$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/435a4520-90a7-4288-a55a-b74a6879fd02.roa File: 435a4520-90a7-4288-a55a-b74a6879fd02.roa (raw, json) Hash identifier: NX5slCg+HIRuQCPR3Rvp9MU7mUCCv06Ah0gOIianY4I= Subject key identifier: 65:60:97:1E:13:21:DA:19:9A:74:8A:11:3C:C2:8D:30:FE:5E:68:9B Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 117487AC0AA0BA12AE2667854E0076D32995C485 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/435a4520-90a7-4288-a55a-b74a6879fd02.roa Signing time: Sat 15 Mar 2025 00:40:30 +0000 ROA not before: Sat 15 Mar 2025 00:40:30 +0000 ROA not after: Sat 19 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 76.223.128.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 06 Apr 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:74:87:ac:0a:a0:ba:12:ae:26:67:85:4e:00:76:d3:29:95:c4:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Mar 15 00:40:30 2025 GMT Not After : Apr 19 23:59:59 2025 GMT Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:a0:94:c4:54:aa:53:76:fe:08:a6:1f:fc:ea: f3:81:ed:42:36:69:e3:83:82:35:24:de:74:aa:fc: 2a:1c:e2:ae:c2:7a:06:56:54:0e:85:2e:3e:24:cb: 86:9f:ab:49:92:9e:b0:79:3b:34:d6:93:f5:e6:26: 3d:1e:b8:7d:8e:f5:a8:0d:9f:6c:97:9d:76:07:36: ef:16:69:08:c9:f1:00:b6:7d:69:10:9d:b6:aa:aa: a6:4b:d0:40:10:46:be:82:aa:b7:a0:1b:80:86:91: 36:89:f8:9c:84:0e:c2:2c:b7:c7:7e:66:96:bc:d9: 36:65:70:f5:66:fa:46:9f:00:7d:72:8a:00:a3:27: da:f9:e7:8b:e6:e9:94:12:ae:4d:82:f8:a7:39:90: 2d:1a:66:50:84:86:58:b5:20:89:bd:81:bb:d0:ad: d8:7f:c4:51:9d:b2:55:2a:69:ab:3a:56:00:17:05: d9:19:7e:d7:41:b8:ea:33:c6:d0:2f:ec:1a:01:65: 96:2a:bb:18:f3:d0:87:cf:99:9c:d4:fb:e3:ed:39: 88:93:0a:49:8f:94:63:42:a1:8b:3b:6c:f1:cc:79: a2:57:15:04:d8:ab:e6:60:3b:82:05:c1:34:71:21: 00:63:f4:53:9d:42:7a:77:d6:9f:ca:06:2c:6b:d5: 72:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:60:97:1E:13:21:DA:19:9A:74:8A:11:3C:C2:8D:30:FE:5E:68:9B X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/435a4520-90a7-4288-a55a-b74a6879fd02.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 76.223.128.0/19 Signature Algorithm: sha256WithRSAEncryption 9e:77:a8:7b:7c:7d:61:28:4e:df:20:e4:01:ae:b5:a5:64:5e: 9b:f7:e6:5b:6d:e3:64:86:d7:34:dc:b9:50:6a:64:77:6c:26: c0:4e:7e:82:3d:7a:61:2c:cd:c1:a6:e8:70:d8:07:8d:51:3a: 68:bb:56:19:73:3e:ea:fa:45:3c:2a:fb:e9:d3:26:a2:c5:c3: fe:7e:f7:48:8b:14:2f:d6:63:19:e2:de:db:61:83:d0:11:73: 81:b9:cf:d0:5f:87:0c:f5:fa:9d:70:5e:84:5c:db:9e:34:14: 0b:5d:a8:1d:d4:15:a0:c6:0b:3e:82:69:42:a6:e5:e8:f7:07: 22:10:a8:a3:56:96:fc:89:7e:b4:b2:40:8b:7c:66:d0:93:ea: 42:82:20:23:0c:73:ff:d4:96:43:f6:d1:82:8c:16:23:3f:54: c9:33:28:20:99:dc:42:e6:ec:50:89:38:b2:a7:44:48:5b:a8: ad:55:ce:ef:51:05:e7:9b:18:58:6b:aa:67:f1:dc:c9:7b:1b: e3:32:9f:1a:30:52:bc:64:a5:28:7e:0b:8b:b0:e5:78:61:65: 58:a7:bd:ef:1d:32:9d:aa:b1:b3:6a:28:8f:7d:d7:76:d0:6d: 64:28:b3:6c:35:25:c5:57:d4:ab:a5:f7:7c:b8:23:bb:a7:63: 70:97:66:9c -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUEXSHrAqguhKuJmeFTgB20ymVxIUwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzE1MDA0MDMwWhcNMjUwNDE5MjM1OTU5 WjB6MUkwRwYDVQQFE0BhMWEyMjdkMmUwZjU3NGUwMDQ2ZDIyYWRkMTYwMzk2OTJm MzE2MTBmYzQ5NmQ0ZTZlYmIxNTNiOGU5YWFhY2UzMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCjoJTEVKpTdv4Iph/86vOB7UI2aeODgjUk3nSq/Coc4q7C egZWVA6FLj4ky4afq0mSnrB5OzTWk/XmJj0euH2O9agNn2yXnXYHNu8WaQjJ8QC2 fWkQnbaqqqZL0EAQRr6CqregG4CGkTaJ+JyEDsIst8d+Zpa82TZlcPVm+kafAH1y igCjJ9r554vm6ZQSrk2C+Kc5kC0aZlCEhli1IIm9gbvQrdh/xFGdslUqaas6VgAX BdkZftdBuOozxtAv7BoBZZYquxjz0IfPmZzU++PtOYiTCkmPlGNCoYs7bPHMeaJX FQTYq+ZgO4IFwTRxIQBj9FOdQnp31p/KBixr1XI3AgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUZWCXHhMh2hmadIoRPMKNMP5eaJswHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzQzNWE0NTIwLTkwYTctNDI4OC1hNTVhLWI3NGE2ODc5ZmQwMi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAVM34AwDQYJKoZIhvcNAQELBQADggEBAJ53qHt8fWEoTt8g5AGutaVkXpv3 5ltt42SG1zTcuVBqZHdsJsBOfoI9emEszcGm6HDYB41ROmi7VhlzPur6RTwq++nT JqLFw/5+90iLFC/WYxni3tthg9ARc4G5z9Bfhwz1+p1wXoRc2540FAtdqB3UFaDG Cz6CaUKm5ej3ByIQqKNWlvyJfrSyQIt8ZtCT6kKCICMMc//UlkP20YKMFiM/VMkz KCCZ3ELm7FCJOLKnREhbqK1Vzu9RBeebGFhrqmfx3Ml7G+MynxowUrxkpSh+C4uw 5XhhZVinve8dMp2qsbNqKI9913bQbWQos2w1JcVX1Kul93y4I7unY3CXZpw= -----END CERTIFICATE-----Generated at Sat Apr 5 11:16:52 2025 by rpki-client