$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/bfa510ed-d40b-4552-a4d8-5bb4c30e482a.roa File: bfa510ed-d40b-4552-a4d8-5bb4c30e482a.roa (raw, json) Hash identifier: TAy3tGG72l+Vg7RzVKIcVYNxdll6EOvctZom6gKmSDw= Subject key identifier: 28:62:D3:02:88:BF:66:2D:4A:2B:0F:1F:27:77:6C:58:CC:4E:62:B2 Certificate issuer: /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5 Certificate serial: 7BB8154D1B2D7082C10DB5F9E38A65D6C4CC265E Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/bfa510ed-d40b-4552-a4d8-5bb4c30e482a.roa Signing time: Mon 21 Jul 2025 15:20:40 +0000 ROA not before: Mon 21 Jul 2025 15:20:40 +0000 ROA not after: Mon 25 Aug 2025 23:59:59 +0000 asID: 8987 IP address blocks: 23.249.213.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 24 Jul 2025 15:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:b8:15:4d:1b:2d:70:82:c1:0d:b5:f9:e3:8a:65:d6:c4:cc:26:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5 Validity Not Before: Jul 21 15:20:40 2025 GMT Not After : Aug 25 23:59:59 2025 GMT Subject: serialNumber=0e99efc36e41c05fc550cc2b4dd2275beefc9d7198eaa19be6d284c4fd97b277, CN=42519eb9-9579-4979-bdaf-164abd0e290e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:d0:86:89:0a:8a:d8:ed:bd:f5:fc:55:39:7f: d2:15:98:c0:4d:f5:e4:0c:0c:eb:ff:60:1e:03:26: ef:7b:9e:cf:b4:1b:64:ac:b2:39:48:6f:68:74:f1: 23:9e:a0:ce:ba:49:eb:23:27:72:a5:c1:fa:b2:98: 1d:47:f4:bd:06:55:6f:99:6a:2b:09:24:bc:00:b8: b9:10:fe:a3:e1:fd:98:52:c0:97:03:60:96:2b:98: f8:b0:5e:ff:36:f5:ff:6e:43:42:b5:ec:d0:ce:e7: 3f:49:51:82:c7:19:48:b3:23:c8:a7:36:63:0b:41: 04:b9:bc:a8:f1:6f:48:46:af:6a:12:f3:fc:bf:ba: 4a:41:59:52:5e:18:d7:87:15:3a:96:3b:34:7b:ed: b9:fd:e0:e9:de:1a:fb:05:ad:5a:07:a8:d8:de:e2: 87:4f:85:17:7e:4a:19:3b:78:c6:42:0c:bc:4d:29: 05:79:4a:4f:a0:3a:11:96:2e:70:b6:b8:71:ad:9b: 40:ff:ad:5c:49:5c:6e:72:39:05:fc:2a:fc:bb:84: 2b:92:c9:3b:84:fe:89:4e:b1:61:9b:3d:ec:a6:8f: 27:23:e3:dc:85:0b:30:17:48:65:fb:91:d2:76:2b: 1d:33:8f:c0:09:df:4c:8e:ba:09:bf:53:bd:7f:6e: c3:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:62:D3:02:88:BF:66:2D:4A:2B:0F:1F:27:77:6C:58:CC:4E:62:B2 X509v3 Authority Key Identifier: keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/bfa510ed-d40b-4552-a4d8-5bb4c30e482a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 23.249.213.0/24 Signature Algorithm: sha256WithRSAEncryption 