$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/f24b00af-d0f9-4c84-bc60-86f3001d43e2.roa File: f24b00af-d0f9-4c84-bc60-86f3001d43e2.roa (raw, json) Hash identifier: bWXXrgfkXUJ2orVA5JOGZN14UrfR4i355Re0DkOw9AM= Subject key identifier: E7:DA:95:85:AE:07:39:BD:B7:CD:26:DD:C1:7B:E4:73:AE:58:AB:E8 Certificate issuer: /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c Certificate serial: 6EB0FF7E9506C577401A7B1AD4F81757012C9331 Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/f24b00af-d0f9-4c84-bc60-86f3001d43e2.roa Signing time: Mon 31 Mar 2025 18:40:07 +0000 ROA not before: Mon 31 Mar 2025 18:40:07 +0000 ROA not after: Mon 05 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 35.96.96.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 06 Apr 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:b0:ff:7e:95:06:c5:77:40:1a:7b:1a:d4:f8:17:57:01:2c:93:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c Validity Not Before: Mar 31 18:40:07 2025 GMT Not After : May 5 23:59:59 2025 GMT Subject: CN=8cd8442f-235f-4171-84e6-8e1007a64c60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:7f:58:bf:09:09:7a:b9:bb:a2:99:82:39:99: c6:23:ac:c5:11:16:9b:28:e3:56:21:29:01:77:bb: 24:52:09:65:d9:f6:62:db:05:91:d4:67:c7:15:56: 76:1e:8e:50:6e:34:0a:1e:5c:fd:11:53:08:b6:76: 0e:3f:6c:cc:1f:f1:3c:94:36:79:98:a7:ab:aa:3d: 56:85:28:d2:1e:c9:ef:1e:55:d5:e0:e7:f1:4f:9b: 53:db:19:22:8e:90:aa:64:38:a7:93:3d:fc:3b:f6: 88:77:74:9b:75:db:28:66:d7:5a:f4:2d:2f:47:58: db:0d:eb:74:a0:33:74:75:77:68:0d:37:2b:b1:cc: d6:65:8b:95:a7:c3:ef:0f:e6:bc:21:4e:99:b6:8c: 15:78:59:0a:2b:8d:a9:3f:50:87:9b:40:76:1b:55: b6:86:71:b9:6b:21:42:e3:12:3a:e9:d8:98:a1:9f: 2c:6a:df:58:63:2a:e6:29:70:d8:6e:cd:d4:46:6f: 42:ae:d4:76:f3:73:e4:41:21:2e:07:ce:6d:e9:e2: f9:7c:ca:ed:15:ca:24:25:50:95:34:20:c6:81:8a: ab:ad:5e:c3:94:1e:bc:1d:31:03:88:f7:6d:51:6b: a5:14:1f:7a:de:80:60:6f:c6:8e:a0:71:5e:56:13: 3f:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:DA:95:85:AE:07:39:BD:B7:CD:26:DD:C1:7B:E4:73:AE:58:AB:E8 X509v3 Authority Key Identifier: keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/f24b00af-d0f9-4c84-bc60-86f3001d43e2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 35.96.96.0/20 Signature Algorithm: sha256WithRSAEncryption 43:16:e2:8a:99:f8:0c:ab:89:34:67:0d:3e:2d:cc:68:59:04: b3:5b:08:d1:ff:f4:c6:28:bb:d2:86:f4:6e:b8:7d:55:83:76: 60:5a:ac:23:e3:7a:db:0b:b2:0d:97:88:b2:0e:cc:cf:d6:61: 05:6e:c3:47:a1:89:61:c7:69:df:95:bb:b1:f4:80:b2:25:ce: 45:50:06:71:11:45:2b:de:90:d8:67:04:a5:c1:19:b9:77:83: a3:e5:d3:1a:20:2a:ed:ff:d2:e9:29:d8:90:bd:90:ef:e5:2e: 90:52:eb:8b:7d:d0:7f:ea:53:b2:e4:f6:f1:e3:34:8d:a8:56: 2e:fa:06:c7:c6:e1:5e:9b:07:4f:03:d6:77:c1:14:16:b5:1d: b5:12:0a:30:8b:f7:f9:83:6d:eb:a8:9b:af:05:41:ac:78:ed: 84:9f:22:17:18:e1:a7:4a:e0:d2:70:d7:76:07:4d:01:86:89: 7e:11:05:8f:20:5c:d9:32:5b:ff:be:a4:60:c4:2b:79:ef:30: 60:62:de:bc:8f:dc:f3:cd:1e:52:a6:6c:56:50:8c:3d:a0:75: b7:72:c8:2b:59:67:d1:49:10:c7:a8:97:81:fc:2c:a2:38:1a: eb:26:55:5c:fc:f4:32:99:d4:59:1c:06:84:21:d1:07:d9:39: 1a:dd:98:e8 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUbrD/fpUGxXdAGnsa1PgXVwEskzEwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUwMzMxMTg0MDA3WhcNMjUwNTA1MjM1OTU5 WjB6MUkwRwYDVQQFE0BjZTU1ZjFhN2RiMjk0YTQ2NjNjZDkzOWU1N2UxYmQyOGRk NGQ4NzA3NDIxMjk1OTRiOTEyZDNhMDA1MDQwMjAzMS0wKwYDVQQDEyQ4Y2Q4NDQy Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQC1f1i/CQl6ubuimYI5mcYjrMURFpso41YhKQF3uyRSCWXZ 9mLbBZHUZ8cVVnYejlBuNAoeXP0RUwi2dg4/bMwf8TyUNnmYp6uqPVaFKNIeye8e VdXg5/FPm1PbGSKOkKpkOKeTPfw79oh3dJt12yhm11r0LS9HWNsN63SgM3R1d2gN NyuxzNZli5Wnw+8P5rwhTpm2jBV4WQorjak/UIebQHYbVbaGcblrIULjEjrp2Jih nyxq31hjKuYpcNhuzdRGb0Ku1Hbzc+RBIS4Hzm3p4vl8yu0VyiQlUJU0IMaBiqut XsOUHrwdMQOI921Ra6UUH3regGBvxo6gcV5WEz+JAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQU59qVha4HOb23zSbdwXvkc65Yq+gwHwYDVR0jBBgwFoAUasw+faLnbZkR D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00 NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1 Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx MTI5ODY2MzYyL2YyNGIwMGFmLWQwZjktNGM4NC1iYzYwLTg2ZjMwMDFkNDNlMi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4 LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAQjYGAwDQYJKoZIhvcNAQELBQADggEBAEMW4oqZ+AyriTRnDT4tzGhZBLNb CNH/9MYou9KG9G64fVWDdmBarCPjetsLsg2XiLIOzM/WYQVuw0ehiWHHad+Vu7H0 gLIlzkVQBnERRSvekNhnBKXBGbl3g6Pl0xogKu3/0ukp2JC9kO/lLpBS64t90H/q U7Lk9vHjNI2oVi76BsfG4V6bB08D1nfBFBa1HbUSCjCL9/mDbeuom68FQax47YSf IhcY4adK4NJw13YHTQGGiX4RBY8gXNkyW/++pGDEK3nvMGBi3ryP3PPNHlKmbFZQ jD2gdbdyyCtZZ9FJEMeol4H8LKI4GusmVVz89DKZ1FkcBoQh0QfZORrdmOg= -----END CERTIFICATE-----Generated at Sat Apr 5 11:21:45 2025 by rpki-client