$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c4b42247-f61c-4e66-8e1f-eec8fefcd322.roa File: c4b42247-f61c-4e66-8e1f-eec8fefcd322.roa (raw, json) Hash identifier: YHL2tf8tqT/wd7aDGsZpTX/IUfmUPYDoE2obMHCDECk= Subject key identifier: 45:F9:58:7D:AD:61:83:D9:4E:D1:11:2E:10:99:1A:6B:F7:45:BF:5D Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 33663CCD60269ACC77F23DAE4300305DBA7E90C1 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c4b42247-f61c-4e66-8e1f-eec8fefcd322.roa Signing time: Mon 24 Mar 2025 15:40:16 +0000 ROA not before: Mon 24 Mar 2025 15:40:16 +0000 ROA not after: Mon 28 Apr 2025 23:59:59 +0000 asID: 16509 IP address blocks: 216.230.70.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 06 Apr 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:66:3c:cd:60:26:9a:cc:77:f2:3d:ae:43:00:30:5d:ba:7e:90:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Mar 24 15:40:16 2025 GMT Not After : Apr 28 23:59:59 2025 GMT Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:13:04:1e:f8:95:c6:f5:8b:27:23:f6:47:9e: c9:f7:43:3e:d7:9b:cc:fd:ef:4d:fa:2c:51:b4:b5: 00:68:b4:b9:c4:a3:46:a3:1f:ae:75:03:3c:c3:a6: be:2d:ef:97:34:d5:9d:f5:53:70:c1:71:c5:a9:cf: 82:d9:31:4b:b5:94:41:15:52:ed:f3:64:f6:71:51: ce:1b:fa:d3:ce:04:da:ee:cf:a1:42:13:bd:cd:a9: 09:cd:c9:cd:40:98:8e:a7:7f:0d:1e:3f:85:dd:2d: 07:20:f9:82:3c:05:1d:b6:58:6c:c1:d1:ff:dc:38: 66:84:5a:11:b0:e8:4c:85:d6:7a:4d:8b:74:16:38: a1:d7:4f:b9:75:eb:a6:47:e0:8f:07:fb:3d:4a:ff: d1:47:5d:c6:01:75:91:09:d6:ea:0b:b2:2f:6e:06: 8e:94:e3:71:1d:bb:b8:34:85:76:a6:9f:6c:d4:7b: b3:08:0d:44:11:69:7a:19:8e:6c:d8:8c:47:4e:b2: 77:12:1c:c3:17:e4:d1:11:fa:fd:b7:d9:bd:0b:55: 41:e6:92:c8:fc:3a:af:94:5e:2d:fc:d6:d7:71:0e: c9:a1:e0:5f:c2:99:5d:24:2a:20:4e:20:ce:1f:3d: cc:f2:fb:13:64:03:df:ab:59:2f:78:53:f4:07:8a: a3:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:F9:58:7D:AD:61:83:D9:4E:D1:11:2E:10:99:1A:6B:F7:45:BF:5D X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c4b42247-f61c-4e66-8e1f-eec8fefcd322.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 216.230.70.0/24 Signature Algorithm: sha256WithRSAEncryption 9b:36:41:7f:77:78:e7:47:91:88:d7:53:8c:f6:26:79:61:7f: ee:34:b1:f2:38:63:30:c5:a9:7a:83:c8:5a:cf:99:5d:c5:2c: 97:f8:dc:c4:1a:99:d0:c6:15:af:e4:da:9e:b2:9a:c8:15:be: f7:10:d4:ae:ce:54:37:f2:65:67:97:bf:c1:6f:b8:6f:82:b5: 86:af:95:14:c4:9e:06:d8:ca:e8:fb:d0:34:e0:e3:b0:da:c6: 21:f4:b9:6d:28:6c:7c:a7:42:13:27:f8:31:04:91:f4:f5:fc: de:68:8c:87:6d:e6:b0:b3:cd:1f:ab:3e:4f:29:9d:aa:a1:06: 9c:88:e5:6f:ef:95:80:8c:68:3c:c9:b8:45:5a:38:da:8b:3b: e8:f7:d5:ed:6d:20:84:bc:8c:34:d2:96:ba:d5:eb:76:14:e6: 3d:af:67:d1:77:21:e2:c4:ce:d4:9e:b6:ff:63:9c:2a:51:0b: 8e:a6:44:09:ff:73:0d:5b:dd:e2:87:29:d3:57:c1:2b:70:9e: 81:cd:6b:34:b5:0a:0e:fc:73:58:3a:99:69:66:37:c4:20:fd: 23:4c:52:d5:de:56:90:a9:ad:9e:e5:0d:88:d8:1a:f9:f4:65: c5:05:c9:36:f8:3e:60:f9:13:0e:d2:a8:81:86:81:79:d2:d9: 96:b1:a7:49 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUM2Y8zWAmmsx38j2uQwAwXbp+kMEwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzI0MTU0MDE2WhcNMjUwNDI4MjM1OTU5 WjB6MUkwRwYDVQQFE0AwNmY0YTQwNjczMTVlZTUxMmQ5NjFkNDViZDhhNmEyYzJj NjRiYjY2YzcyOTkyNjdlNzdlZWNiZGIzZDlhMTJmMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQC0EwQe+JXG9YsnI/ZHnsn3Qz7Xm8z97036LFG0tQBotLnE o0ajH651AzzDpr4t75c01Z31U3DBccWpz4LZMUu1lEEVUu3zZPZxUc4b+tPOBNru z6FCE73NqQnNyc1AmI6nfw0eP4XdLQcg+YI8BR22WGzB0f/cOGaEWhGw6EyF1npN i3QWOKHXT7l166ZH4I8H+z1K/9FHXcYBdZEJ1uoLsi9uBo6U43Edu7g0hXamn2zU e7MIDUQRaXoZjmzYjEdOsncSHMMX5NER+v232b0LVUHmksj8Oq+UXi381tdxDsmh 4F/CmV0kKiBOIM4fPczy+xNkA9+rWS94U/QHiqOTAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQURflYfa1hg9lO0REuEJkaa/dFv10wHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyL2M0YjQyMjQ3LWY2MWMtNGU2Ni04ZTFmLWVlYzhmZWZjZDMyMi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBADY5kYwDQYJKoZIhvcNAQELBQADggEBAJs2QX93eOdHkYjXU4z2Jnlhf+40 sfI4YzDFqXqDyFrPmV3FLJf43MQamdDGFa/k2p6ymsgVvvcQ1K7OVDfyZWeXv8Fv uG+CtYavlRTEngbYyuj70DTg47DaxiH0uW0obHynQhMn+DEEkfT1/N5ojIdt5rCz zR+rPk8pnaqhBpyI5W/vlYCMaDzJuEVaONqLO+j31e1tIIS8jDTSlrrV63YU5j2v Z9F3IeLEztSetv9jnCpRC46mRAn/cw1b3eKHKdNXwStwnoHNazS1Cg78c1g6mWlm N8Qg/SNMUtXeVpCprZ7lDYjYGvn0ZcUFyTb4PmD5Ew7SqIGGgXnS2Zaxp0k= -----END CERTIFICATE-----Generated at Sat Apr 5 11:10:12 2025 by rpki-client