$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1c928d8f-5fa6-47d3-8912-a67751764ad7.roa File: 1c928d8f-5fa6-47d3-8912-a67751764ad7.roa (raw, json) Hash identifier: G2DE/h1AcvesJZkYrkJcHk5IK0Pwxhv2f2TLlD/4yqo= Subject key identifier: 08:84:9D:11:5A:A8:4D:DA:6D:FC:87:06:40:3E:43:D2:AB:DE:87:C1 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 326CE3F1D509FB408A3D4638D33252AB1F1E52A6 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1c928d8f-5fa6-47d3-8912-a67751764ad7.roa Signing time: Sat 25 Jan 2025 00:00:00 +0000 ROA not before: Sat 25 Jan 2025 00:00:00 +0000 ROA not after: Sat 01 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 40.188.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Mon 17 Feb 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:6c:e3:f1:d5:09:fb:40:8a:3d:46:38:d3:32:52:ab:1f:1e:52:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Jan 25 00:00:00 2025 GMT Not After : Mar 1 23:59:59 2025 GMT Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:02:f0:3f:7f:6a:5f:6d:a0:b8:eb:41:14:7c: c4:69:93:1a:2b:e7:b4:05:85:86:6e:67:49:01:ee: 71:5f:2f:d2:93:d9:3e:58:2f:e4:88:c2:ad:0b:ec: 56:89:1f:39:39:51:1a:8b:a5:47:18:92:88:df:48: f3:56:73:af:fc:0a:dc:38:c6:2e:5e:0e:40:9b:48: 98:a8:f5:ce:9a:32:86:3d:54:e7:4e:74:d4:24:3c: 03:e7:02:93:08:d2:51:ab:a6:9c:74:e5:6e:5f:d5: 79:a6:c7:58:7f:30:c5:ad:07:08:4e:01:4b:1a:f4: 2d:32:96:a2:23:1a:c5:fa:8f:43:8b:ba:bd:43:f3: 21:b9:7e:f9:a2:d5:c0:cc:b8:81:75:99:d8:5e:03: e0:60:15:ef:f3:62:a9:c3:82:7a:3a:6c:96:bd:92: 63:78:d6:63:e6:36:cc:cc:65:10:db:2e:46:8b:63: 29:8e:6a:ce:ec:18:6d:ef:87:11:de:87:e6:be:a6: 5f:75:24:8e:e7:da:03:17:69:7f:e5:22:63:78:c3: 0a:db:f8:46:d4:c0:95:38:9b:fc:bb:70:8d:99:a2: e3:8c:fb:1d:23:15:bd:8c:83:50:12:28:b5:88:80: b2:d9:fa:cc:8e:89:b2:cd:65:00:2c:17:92:8d:fa: 25:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:84:9D:11:5A:A8:4D:DA:6D:FC:87:06:40:3E:43:D2:AB:DE:87:C1 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1c928d8f-5fa6-47d3-8912-a67751764ad7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 40.188.0.0/16 Signature Algorithm: sha256WithRSAEncryption 0c:88:4e:e5:ac:ff:e1:31:6f:0d:c5:40:6f:0d:fc:52:8d:35: b0:55:39:d3:68:63:b0:4b:16:8d:35:d6:fd:11:1e:50:11:fc: 25:50:7f:78:38:2b:c5:57:72:a4:65:e0:78:de:36:e2:48:d0: ba:af:46:19:51:23:da:02:5a:72:53:c2:ef:99:11:a8:02:a2: 19:30:06:ff:ee:86:25:b2:01:b9:e9:33:b7:35:ac:5e:e7:22: ef:c1:00:96:95:5e:53:a0:2c:da:9d:e8:4b:b7:a3:29:fb:47: 0a:24:a0:74:79:31:0a:46:05:30:3c:01:69:d0:09:15:bd:23: 4b:53:5d:20:cc:d7:5c:97:23:e7:92:f8:ac:f4:84:ad:81:c6: 80:11:35:55:1e:b7:89:2f:85:bf:78:43:9f:b7:19:0a:f3:5a: 55:8d:db:4d:fc:bc:67:6f:9b:a0:8c:70:4f:01:84:65:a0:bc: 32:7e:d1:fc:45:e9:9f:e6:94:b3:33:e7:d5:d2:61:1f:91:c1: c9:5b:63:68:d3:fa:1d:b9:77:ff:a0:b6:60:cd:c4:99:44:29: f1:4e:b1:99:b2:82:37:2d:9a:03:de:c4:96:17:e9:0a:8f:ff: c9:28:b7:6a:8a:6a:56:0a:41:16:96:99:0a:b6:7d:7b:76:27: 08:4c:d0:97 -----BEGIN CERTIFICATE----- MIIF9zCCBN+gAwIBAgIUMmzj8dUJ+0CKPUY40zJSqx8eUqYwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTI1MDAwMDAwWhcNMjUwMzAxMjM1OTU5 WjB6MUkwRwYDVQQFE0BmNGY5YmEyZTU3MWZkYmE0ZTc2MmNjZDUxM2UyOGNjZGYx YzQxMzE3YjM2ZThhZmJhOWZiOGVkOTc4NTBlMGExMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQC5AvA/f2pfbaC460EUfMRpkxor57QFhYZuZ0kB7nFfL9KT 2T5YL+SIwq0L7FaJHzk5URqLpUcYkojfSPNWc6/8Ctw4xi5eDkCbSJio9c6aMoY9 VOdOdNQkPAPnApMI0lGrppx05W5f1Xmmx1h/MMWtBwhOAUsa9C0ylqIjGsX6j0OL ur1D8yG5fvmi1cDMuIF1mdheA+BgFe/zYqnDgno6bJa9kmN41mPmNszMZRDbLkaL YymOas7sGG3vhxHeh+a+pl91JI7n2gMXaX/lImN4wwrb+EbUwJU4m/y7cI2ZouOM +x0jFb2Mg1ASKLWIgLLZ+syOibLNZQAsF5KN+iU9AgMBAAGjggKwMIICrDAdBgNV HQ4EFgQUCISdEVqoTdpt/IcGQD5D0qveh8EwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzFjOTI4ZDhmLTVmYTYtNDdkMy04OTEyLWE2Nzc1MTc2NGFkNy5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB MAUDAwAovDANBgkqhkiG9w0BAQsFAAOCAQEADIhO5az/4TFvDcVAbw38Uo01sFU5 02hjsEsWjTXW/REeUBH8JVB/eDgrxVdypGXgeN424kjQuq9GGVEj2gJaclPC75kR qAKiGTAG/+6GJbIBuekztzWsXuci78EAlpVeU6As2p3oS7ejKftHCiSgdHkxCkYF MDwBadAJFb0jS1NdIMzXXJcj55L4rPSErYHGgBE1VR63iS+Fv3hDn7cZCvNaVY3b Tfy8Z2+boIxwTwGEZaC8Mn7R/EXpn+aUszPn1dJhH5HByVtjaNP6Hbl3/6C2YM3E mUQp8U6xmbKCNy2aA97ElhfpCo//ySi3aopqVgpBFpaZCrZ9e3YnCEzQlw== -----END CERTIFICATE-----Generated at Sun Feb 16 15:28:22 2025 by rpki-client