$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/ef566134-dc37-415a-a1e3-05f23305a92b.roa File: ef566134-dc37-415a-a1e3-05f23305a92b.roa (raw, json) Hash identifier: d10EYnEIKeLmeW++sHu7Pf8qDH4euPSGuF8FQJ+hgR4= Subject key identifier: 66:58:8F:22:6B:BE:FE:29:BB:03:41:EF:59:16:CE:9F:47:DE:16:C0 Certificate issuer: /CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d Certificate serial: 2565A9E8DEBDC453D2D7432BABF56BA1DCCA4B89 Authority key identifier: 7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/ef566134-dc37-415a-a1e3-05f23305a92b.roa Signing time: Sat 22 Mar 2025 00:10:29 +0000 ROA not before: Sat 22 Mar 2025 00:10:29 +0000 ROA not after: Sat 26 Apr 2025 23:59:59 +0000 asID: 7224 IP address blocks: 172.96.104.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/b4e4fec5-3510-4017-90ef-8391412ecd6c.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/b4e4fec5-3510-4017-90ef-8391412ecd6c.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Mon 07 Apr 2025 21:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:65:a9:e8:de:bd:c4:53:d2:d7:43:2b:ab:f5:6b:a1:dc:ca:4b:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d Validity Not Before: Mar 22 00:10:29 2025 GMT Not After : Apr 26 23:59:59 2025 GMT Subject: CN=b0dbbb6a-5472-4b68-ae4d-401518603039 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:89:fe:d6:bd:dc:bb:10:8c:a3:d8:e4:5f:4a: 96:34:11:e8:86:4e:00:50:7e:0b:48:b0:d0:03:aa: 3f:01:e4:26:08:87:18:43:38:a8:93:2b:ec:cc:2e: 38:26:bf:30:5c:fc:cf:cd:bf:2e:e7:e5:fc:9d:1a: 49:d8:14:a0:71:38:e8:eb:73:c9:ec:ba:91:51:59: c6:60:5e:12:1b:af:4b:79:3b:3a:35:07:b3:f7:b1: 88:96:01:5e:7f:ca:6d:bc:d6:06:db:96:22:23:f4: ea:3d:5b:d6:43:df:f6:5f:11:f0:cb:f9:76:0d:cb: 0a:d1:d3:a6:36:c6:84:97:09:7e:6a:db:b8:8a:e2: 4b:7e:99:72:98:ea:f5:c7:2c:5b:2a:36:b6:85:00: 8e:0c:f6:a7:18:97:82:fe:c8:cc:cf:9b:c3:80:50: 49:47:7c:b7:a6:63:9b:50:56:a1:af:11:3d:ad:69: 66:04:6f:af:4f:0d:76:95:f1:bb:a7:a7:d4:99:00: 65:76:89:b9:c8:f6:74:41:ef:e0:56:40:b9:39:5b: 87:4f:72:0e:85:05:52:ed:e0:aa:da:f5:e5:9b:ac: 54:3f:65:dc:7d:02:3d:2e:4b:ed:58:a6:81:d4:63: a3:12:17:53:2e:91:ed:18:26:6d:3a:41:01:5f:c3: 2a:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:58:8F:22:6B:BE:FE:29:BB:03:41:EF:59:16:CE:9F:47:DE:16:C0 X509v3 Authority Key Identifier: keyid:7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/ef566134-dc37-415a-a1e3-05f23305a92b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 172.96.104.0/21 Signature Algorithm: sha256WithRSAEncryption 36:ae:53:63:96:35:43:38:1f:5b:fd:81:f1:81:5e:cc:fc:0a: 3f:a2:9f:f9:7e:08:94:e9:50:b8:0f:81:1f:fe:25:7e:8e:41: