$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/dc0e0e73-bbbe-4170-b733-4904ecc27f99.roa File: dc0e0e73-bbbe-4170-b733-4904ecc27f99.roa (raw, json) Hash identifier: gkmJLyn9XvxIaciSchf4c1BWYfMqCy1zwVhJ+NmfcEE= Subject key identifier: 42:F2:2B:64:53:DF:AC:27:FB:AE:D8:87:6F:E7:D0:EB:1E:86:A5:27 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 1AF0A51DB9642F9A1F83BEEBBAAB971284D2A933 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/dc0e0e73-bbbe-4170-b733-4904ecc27f99.roa Signing time: Mon 31 Mar 2025 18:51:27 +0000 ROA not before: Mon 31 Mar 2025 18:51:27 +0000 ROA not after: Mon 05 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:f0fb:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 06 Apr 2025 13:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:f0:a5:1d:b9:64:2f:9a:1f:83:be:eb:ba:ab:97:12:84:d2:a9:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Mar 31 18:51:27 2025 GMT Not After : May 5 23:59:59 2025 GMT Subject: CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:2a:65:c1:e5:1d:aa:28:53:56:88:94:6d:df: 50:82:9f:69:b1:5d:98:c9:1d:1e:47:27:43:a9:49: 6e:4e:29:2c:d9:73:6e:04:ae:9b:b9:dc:0c:6e:b1: eb:10:47:19:90:6c:45:cc:20:6e:09:3d:e3:4c:46: 58:41:68:12:52:29:24:99:ce:3a:94:56:a8:e8:f1: 4c:78:00:79:a0:f4:9f:66:36:77:66:d2:64:63:63: 34:14:b5:2b:74:9f:3e:46:6c:af:4d:9a:83:20:3a: cb:b1:be:f4:1c:04:9f:1d:68:6e:a2:78:4c:67:93: b4:50:04:f8:c6:71:e7:85:78:d1:c7:6e:54:85:64: 33:b3:f6:a6:34:75:40:0c:e6:6c:d0:0d:13:b3:74: 64:76:f4:39:fc:f7:2e:25:da:97:67:23:52:a1:b6: df:35:84:d5:0a:63:99:60:46:b6:d1:45:37:52:c4: 20:86:18:92:70:51:a9:7f:63:6d:00:87:cd:6b:7f: d1:f3:ca:5a:ba:50:28:d7:72:cc:13:0a:fa:42:ff: 12:1f:73:a4:5c:bc:1b:70:22:dc:a2:1a:43:a3:80: be:13:17:6e:5f:72:44:a2:16:46:53:ef:28:f1:1b: 10:e5:ef:71:28:d9:f5:66:0b:32:13:37:c7:7c:fb: 3b:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:F2:2B:64:53:DF:AC:27:FB:AE:D8:87:6F:E7:D0:EB:1E:86:A5:27 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/dc0e0e73-bbbe-4170-b733-4904ecc27f99.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0fb:e000::/40 Signature Algorithm: sha256WithRSAEncryption 42:e7:1a:64:f1:1e:d2:9a:6c:22:55:21:0c:5b:1e:11:f9:8c: ad:2f:a9:c1:18:2a:a6:c3:4e:bd:49:2e:f7:95:af:69:eb:7a: 20:5a:c3:00:34:d6:0b:ca:49:38:f2:17:f2:b3:11:e4:46:31: c4:25:48:a0:c7:c7:3b:b4:7b:11:18:a5:35:2b:92:75:59:3a: e8:53:e6:d0:0a:66:f6:0c:de:2e:95:0d:66:f1:39:cb:6e:3f: 6d:9a:fd:36:83:0d:55:95:1a:60:7e:1e:86:a6:72:87:74:7d: 8a:32:fc:d2:1c:03:96:5c:9f:c2:5a:bb:ea:02:b9:ea:93:c0: e9:f4:d0:d9:52:0d:b0:39:94:75:c9:f3:c1:d7:25:87:7b:76: 1a:09:cb:8b:a0:af:5d:64:a9:dd:12:f2:d5:57:8a:46:46:29: bf:48:eb:5e:b6:22:e3:04:2d:7c:0b:b5:ce:7e:47:b1:24:f9: 4a:63:92:5a:4f:8f:65:24:fa:67:0a:fb:dd:27:e4:92:b0:c4: ea:24:82:c2:b9:c5:15:56:9d:05:9f:ac:5a:89:b1:da:55:5f: d8:fb:59:7a:8a:77:50:61:f5:ad:26:bf:f2:54:3a:f3:b4:ab: 76:f3:92:e1:4a:26:8a:e5:be:a2:43:56:ba:9b:7f:40:2a:cd: 56:b3:57:b0 -----BEGIN CERTIFICATE----- MIIF+jCCBOKgAwIBAgIUGvClHblkL5ofg77ruquXEoTSqTMwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMzMxMTg1MTI3WhcNMjUwNTA1MjM1OTU5 WjB6MUkwRwYDVQQFE0BmNjRhMTY3OTAyNTk4OTI5ZWYxZjQyNjhkOTQ4MTQ2YmM3 ZDlhNWRiODA0MWZiNWI0ZmQ3MTliMjFhMzlmNTFmMS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCdKmXB5R2qKFNWiJRt31CCn2mxXZjJHR5HJ0OpSW5OKSzZ c24Erpu53AxusesQRxmQbEXMIG4JPeNMRlhBaBJSKSSZzjqUVqjo8Ux4AHmg9J9m Nndm0mRjYzQUtSt0nz5GbK9NmoMgOsuxvvQcBJ8daG6ieExnk7RQBPjGceeFeNHH blSFZDOz9qY0dUAM5mzQDROzdGR29Dn89y4l2pdnI1Khtt81hNUKY5lgRrbRRTdS xCCGGJJwUal/Y20Ah81rf9Hzylq6UCjXcswTCvpC/xIfc6RcvBtwItyiGkOjgL4T F25fckSiFkZT7yjxGxDl73Eo2fVmCzITN8d8+zujAgMBAAGjggKzMIICrzAdBgNV HQ4EFgQUQvIrZFPfrCf7rtiHb+fQ6x6GpScwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2L2RjMGUwZTczLWJiYmUtNDE3MC1iNzMzLTQ5MDRlY2MyN2Y5OS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAmAPD74DANBgkqhkiG9w0BAQsFAAOCAQEAQucaZPEe0ppsIlUhDFseEfmM rS+pwRgqpsNOvUku95Wvaet6IFrDADTWC8pJOPIX8rMR5EYxxCVIoMfHO7R7ERil NSuSdVk66FPm0Apm9gzeLpUNZvE5y24/bZr9NoMNVZUaYH4ehqZyh3R9ijL80hwD llyfwlq76gK56pPA6fTQ2VINsDmUdcnzwdclh3t2GgnLi6CvXWSp3RLy1VeKRkYp v0jrXrYi4wQtfAu1zn5HsST5SmOSWk+PZST6Zwr73SfkkrDE6iSCwrnFFVadBZ+s Womx2lVf2PtZeop3UGH1rSa/8lQ687SrdvOS4UomiuW+okNWupt/QCrNVrNXsA== -----END CERTIFICATE-----Generated at Sat Apr 5 11:21:36 2025 by rpki-client