$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0289d084-7f33-4bbc-baa0-e777f631c75e.roa File: 0289d084-7f33-4bbc-baa0-e777f631c75e.roa (raw, json) Hash identifier: AO6e2PcBbffCrlxEJoKAwFCJFnbHy1kV2b97GSREl+c= Subject key identifier: 8C:12:0D:EF:F4:88:FE:41:A7:77:9C:04:4E:77:7D:55:17:65:BD:42 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 3F1B89BBAD466CB7819792D1ECF6913919CDAB44 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0289d084-7f33-4bbc-baa0-e777f631c75e.roa Signing time: Wed 04 Jun 2025 00:11:14 +0000 ROA not before: Wed 04 Jun 2025 00:11:14 +0000 ROA not after: Wed 09 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 56.9.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 05 Jun 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:1b:89:bb:ad:46:6c:b7:81:97:92:d1:ec:f6:91:39:19:cd:ab:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Jun 4 00:11:14 2025 GMT Not After : Jul 9 23:59:59 2025 GMT Subject: serialNumber=dbd615c7972204109c33729a333c5362cb13ea3ca5d1fe0910670b882bec9e03, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:af:4c:1e:08:57:08:c7:81:53:51:24:9c:af: c8:86:89:1a:22:5a:00:81:c1:77:f2:f8:5e:85:59: 08:36:f6:84:7c:f2:9f:21:d0:6d:51:61:75:f2:d7: 68:16:b2:48:70:0d:54:47:51:41:9d:9c:fe:ee:cd: bc:d0:1f:cc:3c:92:5f:9d:bf:dd:bd:69:29:3a:4e: 36:b4:ef:e0:6f:ae:20:53:b4:ba:38:b6:33:a0:5e: 0f:70:bb:b4:d1:64:17:36:e3:32:69:91:0a:b2:e8: c7:ac:98:f2:e9:92:ec:54:97:6b:33:0f:fc:19:74: 8c:d4:fd:2d:b4:5a:58:6e:2f:a5:83:6d:5b:0b:96: 82:27:0b:99:a9:e1:56:d4:df:8d:98:0f:3c:ac:90: 1a:8e:8f:ef:2c:e3:5a:3d:e4:5c:3f:94:78:79:86: 68:ca:89:90:d8:4d:86:d0:bb:19:b2:aa:b3:95:8e: 63:c8:a4:52:50:67:81:27:ce:77:2a:c0:49:56:79: 7e:8a:f6:19:08:59:78:a4:d7:f8:d1:4c:77:e8:68: 38:34:89:91:17:f5:83:92:1f:34:4f:1d:c9:f0:fa: 1b:94:75:f0:6f:80:37:fd:f6:1e:d7:f6:50:2b:16: 17:28:3a:4a:40:ef:f4:c9:6f:ee:fc:9f:65:d8:83: d1:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:12:0D:EF:F4:88:FE:41:A7:77:9C:04:4E:77:7D:55:17:65:BD:42 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0289d084-7f33-4bbc-baa0-e777f631c75e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 56.9.0.0/16 Signature Algorithm: sha256WithRSAEncryption 8f:1e:8d:08:fe:cb:17:c0:0b:0c:79:55:4d:52:1a:f9:e2:07: c4:92:6e:7c:39:99:45:41:18:48:7d:e8:48:cf:99:0f:85:6f: e7:a9:04:bd:6c:f6:ee:84:0a:57:76:c9:f9:7f:0a:8f:e3:a1: 0c:6d:a6:ae:80:c6:e7:7b:7f:1f:a1:d8:28:48:39:36:e6:d6: f3:0b:e9:ce:52:32:ce:e2:52:8b:54:d9:0d:b1:e9:50:29:ec: 70:84:52:88:bb:b2:7e:93:fa:8d:1e:c6:5c:92:2e:fa:62:b1: b9:c9:08:43:de:2a:88:fc:7d:a9:57:ad:b3:2a:de:87:19:2e: c7:af:8a:db:77:b7:a8:21:1d:ec:d8:1d:c4:2b:00:ea:56:b0: 33:0b:87:3a:e6:9e:08:d6:62:75:06:c5:e6:40:06:d4:05:53: 50:f1:cf:1e:b2:4f:0f:82:f0:b9:b2:79:1f:14:dd:84:d7:35: 62:16:e0:de:fc:f6:89:21:6c:e7:a2:bc:bd:ad:bf:88:3e:ad: 84:b5:7e:58:59:10:23:19:fd:6a:0c:68:d5:ca:03:ad:a9:8a: b1:d0:43:cc:cc:e1:80:09:b3:f7:f9:ff:dd:4f:c6:f9:7c:0d: 26:3b:55:92:83:37:05:93:c3:55:e3:51:9d:fd:d6:b0:2d:9a: 46:7e:0d:66 -----BEGIN CERTIFICATE----- MIIF9zCCBN+gAwIBAgIUPxuJu61GbLeBl5LR7PaRORnNq0QwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjA0MDAxMTE0WhcNMjUwNzA5MjM1OTU5 WjB6MUkwRwYDVQQFE0BkYmQ2MTVjNzk3MjIwNDEwOWMzMzcyOWEzMzNjNTM2MmNi MTNlYTNjYTVkMWZlMDkxMDY3MGI4ODJiZWM5ZTAzMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCur0weCFcIx4FTUSScr8iGiRoiWgCBwXfy+F6FWQg29oR8 8p8h0G1RYXXy12gWskhwDVRHUUGdnP7uzbzQH8w8kl+dv929aSk6Tja07+BvriBT tLo4tjOgXg9wu7TRZBc24zJpkQqy6MesmPLpkuxUl2szD/wZdIzU/S20WlhuL6WD bVsLloInC5mp4VbU342YDzyskBqOj+8s41o95Fw/lHh5hmjKiZDYTYbQuxmyqrOV jmPIpFJQZ4EnzncqwElWeX6K9hkIWXik1/jRTHfoaDg0iZEX9YOSHzRPHcnw+huU dfBvgDf99h7X9lArFhcoOkpA7/TJb+78n2XYg9GHAgMBAAGjggKwMIICrDAdBgNV HQ4EFgQUjBIN7/SI/kGnd5wETnd9VRdlvUIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzAyODlkMDg0LTdmMzMtNGJiYy1iYWEwLWU3NzdmNjMxYzc1ZS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB MAUDAwA4CTANBgkqhkiG9w0BAQsFAAOCAQEAjx6NCP7LF8ALDHlVTVIa+eIHxJJu fDmZRUEYSH3oSM+ZD4Vv56kEvWz27oQKV3bJ+X8Kj+OhDG2mroDG53t/H6HYKEg5 NubW8wvpzlIyzuJSi1TZDbHpUCnscIRSiLuyfpP6jR7GXJIu+mKxuckIQ94qiPx9 qVetsyrehxkux6+K23e3qCEd7NgdxCsA6lawMwuHOuaeCNZidQbF5kAG1AVTUPHP HrJPD4LwubJ5HxTdhNc1Yhbg3vz2iSFs56K8va2/iD6thLV+WFkQIxn9agxo1coD ramKsdBDzMzhgAmz9/n/3U/G+XwNJjtVkoM3BZPDVeNRnf3WsC2aRn4NZg== -----END CERTIFICATE-----Generated at Wed Jun 4 11:14:08 2025 by rpki-client