a6:7d:14:a9:d6:38:16:1c:52:78:2f:25:8f:26:02:eb:57:1e: 3a:3c:cc:5b:7d:16:e4:74:b6:64:ac:61:07:4a:eb:99:42:1a: a4:0e:9b:39:7c:a5:d3:b2:34:8b:4b:d2:d0:c7:17:42:b2:56: eb:c6:ff:0a:5b:23:43:39:a1:2c:56:0c:c1:63:b2:73:f3:ab: df:61:d4:8e:6c:38:73:e8:52:f2:64:08:1a:98:9a:a6:2c:16: f0:cf:03:10:7f:07:ce:34:fc:3a:e1:94:f6:a8:bd:c4:94:27: a6:3a:95:3b:cf:4d:ea:fb:72:24:8c:35:5c:b5:93:38:63:55: b0:18:54:56:28:86:11:11:e5:f6:45:f8:56:b8:a8:4f:75:05: c7:f5:1d:36:2e:e0:22:29:53:1e:15:a1:59:24:e5:b1:0f:3d: 0c:a0:86:1c:7c:d0:68:1e:d5:51:63:d0:88:02:4a:49:ff:b2: e4:3f:09:24:e8:7a:69:12:8a:b4:49:c5:40:d3:1f:b2:88:83: 77:5c:70:d1:3e:f1:af:f9:24:42:03:ff:04:46:ab:91:8b:7f: 60:7f:9c:4c -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUJWWp6N69xFPS10Mrq/VrodzKS4kwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyMGVlNDU4M2Q4NGQ5YjRmMDgyNGNiODBiYThmYzEyNDBi NDc5NGI1MTUwNzFlOTc1MWQwHhcNMjUwMzIyMDAxMDI5WhcNMjUwNDI2MjM1OTU5 WjB6MUkwRwYDVQQFE0AwZjIzM2FiMDU1YTFjNzg2OGQwNzI5YmM3ZGY5Y2JiMGVm MWVkNjM0YWUyNjFjYTAzYWMwZDg1N2I1MDBmNGZlMS0wKwYDVQQDEyRiMGRiYmI2 YS01NDcyLTRiNjgtYWU0ZC00MDE1MTg2MDMwMzkwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDcif7Wvdy7EIyj2ORfSpY0EeiGTgBQfgtIsNADqj8B5CYI hxhDOKiTK+zMLjgmvzBc/M/Nvy7n5fydGknYFKBxOOjrc8nsupFRWcZgXhIbr0t5 Ozo1B7P3sYiWAV5/ym281gbbliIj9Oo9W9ZD3/ZfEfDL+XYNywrR06Y2xoSXCX5q 27iK4kt+mXKY6vXHLFsqNraFAI4M9qcYl4L+yMzPm8OAUElHfLemY5tQVqGvET2t aWYEb69PDXaV8bunp9SZAGV2ibnI9nRB7+BWQLk5W4dPcg6FBVLt4Kra9eWbrFQ/ Zdx9Aj0uS+1YpoHUY6MSF1Muke0YJm06QQFfwypZAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUZliPImu+/im7A0HvWRbOn0feFsAwHwYDVR0jBBgwFoAUfYRHxJeKC0xz m+v2kuJMdd0/vK4wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9iNGU0ZmVjNS0z NTEwLTQwMTctOTBlZi04MzkxNDEyZWNkNmMvMGVlNDU4M2Q4NGQ5YjRmMDgyNGNi ODBiYThmYzEyNDBiNDc5NGI1MTUwNzFlOTc1MWQuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvZGZkN2Y2ZDMtZTZlOS00OTg3LTlhZTctZDA1 MmM1MzUzODk4L2VmNTY2MTM0LWRjMzctNDE1YS1hMWUzLTA1ZjIzMzA1YTkyYi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2RmZDdmNmQzLWU2ZTktNDk4Ny05YWU3 LWQwNTJjNTM1Mzg5OC8yYlR3Z2t5NEM2ajhFa0MwZVV0UlVISHBkUjAuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAOsYGgwDQYJKoZIhvcNAQELBQADggEBADauU2OWNUM4H1v9gfGBXsz8Cj+i n/l+CJTpULgPgR/+JX6OQaZ9FKnWOBYcUngvJY8mAutXHjo8zFt9FuR0tmSsYQdK 65lCGqQOmzl8pdOyNItL0tDHF0KyVuvG/wpbI0M5oSxWDMFjsnPzq99h1I5sOHPo UvJkCBqYmqYsFvDPAxB/B840/DrhlPaovcSUJ6Y6lTvPTer7ciSMNVy1kzhjVbAY VFYohhER5fZF+Fa4qE91Bcf1HTYu4CIpUx4VoVkk5bEPPQyghhx80Gge1VFj0IgC Skn/suQ/CSToemkSirRJxUDTH7KIg3dccNE+8a/5JEID/wRGq5GLf2B/nEw= -----END CERTIFICATE-----Generated at Sat Apr 5 16:14:52 2025 by rpki-client