$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/61c5552e-f911-4049-840d-5f76ab2a6dd0.roa File: 61c5552e-f911-4049-840d-5f76ab2a6dd0.roa (raw, json) Hash identifier: +wNlU+OyHYwH0+A9nym5UysYZUls/71NgebcDtMc8pE= Subject key identifier: 16:48:FF:40:02:9C:82:08:B8:AC:3A:C6:D3:23:15:23:24:50:12:72 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 08B7B80CEA3E08CBAB68E6A12C97A4D9B78D3CF4 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/61c5552e-f911-4049-840d-5f76ab2a6dd0.roa Signing time: Fri 14 Feb 2025 00:10:48 +0000 ROA not before: Fri 14 Feb 2025 00:10:48 +0000 ROA not after: Fri 21 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 149.187.128.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Mon 17 Feb 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:b7:b8:0c:ea:3e:08:cb:ab:68:e6:a1:2c:97:a4:d9:b7:8d:3c:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Feb 14 00:10:48 2025 GMT Not After : Mar 21 23:59:59 2025 GMT Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:4f:86:ce:2f:63:1a:6a:d9:d2:3d:b6:6e:e7: 94:ad:b9:f4:9b:f6:3d:19:83:82:18:49:55:07:fc: 8e:c3:72:8a:69:f5:2f:27:50:95:09:22:87:a9:d5: af:e4:9e:e9:85:e4:09:46:04:9c:cf:70:18:31:e1: 49:19:af:02:db:33:54:53:f8:4a:1c:0f:6e:69:b2: a2:46:00:84:f8:cb:dc:2e:9a:81:e2:2a:ca:da:10: 12:3d:8e:1b:7f:f4:17:74:5a:b7:18:dc:d3:6c:34: 0a:9f:4a:2d:e7:d7:21:64:c3:3e:ef:03:09:a1:68: 63:f4:24:19:53:c4:e5:30:ba:70:51:49:c9:3c:ad: eb:07:d9:3e:55:c9:e8:47:37:a6:bd:51:a6:92:b1: c2:ac:ea:6b:f9:5d:0d:3a:63:46:b4:3c:76:b1:2c: 3e:ea:92:8a:cf:8c:98:c8:fc:cd:c9:b9:76:4b:59: 37:73:9e:d5:4f:3b:a9:98:f2:be:ca:aa:ed:77:e5: 2f:09:fd:2c:77:21:de:51:d5:80:4d:04:1c:7c:1a: 5c:18:90:23:72:4c:98:6b:1c:a6:d1:4c:41:9f:a9: a6:4e:b8:73:34:a8:4e:9c:ce:ce:21:0f:7f:e2:68: 98:88:ac:57:0e:df:36:74:01:c0:42:82:a4:0d:b9: 2a:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:48:FF:40:02:9C:82:08:B8:AC:3A:C6:D3:23:15:23:24:50:12:72 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/61c5552e-f911-4049-840d-5f76ab2a6dd0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 149.187.128.0/17 Signature Algorithm: sha256WithRSAEncryption bb:69:77:d3:1a:1a:78:82:10:72:31:f2:63:14:3f:bc:a1:51: 54:64:c6:78:d8:f8:e6:9b:3e:56:7e:55:2f:e6:c7:8d:2c:82: fe:75:6c:4e:b9:da:dd:26:9b:d2:99:85:c8:68:9d:b6:2a:5e: 36:23:e9:a0:6a:82:29:89:ec:39:ff:90:6b:08:dd:36:4d:a1: db:4e:0c:66:30:52:ad:16:0f:fb:1e:10:b7:88:c2:42:1f:c0: 54:92:48:e1:32:c6:5a:61:4b:36:ea:de:4c:b4:a7:d9:e9:ef: 98:d5:71:cb:a7:b0:bc:7f:92:5f:84:d6:7c:c3:d9:f0:46:f4: 25:11:1f:b8:66:32:4e:27:bc:9e:8b:d1:36:3d:cb:8e:ed:53: 39:f1:23:ae:46:66:46:2e:95:2d:91:08:e5:0e:bb:59:f8:50: 45:51:62:c3:12:9a:9c:3f:b9:9b:39:aa:3c:5f:2e:a8:4c:77: ab:9c:54:e8:33:82:3a:d7:cf:53:5d:84:8e:17:18:f2:f8:42: 39:28:36:58:8e:c7:dd:ef:dd:46:49:35:a5:fa:4a:ca:83:d9: 1e:e4:a2:9b:74:aa:b6:62:db:c9:73:c2:7d:4f:a6:7e:64:08: 67:52:15:34:9f:5d:05:45:30:2d:5f:cb:60:4a:e4:12:ee:40: 04:74:0d:91 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUCLe4DOo+CMuraOahLJek2beNPPQwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjE0MDAxMDQ4WhcNMjUwMzIxMjM1OTU5 WjB6MUkwRwYDVQQFE0BjMWJlNTg2NTkwMjllNTA1NmYyMTA4NjE4NGViMmYyNDAx ODk0YjA0N2JiNzBhYmYwNWY0YWUxNjNjOTg1NWNjMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQClT4bOL2MaatnSPbZu55StufSb9j0Zg4IYSVUH/I7Dcopp 9S8nUJUJIoep1a/knumF5AlGBJzPcBgx4UkZrwLbM1RT+EocD25psqJGAIT4y9wu moHiKsraEBI9jht/9Bd0WrcY3NNsNAqfSi3n1yFkwz7vAwmhaGP0JBlTxOUwunBR Sck8resH2T5VyehHN6a9UaaSscKs6mv5XQ06Y0a0PHaxLD7qkorPjJjI/M3JuXZL WTdzntVPO6mY8r7Kqu135S8J/Sx3Id5R1YBNBBx8GlwYkCNyTJhrHKbRTEGfqaZO uHM0qE6czs4hD3/iaJiIrFcO3zZ0AcBCgqQNuSqLAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUFkj/QAKcggi4rDrG0yMVIyRQEnIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzYxYzU1NTJlLWY5MTEtNDA0OS04NDBkLTVmNzZhYjJhNmRkMC5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAeVu4AwDQYJKoZIhvcNAQELBQADggEBALtpd9MaGniCEHIx8mMUP7yhUVRk xnjY+OabPlZ+VS/mx40sgv51bE652t0mm9KZhchonbYqXjYj6aBqgimJ7Dn/kGsI 3TZNodtODGYwUq0WD/seELeIwkIfwFSSSOEyxlphSzbq3ky0p9np75jVccunsLx/ kl+E1nzD2fBG9CURH7hmMk4nvJ6L0TY9y47tUznxI65GZkYulS2RCOUOu1n4UEVR YsMSmpw/uZs5qjxfLqhMd6ucVOgzgjrXz1NdhI4XGPL4QjkoNliOx93v3UZJNaX6 SsqD2R7kopt0qrZi28lzwn1Ppn5kCGdSFTSfXQVFMC1fy2BK5BLuQAR0DZE= -----END CERTIFICATE-----Generated at Sun Feb 16 15:15:51 2025 by rpki-client