7d:1a:e1:66:6f:da:b7:7a:79:db:ac:35:11:bb:01:2e:52:d2: 8c:d1:4c:e2:38:67:91:63:69:5a:a4:9e:e9:b3:e7:67:77:b6: ba:a1:c1:b9:eb:5d:2c:86:46:da:e8:35:17:6b:db:eb:b5:32: fb:58:3f:d2:0d:6a:4d:ae:fa:c3:56:89:41:68:4f:9c:22:05: b3:c7:f4:79:d6:48:aa:a7:6e:fe:e9:50:bb:e9:aa:2e:e7:ca: 3a:db:47:5b:d8:bf:e1:c0:3f:df:a1:83:41:12:8d:ca:92:0a: 0b:0c:aa:b6:b2:0a:91:3e:fd:4a:8d:ca:52:46:db:d9:4d:9a: ff:c7:7c:ab:50:ee:94:b9:60:a6:b3:c5:e6:02:90:f2:ab:c4: 73:97:f3:71:7c:e1:4d:5e:7c:72:81:fd:e0:14:e1:d0:40:a3: f1:93:77:88:20:87:aa:1d:f2:f9:9b:34:b9:f5:4b:60:44:19: c7:47:8c:54:c0:ae:b6:df:c4:67:52:b3:a6:7c:47:eb:ac:7a: a4:92:21:cf:b3:e1:4e:81:3c:43:36:72:10:67:2e:80:16:72: d1:ca:7d:35:a1:9b:f5:81:0c:59:3b:c3:a4:0d:a7:af:12:a9: d3:70:0d:e8:78:6e:90:96:1f:89:be:14:c2:97:6a:74:92:73: 8f:bb:a0:a6 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUe7gVTRstcILBDbX544pl1sTMJl4wDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwNzIxMTUyMDQwWhcNMjUwODI1MjM1OTU5 WjB6MUkwRwYDVQQFE0AwZTk5ZWZjMzZlNDFjMDVmYzU1MGNjMmI0ZGQyMjc1YmVl ZmM5ZDcxOThlYWExOWJlNmQyODRjNGZkOTdiMjc3MS0wKwYDVQQDEyQ0MjUxOWVi OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDA0IaJCorY7b31/FU5f9IVmMBN9eQMDOv/YB4DJu97ns+0 G2SssjlIb2h08SOeoM66SesjJ3KlwfqymB1H9L0GVW+ZaisJJLwAuLkQ/qPh/ZhS wJcDYJYrmPiwXv829f9uQ0K17NDO5z9JUYLHGUizI8inNmMLQQS5vKjxb0hGr2oS 8/y/ukpBWVJeGNeHFTqWOzR77bn94OneGvsFrVoHqNje4odPhRd+Shk7eMZCDLxN KQV5Sk+gOhGWLnC2uHGtm0D/rVxJXG5yOQX8Kvy7hCuSyTuE/olOsWGbPeymjycj 49yFCzAXSGX7kdJ2Kx0zj8AJ30yOugm/U71/bsNvAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUKGLTAoi/Zi1KKw8fJ3dsWMxOYrIwHwYDVR0jBBgwFoAUvJOucQ+vFCI2 CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04 NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2 ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1 NTUxNGQ5YzdkL2JmYTUxMGVkLWQ0MGItNDU1Mi1hNGQ4LTViYjRjMzBlNDgyYS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAAX+dUwDQYJKoZIhvcNAQELBQADggEBAH0a4WZv2rd6edusNRG7AS5S0ozR TOI4Z5FjaVqknumz52d3trqhwbnrXSyGRtroNRdr2+u1MvtYP9INak2u+sNWiUFo T5wiBbPH9HnWSKqnbv7pULvpqi7nyjrbR1vYv+HAP9+hg0ESjcqSCgsMqrayCpE+ /UqNylJG29lNmv/HfKtQ7pS5YKazxeYCkPKrxHOX83F84U1efHKB/eAU4dBAo/GT d4ggh6od8vmbNLn1S2BEGcdHjFTArrbfxGdSs6Z8R+useqSSIc+z4U6BPEM2chBn LoAWctHKfTWhm/WBDFk7w6QNp68SqdNwDeh4bpCWH4m+FMKXanSSc4+7oKY= -----END CERTIFICATE-----Generated at Wed Jul 23 12:25:52 2025 by rpki-client