$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c416f57a-9b38-4d7e-8240-20535a4882a8.roa File: c416f57a-9b38-4d7e-8240-20535a4882a8.roa (raw, json) Hash identifier: IseeNvVIlDO7/a/TPTrCyRHy7GWmfr4qCIbP1xcLTJM= Subject key identifier: BD:EF:32:B6:09:5F:02:F4:4E:73:E2:6E:8D:F7:CD:06:6A:EC:AD:44 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 694CD03DD4029846696833B25085027A555B3109 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c416f57a-9b38-4d7e-8240-20535a4882a8.roa Signing time: Fri 21 Mar 2025 00:00:12 +0000 ROA not before: Fri 21 Mar 2025 00:00:12 +0000 ROA not after: Fri 25 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 104.223.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 06 Apr 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:4c:d0:3d:d4:02:98:46:69:68:33:b2:50:85:02:7a:55:5b:31:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Mar 21 00:00:12 2025 GMT Not After : Apr 25 23:59:59 2025 GMT Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:9b:cd:82:73:fa:e6:6d:d6:a2:db:10:1b:40: 29:f3:8a:7b:cf:c1:f2:92:de:1c:d3:44:1f:f8:a5: 05:8a:b4:9f:86:50:1b:9c:7f:47:b1:35:3e:1b:60: ed:73:02:4e:d3:47:de:ec:0a:92:15:89:db:90:0a: 98:93:63:d8:ed:2b:1e:35:7f:e4:94:e1:90:5a:6c: 68:77:72:d0:b2:cf:cf:57:5a:88:3c:79:38:3b:1f: ee:3d:b2:e9:66:9d:75:37:98:60:21:ce:b1:af:f3: db:cc:aa:e0:9b:80:f0:e0:be:79:c5:88:98:79:53: 63:82:01:4e:76:64:6c:37:63:b1:74:91:1b:08:a5: 6d:96:f1:0a:3f:60:10:25:4f:ef:89:67:b9:14:c3: 2c:51:90:84:86:b8:da:15:e0:4d:1a:02:84:0d:e4: e3:8b:d7:c2:ca:5b:73:b9:b2:25:2a:50:23:77:ed: 81:f1:e6:c0:2f:17:b5:14:47:1c:b6:45:d5:d5:37: 40:01:4d:a1:c4:47:b5:dc:15:ae:77:9d:82:0a:fc: 30:ea:b0:4d:b2:39:3d:48:be:9d:96:4c:36:30:8f: ef:39:d0:4a:83:d4:d9:74:24:8f:cd:45:44:4f:49: d6:4f:a2:9f:23:e2:69:2d:e5:81:7c:08:e4:9e:e8: e8:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:EF:32:B6:09:5F:02:F4:4E:73:E2:6E:8D:F7:CD:06:6A:EC:AD:44 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c416f57a-9b38-4d7e-8240-20535a4882a8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 104.223.128.0/17 Signature Algorithm: sha256WithRSAEncryption c4:27:84:58:e9:36:a7:9f:a6:49:49:cd:bc:21:90:dc:5f:a2: 29:48:b1:fd:82:1e:32:12:31:0b:e7:a6:23:c5:ca:c4:20:3b: 72:cf:ce:d6:f2:87:4f:1b:a3:ea:3b:a7:72:65:db:cf:33:97: 28:b4:3a:21:fa:63:2d:3b:09:44:5e:a9:c0:d6:36:49:26:0f: f6:3d:05:74:c7:20:99:6f:ca:71:88:b5:69:7b:c0:c2:7b:27: 2c:78:ae:45:e3:85:1c:f5:41:19:46:81:1a:8c:db:7d:2e:a5: 47:8b:29:35:f8:af:5e:16:63:3b:75:5b:43:03:20:da:3b:ba: 0f:31:98:54:d1:b5:00:56:9c:d3:55:03:6c:72:45:68:d8:dd: b4:81:4c:1d:4a:b8:5f:4e:ac:17:23:e1:0a:00:fd:1b:92:3e: 45:c7:5b:f9:5e:1d:fa:a9:63:83:b4:37:28:52:97:4e:a0:90: 03:27:b1:e6:d2:9d:ae:d1:79:be:f6:46:16:4b:7c:41:d9:cc: 8e:89:37:8a:16:f5:0f:ea:42:81:00:68:1f:22:c7:1b:e1:bb: de:aa:fe:cd:00:d7:21:58:bd:78:ae:e9:95:a6:a1:0b:63:d4: 42:4d:ca:8a:78:55:04:db:f6:eb:36:eb:5c:85:d8:23:fc:ce: 59:a8:4b:b0 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUaUzQPdQCmEZpaDOyUIUCelVbMQkwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzIxMDAwMDEyWhcNMjUwNDI1MjM1OTU5 WjB6MUkwRwYDVQQFE0BlNmExNDE3YzdmNzQ0NGVlY2U1ZTNhN2VjM2FlZDBkMzkz MDA2NzI2Njk3MjI1YWFmYzM0YTJhYzgyMzllMmJhMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDMm82Cc/rmbdai2xAbQCnzinvPwfKS3hzTRB/4pQWKtJ+G UBucf0exNT4bYO1zAk7TR97sCpIViduQCpiTY9jtKx41f+SU4ZBabGh3ctCyz89X Wog8eTg7H+49sulmnXU3mGAhzrGv89vMquCbgPDgvnnFiJh5U2OCAU52ZGw3Y7F0 kRsIpW2W8Qo/YBAlT++JZ7kUwyxRkISGuNoV4E0aAoQN5OOL18LKW3O5siUqUCN3 7YHx5sAvF7UURxy2RdXVN0ABTaHER7XcFa53nYIK/DDqsE2yOT1Ivp2WTDYwj+85 0EqD1Nl0JI/NRURPSdZPop8j4mkt5YF8COSe6OgDAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUve8ytglfAvROc+JujffNBmrsrUQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyL2M0MTZmNTdhLTliMzgtNGQ3ZS04MjQwLTIwNTM1YTQ4ODJhOC5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAdo34AwDQYJKoZIhvcNAQELBQADggEBAMQnhFjpNqefpklJzbwhkNxfoilI sf2CHjISMQvnpiPFysQgO3LPztbyh08bo+o7p3Jl288zlyi0OiH6Yy07CUReqcDW NkkmD/Y9BXTHIJlvynGItWl7wMJ7Jyx4rkXjhRz1QRlGgRqM230upUeLKTX4r14W Yzt1W0MDINo7ug8xmFTRtQBWnNNVA2xyRWjY3bSBTB1KuF9OrBcj4QoA/RuSPkXH W/leHfqpY4O0NyhSl06gkAMnsebSna7Reb72RhZLfEHZzI6JN4oW9Q/qQoEAaB8i xxvhu96q/s0A1yFYvXiu6ZWmoQtj1EJNyop4VQTb9us261yF2CP8zlmoS7A= -----END CERTIFICATE-----Generated at Sat Apr 5 11:20:28 2025 by rpki-client