e:d6:9e:b0:3f:e6:4a:7f:23:4d:90:83:1e:e6:c3:47:85:1d: cd:50:89:aa:84:5f:10:5b:ec:53:50:2f:ec:a9:f0:19:6d:d4: 56:1c:4f:1a:58:e1:67:9d:83:c3:e0:64:01:58:7c:24:ec:6b: 6e:28:f9:ce:00:84:24:96:08:84:bc:ba:b7:62:a7:72:2a:8e: 4c:83:a4:f8:33:53:61:c7:a3:7e:47:10:89:d3:b7:05:ca:9d: 5a:93:54:ba:76:57:21:56:22:0b:ad:4a:bc:68:fb:93:76:15: ce:f0:b6:92:14:16:dc:cc:86:61:0f:42:93:38:d5:3d:89:f2: d8:4e:32:43:c8:aa:62:e1:6a:d8:a2:4c:1d:d2:66:c8:7f:1f: 21:7e:ee:8b -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUD5GZzrnEjoc0L5Dp1dY4ypcx6xYwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzE0MDAxMTM3WhcNMjUwNDE4MjM1OTU5 WjB6MUkwRwYDVQQFE0A4NjQ4MDAwOTYxZDBkYzIyYmI3YTAxNmU4NTFkZmE1Zjdl NmNiNDVmNzY0M2QxNjhhODYyYzVmYjY1OWQ2MjU0MS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQC0aPw+jDw8CbkrRftUtJE+NVEwNBEwuySais8Fs7fNfgq/ nbB1XiRdhLBwuB8gmA3gCBiRRtoMEWQuEysiFJmSHOVVJPnfRqN7pX4CxKxIKkj8 skpY8BNFirgQG8xR+Lv0W75bS/SI9n9ZtdipiVT4YkMSHtBqNm804vVdsMfZR+x1 TDZsB8a2BdgG/oiBOfIOEr4MsbCifiPsnUXsERBz+KlW4GV5ibiu7BhmiW0/aZ2H SXUzTVX9xi6MyuesvuIxY5cZ85QBNKrBDLK8tGTWQmchTubdK5mlRXUF+0r8BwCT zvEYojAAozEfLlrAU8uZfb/YTjkt4OWrxrKj4S5FAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUVbcaTjT78dnmqynJsm0RzyWIT8IwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzI5OGQ3MmU0LTM1NGMtNDZiZC1hM2Y5LTlmNjk4NDRmMTY3Ni5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBALRsRQwDQYJKoZIhvcNAQELBQADggEBAKsG0ptMBsUqY1nU/YWyTlIJdbrb w4thfCgzRLIf48k3LJxxkGouv7dE9gouWiPoEIHDNQkxCBlMHAsQQ7TXaKasVbyp KDB3VMn0tpjVCy8Wl+x36O7cOUQlHBI5qWCtK9P+Kbq5T5JpaO0C3R7WnrA/5kp/ I02Qgx7mw0eFHc1QiaqEXxBb7FNQL+yp8Blt1FYcTxpY4Wedg8PgZAFYfCTsa24o +c4AhCSWCIS8urdip3IqjkyDpPgzU2HHo35HEInTtwXKnVqTVLp2VyFWIgutSrxo +5N2Fc7wtpIUFtzMhmEPQpM41T2J8thOMkPIqmLhatiiTB3SZsh/HyF+7os= -----END CERTIFICATE-----Generated at Sat Apr 5 13:22:43 2025 by rpki-client