$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba15b0da-3dcf-4a78-bae0-49536265a0a0.roa File: ba15b0da-3dcf-4a78-bae0-49536265a0a0.roa (raw, json) Hash identifier: Pa+M6L5elT+9d2SCT6S6i7u+zE4qul3b+l6OW2JtHBU= Subject key identifier: 47:2D:B1:A0:9F:15:D6:A5:8A:06:FB:AD:4F:C6:95:18:5A:66:EB:9D Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 2EDCFEE4E66EE0324216184ABEDD68869AE7D7CB Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba15b0da-3dcf-4a78-bae0-49536265a0a0.roa Signing time: Wed 19 Mar 2025 00:00:22 +0000 ROA not before: Wed 19 Mar 2025 00:00:22 +0000 ROA not after: Wed 23 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 136.18.138.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 06 Apr 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:dc:fe:e4:e6:6e:e0:32:42:16:18:4a:be:dd:68:86:9a:e7:d7:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Mar 19 00:00:22 2025 GMT Not After : Apr 23 23:59:59 2025 GMT Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:37:ce:6e:e5:e6:bd:4d:4b:43:62:80:15:fb: 1a:e6:ac:cc:ab:80:b8:97:1e:2b:4a:1d:be:07:15: 60:09:35:6c:cc:30:aa:4c:21:4b:67:1b:64:c4:67: 0c:dc:72:79:33:be:ce:89:26:fa:1b:11:94:95:79: 6d:bb:09:74:24:13:71:c5:4f:1a:74:cd:55:a8:66: 85:78:e6:35:56:da:67:2a:b3:2e:c8:e2:35:cb:f9: be:4a:06:02:f8:9c:c0:3a:e8:78:54:5e:9e:57:b2: 4b:45:98:24:f5:84:96:5d:92:eb:e5:0b:2a:cb:2d: e1:f2:88:e7:15:bf:06:a7:58:c5:d7:81:2b:35:26: 7a:e1:e2:9e:41:33:01:5d:fe:7b:59:ae:87:b0:5c: b0:bc:fc:62:05:4b:87:88:5a:b4:f1:b7:22:fc:85: b9:3f:64:47:d8:67:1e:da:f1:2b:f1:a6:41:e6:41: 6b:3c:6d:a5:4d:60:4d:65:88:09:09:7c:51:a9:f5: 06:5d:97:f4:04:c7:28:27:dd:c6:a1:f1:79:b7:62: 79:3b:c8:a4:f4:28:5c:92:33:d5:81:65:ef:60:fb: 4f:b1:0d:7f:46:b5:0c:ac:36:e0:96:4b:54:d7:fb: 4f:ee:65:a6:45:7b:69:8c:00:9f:46:11:69:83:aa: 2c:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:2D:B1:A0:9F:15:D6:A5:8A:06:FB:AD:4F:C6:95:18:5A:66:EB:9D X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba15b0da-3dcf-4a78-bae0-49536265a0a0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 136.18.138.0/24 Signature Algorithm: sha256WithRSAEncryption 7f:fd:e3:97:b5:3f:40:c9:4f:f7:e4:68:be:cb:5f:71:e1:76: 9f:06:15:7d:78:d1:ef:a1:a8:a1:e6:bd:03:b8:12:4e:39:d5: e3:9f:22:d9:dd:b5:f7:30:8e:5f:79:eb:61:38:ca:10:17:2f: 86:54:26:0e:3e:33:69:31:07:e5:b8:67:51:d7:80:fd:16:e7: 14:2b:9d:b4:0c:ea:4b:a1:29:a2:b7:d8:cc:2f:c7:c9:1a:23: 21:ef:49:39:04:80:bf:3c:a0:d4:6a:c9:a7:8b:b4:a7:2e:77: 53:f0:21:ec:81:d9:fe:d9:28:9f:e3:ee:00:ab:85:52:b1:70: 02:36:95:a4:a1:65:74:cf:e0:94:39:b5:e4:5d:dd:ca:1a:9b: 8c:ee:4b:c3:58:9c:75:e6:3d:a2:ea:ed:89:7d:45:d8:26:40: a6:e0:00:88:2c:5d:e9:8d:27:44:82:56:f5:fd:29:ab:7a:2b: d0:a7:af:ed:1c:e8:6f:43:2e:e2:a0:d6:0f:43:ae:4d:71:6c: a9:00:a2:92:99:d3:c7:6a:d5:0f:5d:46:3d:fb:ba:95:4c:cd: b1:6a:40:22:b6:63:45:ab:cd:8c:9b:46:41:51:01:7d:f9:bf: d7:40:a1:f0:e3:a0:f3:dc:c8:62:b7:b0:f0:0f:3a:45:f2:00: b6:72:1e:17 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIULtz+5OZu4DJCFhhKvt1ohprn18swDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzE5MDAwMDIyWhcNMjUwNDIzMjM1OTU5 WjB6MUkwRwYDVQQFE0BlMWNhOWZlOTc2OGY0YjIzYjY2ODNkZTM4NTgxZDA1NzU4 YzdkOTM1YjQyYzEzMTY3ODNiYzIxNjRkNWUyYTRlMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDWN85u5ea9TUtDYoAV+xrmrMyrgLiXHitKHb4HFWAJNWzM MKpMIUtnG2TEZwzccnkzvs6JJvobEZSVeW27CXQkE3HFTxp0zVWoZoV45jVW2mcq sy7I4jXL+b5KBgL4nMA66HhUXp5XsktFmCT1hJZdkuvlCyrLLeHyiOcVvwanWMXX gSs1Jnrh4p5BMwFd/ntZroewXLC8/GIFS4eIWrTxtyL8hbk/ZEfYZx7a8SvxpkHm QWs8baVNYE1liAkJfFGp9QZdl/QExygn3cah8Xm3Ynk7yKT0KFySM9WBZe9g+0+x DX9GtQysNuCWS1TX+0/uZaZFe2mMAJ9GEWmDqizVAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQURy2xoJ8V1qWKBvutT8aVGFpm650wHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyL2JhMTViMGRhLTNkY2YtNGE3OC1iYWUwLTQ5NTM2MjY1YTBhMC5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBACIEoowDQYJKoZIhvcNAQELBQADggEBAH/945e1P0DJT/fkaL7LX3Hhdp8G FX140e+hqKHmvQO4Ek451eOfItndtfcwjl9562E4yhAXL4ZUJg4+M2kxB+W4Z1HX gP0W5xQrnbQM6kuhKaK32Mwvx8kaIyHvSTkEgL88oNRqyaeLtKcud1PwIeyB2f7Z KJ/j7gCrhVKxcAI2laShZXTP4JQ5teRd3coam4zuS8NYnHXmPaLq7Yl9RdgmQKbg AIgsXemNJ0SCVvX9Kat6K9Cnr+0c6G9DLuKg1g9Drk1xbKkAopKZ08dq1Q9dRj37 upVMzbFqQCK2Y0WrzYybRkFRAX35v9dAofDjoPPcyGK3sPAPOkXyALZyHhc= -----END CERTIFICATE-----Generated at Sat Apr 5 13:22:43 2025 by rpki-client