$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/267e57ab-8866-48bd-91df-1c560e2471a0.roa File: 267e57ab-8866-48bd-91df-1c560e2471a0.roa (raw, json) Hash identifier: wbBMwgBVPbbcI0kSVkyPwk19mTWNPVnnA7nu/7sfZ7c= Subject key identifier: 5E:DF:DC:25:EB:54:37:AF:22:7E:A8:BD:D2:FF:25:89:00:F0:0D:CC Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 350AAEA3960A4B030CDED393748948DF8F76C7FA Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/267e57ab-8866-48bd-91df-1c560e2471a0.roa Signing time: Tue 04 Feb 2025 00:00:00 +0000 ROA not before: Tue 04 Feb 2025 00:00:00 +0000 ROA not after: Tue 11 Mar 2025 23:59:59 +0000 asID: 8987 IP address blocks: 2600:1fff:20c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 06 Feb 2025 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:0a:ae:a3:96:0a:4b:03:0c:de:d3:93:74:89:48:df:8f:76:c7:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Feb 4 00:00:00 2025 GMT Not After : Mar 11 23:59:59 2025 GMT Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fa:46:8b:7f:c1:15:88:44:3e:f8:e5:5f:58:6a: 13:28:3c:b1:ef:71:f3:34:1b:cb:33:81:46:c5:8e: d0:73:c4:6f:23:a0:38:2f:cc:50:a4:a0:1a:17:26: c2:dd:0d:da:63:27:0c:d4:2c:f4:3a:81:a0:9d:c5: ec:88:01:97:b1:aa:70:90:6f:f2:b0:50:c1:13:a1: c1:23:98:39:6c:b4:98:36:db:a8:46:bb:42:67:42: da:e9:ca:55:1f:52:7d:87:d7:2a:68:7d:23:87:d3: fa:d7:51:16:fa:a4:de:3e:76:1e:8f:24:9b:e7:ed: 69:ca:30:9b:46:95:9e:ad:cd:a1:c1:0b:6d:c1:ed: 45:70:55:3e:e2:d8:96:f3:4e:63:92:de:8c:6b:a9: 0a:e1:32:2b:30:db:90:73:2f:f0:24:73:43:5b:a1: 60:32:4e:d9:7d:be:10:c8:c8:6e:a6:60:de:1f:4c: d6:a5:79:58:e2:3a:5c:f2:d6:d1:5d:ba:84:a0:ca: 18:17:fa:dc:da:2d:da:12:b7:33:5a:db:ad:86:8a: d3:f7:08:75:11:32:80:43:8e:b3:7c:44:95:1f:1a: 57:53:86:34:bb:7e:48:6b:f9:50:07:75:00:9d:85: 09:80:da:0a:36:45:ed:63:7d:c0:5f:d2:41:19:94: ca:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:DF:DC:25:EB:54:37:AF:22:7E:A8:BD:D2:FF:25:89:00:F0:0D:CC X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/267e57ab-8866-48bd-91df-1c560e2471a0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:1fff:20c0::/48 Signature Algorithm: sha256WithRSAEncryption 53:f2:e4:dc:ed:6e:74:fa:41:6d:66:fd:69:35:ce:4d:66:fd: b6:44:7d:ab:a5:2a:8c:3e:05:7b:ab:73:31:00:cb:85:1d:7b: 7a:4e:4e:3d:f1:16:44:33:23:c1:bb:3e:f0:92:d3:ad:9d:ae: 82:dc:af:76:f1:68:5d:45:85:61:01:eb:fa:8a:22:d2:5e:97: 98:b5:b8:8c:f8:c2:70:29:ca:c8:1b:ec:67:50:de:5e:aa:98: 9b:ef:2d:b1:bc:06:12:9f:eb:60:8b:3e:5b:cf:84:ef:23:26: 9f:b8:3c:21:6f:be:62:98:47:a4:d1:fe:c1:13:b3:82:5d:3b: 10:d1:28:6e:37:d8:40:53:81:c7:43:e3:9e:a7:b0:f3:61:7d: ea:f1:c8:ad:a5:31:0d:5a:40:da:fc:64:50:f3:b2:96:4d:e3: 62:fd:a4:5c:93:d4:05:45:96:fd:43:ba:67:5c:ac:3c:64:45: 04:fc:6a:6d:12:49:7f:58:ff:7c:94:65:b0:32:57:e3:27:f3: d7:80:80:95:23:3f:6a:d4:d2:e4:a3:d2:7d:8c:f9:6d:be:d0: 9e:00:8b:00:6c:d1:a1:af:93:dd:8c:7f:a5:d0:af:42:31:a4: 3b:2f:d1:11:0f:57:a6:3d:c6:41:d8:c6:5a:03:43:d2:26:b3: cb:36:d8:d0 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUNQquo5YKSwMM3tOTdIlI3492x/owDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjA0MDAwMDAwWhcNMjUwMzExMjM1OTU5 WjB6MUkwRwYDVQQFE0BhN2Y1YjgyOTYxOWM3YjUwZDI4ZGMzZDRhNjNjMDAzZjI0 YmEwZDE5NjI3YjlhMjBkYjMwNWNhMjliN2I1NjFjMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQD6Rot/wRWIRD745V9YahMoPLHvcfM0G8szgUbFjtBzxG8j oDgvzFCkoBoXJsLdDdpjJwzULPQ6gaCdxeyIAZexqnCQb/KwUMETocEjmDlstJg2 26hGu0JnQtrpylUfUn2H1ypofSOH0/rXURb6pN4+dh6PJJvn7WnKMJtGlZ6tzaHB C23B7UVwVT7i2JbzTmOS3oxrqQrhMisw25BzL/Akc0NboWAyTtl9vhDIyG6mYN4f TNaleVjiOlzy1tFduoSgyhgX+tzaLdoStzNa262GitP3CHURMoBDjrN8RJUfGldT hjS7fkhr+VAHdQCdhQmA2go2Re1jfcBf0kEZlMphAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUXt/cJetUN68ifqi90v8liQDwDcwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzI2N2U1N2FiLTg4NjYtNDhiZC05MWRmLTFjNTYwZTI0NzFhMC5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwAmAB//IMAwDQYJKoZIhvcNAQELBQADggEBAFPy5NztbnT6QW1m/Wk1zk1m /bZEfaulKow+BXurczEAy4Ude3pOTj3xFkQzI8G7PvCS062droLcr3bxaF1FhWEB 6/qKItJel5i1uIz4wnApysgb7GdQ3l6qmJvvLbG8BhKf62CLPlvPhO8jJp+4PCFv vmKYR6TR/sETs4JdOxDRKG432EBTgcdD456nsPNhferxyK2lMQ1aQNr8ZFDzspZN 42L9pFyT1AVFlv1DumdcrDxkRQT8am0SSX9Y/3yUZbAyV+Mn89eAgJUjP2rU0uSj 0n2M+W2+0J4AiwBs0aGvk92Mf6XQr0IxpDsv0REPV6Y9xkHYxloDQ9Ims8s22NA= -----END CERTIFICATE-----Generated at Wed Feb 5 15:50:30 2025 by rpki-client