$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/67a05120-4845-4b60-92db-2e9dac9efa8a.roa File: 67a05120-4845-4b60-92db-2e9dac9efa8a.roa (raw, json) Hash identifier: AEjNkoih2yDrebVuflFqh1ZWZvs3XopGxh5faPxfvpo= Subject key identifier: AE:7B:82:35:86:CA:BE:63:0A:25:4E:FA:E5:6C:69:8C:FB:5C:EA:33 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 354363783E89FD45365D6893ECA6E06AFBB11726 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/67a05120-4845-4b60-92db-2e9dac9efa8a.roa Signing time: Sat 15 Feb 2025 00:50:16 +0000 ROA not before: Sat 15 Feb 2025 00:50:16 +0000 ROA not after: Sat 22 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 199.183.144.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Mon 17 Feb 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:43:63:78:3e:89:fd:45:36:5d:68:93:ec:a6:e0:6a:fb:b1:17:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Feb 15 00:50:16 2025 GMT Not After : Mar 22 23:59:59 2025 GMT Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:26:a5:06:48:84:73:c7:f2:34:90:98:0a:f0: f1:fb:ce:b0:33:9a:18:27:f4:c3:2c:9c:67:9e:40: 5f:16:51:80:f8:83:f8:ff:44:53:3d:ec:52:f5:9b: 8a:c8:3b:6c:6f:2d:b0:5a:02:85:fa:09:28:af:88: be:da:f4:2f:ec:82:6d:a8:6f:95:f0:ce:33:08:50: 4e:11:5c:49:99:7c:82:e3:52:48:cd:26:af:81:a7: 4d:dd:49:21:d8:1f:94:47:fb:0c:f0:e0:b1:bf:9c: 32:72:77:ab:1b:56:dd:5f:08:0e:61:a3:5f:c6:0d: eb:b1:f9:0b:6c:39:94:fc:11:b3:ae:69:e2:b0:cc: c3:d4:2b:34:5d:d9:78:dd:35:65:9e:58:e4:d9:8d: 1f:76:3d:ce:5b:0e:ab:58:fc:2b:0c:2f:1e:60:33: 6d:e7:9b:03:6c:b4:95:22:0a:e2:52:c5:b4:67:4c: e1:2f:da:f3:2d:40:b4:a7:f7:38:b2:85:d3:d3:e6: 4b:d7:a8:67:8a:ea:d1:ff:45:95:15:b3:0a:27:d4: a4:70:c4:23:f3:e4:30:ae:16:60:f8:08:cf:b4:44: 22:d4:de:97:21:40:17:47:b1:32:02:94:7d:fa:ce: ba:14:df:95:7a:79:91:64:0b:7f:0a:98:6d:9c:09: 9c:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:7B:82:35:86:CA:BE:63:0A:25:4E:FA:E5:6C:69:8C:FB:5C:EA:33 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/67a05120-4845-4b60-92db-2e9dac9efa8a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 199.183.144.0/20 Signature Algorithm: sha256WithRSAEncryption 0f:94:f7:f2:a0:0f:fe:68:e4:7f:ca:96:85:0d:01:78:7b:1f: cf:35:cf:1e:8a:1b:1b:05:be:c6:f2:0a:ff:88:79:f5:76:cd: 29:fc:9a:d6:63:ab:69:81:1e:df:1b:11:93:a4:59:ee:65:7b: d2:7a:20:1b:33:7a:04:9d:77:62:1e:71:e4:1e:af:83:a0:c3: b7:5c:61:af:c3:03:3a:00:e8:4d:78:b4:20:d6:0e:87:96:56: 37:7f:83:77:2b:fa:bc:98:19:5a:c1:25:19:f6:6e:9b:10:68: 34:f2:78:7f:69:83:ef:77:7b:05:99:13:fe:eb:04:2f:ef:8b: 0d:4f:10:c6:f2:7a:58:c3:79:97:e1:26:c5:b0:37:15:36:f4: e6:e0:81:aa:b0:0f:3a:7b:00:fb:7c:a2:0e:bb:8a:58:16:e9: 18:d2:e2:7f:a0:f2:08:07:5e:36:10:4a:56:49:64:7e:f0:26: 4a:e9:b4:70:38:8f:29:73:63:29:e9:ba:50:a9:93:21:28:09: 46:9e:09:ae:f2:55:de:57:91:5c:52:2c:b9:33:57:1f:bf:dc: 00:6d:01:c4:69:81:92:12:84:56:52:8f:04:d5:0c:fd:53:35: ad:72:c9:28:f4:5d:ef:4b:21:e9:3c:27:05:2a:89:9d:1c:24: 4f:e6:c4:be -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUNUNjeD6J/UU2XWiT7KbgavuxFyYwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjE1MDA1MDE2WhcNMjUwMzIyMjM1OTU5 WjB6MUkwRwYDVQQFE0AwYmYwNmQ5YTI5Yzk5YzAwZjEyY2FhYmU0NGI2NWM4YmYz YjMxMTNiMTc0YjczN2QyZTQyYzk3N2U3ZDJhN2MyMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCRJqUGSIRzx/I0kJgK8PH7zrAzmhgn9MMsnGeeQF8WUYD4 g/j/RFM97FL1m4rIO2xvLbBaAoX6CSiviL7a9C/sgm2ob5XwzjMIUE4RXEmZfILj UkjNJq+Bp03dSSHYH5RH+wzw4LG/nDJyd6sbVt1fCA5ho1/GDeux+QtsOZT8EbOu aeKwzMPUKzRd2XjdNWWeWOTZjR92Pc5bDqtY/CsMLx5gM23nmwNstJUiCuJSxbRn TOEv2vMtQLSn9ziyhdPT5kvXqGeK6tH/RZUVswon1KRwxCPz5DCuFmD4CM+0RCLU 3pchQBdHsTIClH36zroU35V6eZFkC38KmG2cCZwrAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUrnuCNYbKvmMKJU765WxpjPtc6jMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzY3YTA1MTIwLTQ4NDUtNGI2MC05MmRiLTJlOWRhYzllZmE4YS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBATHt5AwDQYJKoZIhvcNAQELBQADggEBAA+U9/KgD/5o5H/KloUNAXh7H881 zx6KGxsFvsbyCv+IefV2zSn8mtZjq2mBHt8bEZOkWe5le9J6IBszegSdd2IeceQe r4Ogw7dcYa/DAzoA6E14tCDWDoeWVjd/g3cr+ryYGVrBJRn2bpsQaDTyeH9pg+93 ewWZE/7rBC/viw1PEMbyeljDeZfhJsWwNxU29ObggaqwDzp7APt8og67ilgW6RjS 4n+g8ggHXjYQSlZJZH7wJkrptHA4jylzYynpulCpkyEoCUaeCa7yVd5XkVxSLLkz Vx+/3ABtAcRpgZIShFZSjwTVDP1TNa1yySj0Xe9LIek8JwUqiZ0cJE/mxL4= -----END CERTIFICATE-----Generated at Sun Feb 16 15:38:22 2025 by rpki-client