$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a656ff06-dd61-4a24-a01f-a8fcac8be378.roa File: a656ff06-dd61-4a24-a01f-a8fcac8be378.roa (raw, json) Hash identifier: cCTIXUauWLg7sKShOqKIYE+NLvINLYlBhf/Gxhf71y4= Subject key identifier: 37:BE:CD:FE:AB:7F:31:59:59:F6:E2:37:0C:2E:AB:F5:E8:80:49:F2 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 42FCC37B8B15921DD73827F1B4AEC7D5E7AAA9 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a656ff06-dd61-4a24-a01f-a8fcac8be378.roa Signing time: Fri 04 Apr 2025 00:11:15 +0000 ROA not before: Fri 04 Apr 2025 00:11:15 +0000 ROA not after: Fri 09 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 70.232.120.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 06 Apr 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:fc:c3:7b:8b:15:92:1d:d7:38:27:f1:b4:ae:c7:d5:e7:aa:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Apr 4 00:11:15 2025 GMT Not After : May 9 23:59:59 2025 GMT Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:2c:67:3e:82:ec:09:37:79:c1:36:d1:f7:e9: d2:f4:20:50:4b:ca:d4:d6:5c:1b:8d:4a:de:9e:b4: fc:b5:7f:4b:8c:7b:fe:85:2b:42:0c:f3:6f:fd:31: 78:76:63:80:da:db:3e:99:9f:3a:c8:fc:92:20:1a: fc:d8:f3:2f:39:e0:39:cd:23:58:10:5d:ef:12:48: b9:76:a3:17:c0:78:16:f1:9d:71:79:4d:9b:89:8a: 5f:13:2e:9e:6e:dd:7c:57:1e:0d:9d:5f:f2:57:cb: c4:02:fd:36:67:1e:77:42:4a:e7:0e:19:ec:67:42: 4e:a4:db:10:66:26:b1:73:48:c8:97:6a:7b:8b:7a: 18:49:22:09:3a:39:43:8c:f1:9b:02:96:91:2c:fc: e7:17:98:5d:92:2a:b2:5b:2f:e7:df:a4:d0:ad:b0: c9:24:4d:e6:7c:43:85:6c:d1:ed:ed:0d:00:84:3c: cc:ac:83:dd:2e:de:46:20:3a:b6:19:40:f8:96:56: a9:bf:45:83:92:24:e6:33:a8:7c:ff:94:e6:0c:8c: 56:bd:7d:e5:d9:50:54:e9:32:60:df:cc:3b:a3:20: 13:6a:64:6d:a3:8e:d4:76:9a:cc:f7:fc:64:cc:ad: 3c:cc:16:04:33:62:39:6c:79:57:ba:38:e6:19:2e: 10:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:BE:CD:FE:AB:7F:31:59:59:F6:E2:37:0C:2E:AB:F5:E8:80:49:F2 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a656ff06-dd61-4a24-a01f-a8fcac8be378.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 70.232.120.0/22 Signature Algorithm: sha256WithRSAEncryption 00:54:f2:f0:09:48:89:15:41:f8:2c:53:e7:b3:a4:4b:68:b3: 94:16:ba:f8:df:bf:04:36:ae:d8:75:4d:e0:cd:df:ee:df:ca: 4e:0a:34:75:80:f8:66:3d:df:f0:6b:71:ef:0a:d5:fa:31:8f: 88:72:50:94:44:02:3f:7a:28:9d:1f:39:5b:eb:4f:05:ea:1a: 7f:f6:02:5e:bf:5c:99:6d:8c:e5:68:de:9d:4f:08:60:c3:e4: b9:16:ce:72:d0:bc:b6:84:ca:ae:0e:85:d0:fa:9a:6c:c0:b6: ff:71:20:b7:e1:24:b7:77:fa:89:31:de:b9:8f:04:b2:5d:dd: cd:60:c6:d6:01:17:52:ce:dc:65:2b:e3:8e:c9:12:9a:ad:5d: d6:a8:d7:1f:c8:6b:da:14:46:41:8c:fa:a7:94:01:09:15:b6: 95:26:99:d2:97:51:3f:6b:f4:89:02:9a:d9:1f:08:cb:9d:88: 28:2b:d6:23:40:95:d5:ff:3e:bc:9d:bd:d0:8d:27:df:b9:ca: 2e:1a:04:e6:63:31:f3:c1:61:73:e2:8a:e9:bf:6b:31:ca:be: d3:35:ee:92:bb:5d:6d:ac:e9:5d:9d:65:ff:68:21:a3:66:10: 67:47:82:78:df:a3:83:c0:30:c9:1a:db:57:1e:45:91:95:aa: 56:49:4f:13 -----BEGIN CERTIFICATE----- MIIF9zCCBN+gAwIBAgITQvzDe4sVkh3XOCfxtK7H1eeqqTANBgkqhkiG9w0BAQsF ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz NzEwN2RiZThjYjcxZDBhNzAeFw0yNTA0MDQwMDExMTVaFw0yNTA1MDkyMzU5NTla MHoxSTBHBgNVBAUTQDdjZGE5YjM1Nzg5YzMzZTUzOTRiZGRmMTlkYWNjODM4MzBl MmRmYzQzMTVhMDMyNDQyMmRmNDg1YjU3NTIyZGYxLTArBgNVBAMTJGIyNWM5NzBm LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBAOAsZz6C7Ak3ecE20ffp0vQgUEvK1NZcG41K3p60/LV/S4x7 /oUrQgzzb/0xeHZjgNrbPpmfOsj8kiAa/NjzLzngOc0jWBBd7xJIuXajF8B4FvGd cXlNm4mKXxMunm7dfFceDZ1f8lfLxAL9Nmced0JK5w4Z7GdCTqTbEGYmsXNIyJdq e4t6GEkiCTo5Q4zxmwKWkSz85xeYXZIqslsv59+k0K2wySRN5nxDhWzR7e0NAIQ8 zKyD3S7eRiA6thlA+JZWqb9Fg5Ik5jOofP+U5gyMVr195dlQVOkyYN/MO6MgE2pk baOO1HaazPf8ZMytPMwWBDNiOWx5V7o45hkuEG8CAwEAAaOCArEwggKtMB0GA1Ud DgQWBBQ3vs3+q38xWVn24jcMLqv16IBJ8jAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy NWMwNDI5NDIvYTY1NmZmMDYtZGQ2MS00YTI0LWEwMWYtYThmY2FjOGJlMzc4LnJv YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0 LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAkboeDANBgkqhkiG9w0BAQsFAAOCAQEAAFTy8AlIiRVB+CxT57OkS2izlBa6 +N+/BDau2HVN4M3f7t/KTgo0dYD4Zj3f8Gtx7wrV+jGPiHJQlEQCP3oonR85W+tP Beoaf/YCXr9cmW2M5WjenU8IYMPkuRbOctC8toTKrg6F0PqabMC2/3Egt+Ekt3f6 iTHeuY8Esl3dzWDG1gEXUs7cZSvjjskSmq1d1qjXH8hr2hRGQYz6p5QBCRW2lSaZ 0pdRP2v0iQKa2R8Iy52IKCvWI0CV1f8+vJ290I0n37nKLhoE5mMx88Fhc+KK6b9r Mcq+0zXukrtdbazpXZ1l/2gho2YQZ0eCeN+jg8AwyRrbVx5FkZWqVklPEw== -----END CERTIFICATE-----Generated at Sat Apr 5 11:00:29 2025 by rpki-client