$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8d7f4f19-33f2-41a5-9746-8cdc05da981c.roa File: 8d7f4f19-33f2-41a5-9746-8cdc05da981c.roa (raw, json) Hash identifier: AM45ja09EqRR5GiPkOL3MDBzDxQCUzWOqnvvnGjJk/c= Subject key identifier: 42:6A:88:9A:EA:FF:D1:8C:C2:40:F5:1E:E9:DA:06:C5:40:0C:E2:00 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 4EB328AED0F5C77F15821B41B0231128C808ADC8 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8d7f4f19-33f2-41a5-9746-8cdc05da981c.roa Signing time: Fri 21 Mar 2025 00:31:54 +0000 ROA not before: Fri 21 Mar 2025 00:31:54 +0000 ROA not after: Fri 25 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 99.150.112.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 06 Apr 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:b3:28:ae:d0:f5:c7:7f:15:82:1b:41:b0:23:11:28:c8:08:ad:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Mar 21 00:31:54 2025 GMT Not After : Apr 25 23:59:59 2025 GMT Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:fc:0d:02:77:40:be:98:5e:0d:6a:19:84:a9: 4f:8f:1b:8e:e6:45:11:40:b7:64:26:03:41:58:c2: cf:ed:10:bd:ae:ec:09:f7:cb:b6:37:42:6e:d6:27: ec:ef:29:33:f6:a7:73:8a:88:a1:d0:02:f2:7f:2b: 2f:ef:3f:e8:7b:d1:64:7a:96:65:01:10:ed:c6:55: 7e:93:3a:ed:69:86:5b:fb:b2:4f:ff:e6:74:cc:e9: 97:43:61:dc:c8:f9:ad:73:86:73:ce:27:bd:89:b0: d6:2a:d6:fc:a4:8b:7b:cb:c9:bc:17:d3:8f:ac:26: 2a:45:7a:d1:52:00:5e:34:e5:ed:07:5f:b2:4d:49: b5:c7:6e:cb:d7:63:40:5e:23:6a:5c:9b:22:1a:69: 3e:c9:e6:bb:d7:db:36:7a:fe:6b:4c:56:b3:87:1e: f3:d6:ce:27:e4:f2:e7:79:6f:39:a1:49:8a:b1:1b: 20:95:ea:cf:bc:71:fb:3e:e4:da:c1:e6:4d:0f:73: 4b:e0:9d:ce:e8:98:50:8c:25:1e:0c:cb:87:ea:8a: 6a:c4:62:d5:48:41:3e:d8:8b:e3:56:4c:46:66:c0: c1:84:e4:d1:5f:3f:f2:53:94:98:d7:09:be:ab:12: 1f:0b:7a:bf:08:a2:ad:09:74:20:09:5b:8f:30:23: 45:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:6A:88:9A:EA:FF:D1:8C:C2:40:F5:1E:E9:DA:06:C5:40:0C:E2:00 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/8d7f4f19-33f2-41a5-9746-8cdc05da981c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 99.150.112.0/23 Signature Algorithm: sha256WithRSAEncryption ca:bf:e3:0b:d6:65:28:6b:4d:d8:9b:04:16:a7:de:bb:7f:d9: 53:2f:04:98:d5:cb:d7:b6:df:4d:cb:19:f3:7b:31:6c:f6:eb: 70:c7:8d:ea:4d:a0:67:be:60:8e:29:88:e1:d8:09:e0:98:6c: 0a:63:c3:cb:ba:8d:0f:4e:c8:2d:be:fa:0b:5c:2b:37:05:fe: 11:b7:28:2a:fa:48:39:42:50:44:59:ac:8d:37:a8:b3:de:21: 44:cc:f4:39:fe:64:0e:a5:93:1b:62:78:e4:78:72:89:54:33: 6a:bc:90:1c:8d:01:1c:ca:51:e4:a5:5b:96:bf:0b:83:c3:05: 4a:95:4c:1d:13:0a:33:0d:66:f2:4a:71:30:17:87:97:2c:bc: dd:d9:90:e0:a2:a6:84:4e:9d:66:b5:93:06:5f:e3:8d:38:70: 3f:09:ea:ee:ea:45:00:dc:d0:c9:7c:c7:d8:c9:8c:fe:88:09: bc:48:2a:93:3a:8c:a6:9e:4f:76:d7:bf:54:c1:1e:e1:44:00: 0f:0a:9c:50:2b:af:d2:92:8d:9f:fe:4d:a7:04:4c:16:f4:68: 2e:b4:53:6f:8c:ce:af:ca:e7:c1:ad:6e:57:01:0e:88:92:bd: 22:a5:4e:f7:76:65:e8:69:6a:d4:d6:57:31:10:a6:9e:2b:14: 1c:03:da:01 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUTrMortD1x38VghtBsCMRKMgIrcgwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzIxMDAzMTU0WhcNMjUwNDI1MjM1OTU5 WjB6MUkwRwYDVQQFE0BmNDE1NDI3YWIzMzdlNWVkNWZkNTg4MWU3NzY1YTQ2YTZk NTMwZTkxODdlNTA1MjgyMzE3YjYzMzJkOWNhYzkwMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDp/A0Cd0C+mF4NahmEqU+PG47mRRFAt2QmA0FYws/tEL2u 7An3y7Y3Qm7WJ+zvKTP2p3OKiKHQAvJ/Ky/vP+h70WR6lmUBEO3GVX6TOu1phlv7 sk//5nTM6ZdDYdzI+a1zhnPOJ72JsNYq1vyki3vLybwX04+sJipFetFSAF405e0H X7JNSbXHbsvXY0BeI2pcmyIaaT7J5rvX2zZ6/mtMVrOHHvPWzifk8ud5bzmhSYqx GyCV6s+8cfs+5NrB5k0Pc0vgnc7omFCMJR4My4fqimrEYtVIQT7Yi+NWTEZmwMGE 5NFfP/JTlJjXCb6rEh8Ler8Ioq0JdCAJW48wI0V7AgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUQmqImur/0YzCQPUe6doGxUAM4gAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzhkN2Y0ZjE5LTMzZjItNDFhNS05NzQ2LThjZGMwNWRhOTgxYy5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAFjlnAwDQYJKoZIhvcNAQELBQADggEBAMq/4wvWZShrTdibBBan3rt/2VMv BJjVy9e2303LGfN7MWz263DHjepNoGe+YI4piOHYCeCYbApjw8u6jQ9OyC2++gtc KzcF/hG3KCr6SDlCUERZrI03qLPeIUTM9Dn+ZA6lkxtieOR4colUM2q8kByNARzK UeSlW5a/C4PDBUqVTB0TCjMNZvJKcTAXh5csvN3ZkOCipoROnWa1kwZf4404cD8J 6u7qRQDc0Ml8x9jJjP6ICbxIKpM6jKaeT3bXv1TBHuFEAA8KnFArr9KSjZ/+TacE TBb0aC60U2+Mzq/K58GtblcBDoiSvSKlTvd2ZehpatTWVzEQpp4rFBwD2gE= -----END CERTIFICATE-----Generated at Sat Apr 5 11:17:56 2025 by rpki-client