$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/afe3f41c-3477-4fb3-ad26-6f3a9793063f.roa File: afe3f41c-3477-4fb3-ad26-6f3a9793063f.roa (raw, json) Hash identifier: 4x/o5ulJgHdADMAQe++UFYSg1xUFV7PlaMCs2ixBOA0= Subject key identifier: 01:6C:D6:0D:FA:E8:68:61:20:52:27:F7:03:7E:16:8D:B7:13:D7:DE Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 5F9F3287B1E8B5A3A85FC55ED9581F181E621420 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/afe3f41c-3477-4fb3-ad26-6f3a9793063f.roa Signing time: Fri 22 Sep 2023 00:00:00 +0000 ROA not before: Fri 22 Sep 2023 00:00:00 +0000 ROA not after: Fri 27 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 104.153.119.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 24 Sep 2023 00:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:9f:32:87:b1:e8:b5:a3:a8:5f:c5:5e:d9:58:1f:18:1e:62:14:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Sep 22 00:00:00 2023 GMT Not After : Oct 27 23:59:59 2023 GMT Subject: serialNumber=8814d5563777be1a048943e5c63a35051dcf34c377277133cdccd5c40a8cac19, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:3b:aa:6d:41:c3:f6:8e:b8:2e:94:89:e2:46: 72:a3:a6:c9:8a:3d:10:d1:01:63:58:5d:5e:60:d0: 83:33:b9:35:09:12:32:cb:ed:90:f0:a9:8b:5d:35: 85:3d:85:17:e3:93:83:ce:b3:f4:17:4e:6e:e3:5a: 8d:ea:33:08:76:71:8c:83:25:c8:8a:19:7c:c8:1e: 5c:f0:62:39:c8:cf:48:01:36:61:35:e1:56:36:78: fe:3d:4f:cc:34:36:ef:fc:a4:3e:87:54:da:99:a3: fe:90:37:bc:5b:d2:66:14:24:3b:60:4b:af:b1:8b: bd:61:a2:06:27:3d:9c:62:76:fe:47:5f:4e:8d:51: e9:3b:0f:ab:65:27:81:57:36:dc:19:ea:cc:47:60: ee:55:cc:73:df:77:16:e7:65:b5:13:9e:db:db:b1: 34:f3:02:e1:40:19:81:98:c6:ec:97:0e:31:29:29: d7:fc:18:61:46:15:af:69:bc:5e:a4:06:c9:3e:87: 2e:15:c8:2d:c8:44:6c:5c:f9:7b:c5:e6:10:fa:5c: f0:69:2a:d4:b7:de:fa:09:15:e8:e3:cb:ec:d4:fd: 0b:c4:9a:f2:fa:41:9f:38:27:9d:e1:7e:18:44:61: 8b:34:5e:ee:24:17:c3:3c:4e:c6:93:7c:c5:c1:c8: 51:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:6C:D6:0D:FA:E8:68:61:20:52:27:F7:03:7E:16:8D:B7:13:D7:DE X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/afe3f41c-3477-4fb3-ad26-6f3a9793063f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 104.153.119.0/24 Signature Algorithm: sha256WithRSAEncryption a3:1b:08:56:cd:ab:4c:41:ba:6f:10:9b:60:bd:ec:a3:19:84: b7:a9:25:8a:ec:d2:3a:b7:23:58:d9:05:df:4a:d6:03:d0:93: db:26:82:72:d5:7b:eb:69:1d:3a:61:51:24:d7:32:4d:f5:6e: 73:21:ee:c5:14:c1:41:b4:ab:78:67:6a:5c:59:b7:6b:e8:f0: 92:dc:7a:3c:f2:15:d9:ec:f2:32:41:5a:c7:92:3e:dc:5c:97: ca:9c:b5:00:a9:94:2b:be:e5:62:d1:11:39:8e:15:c6:a9:14: 34:94:3f:11:47:52:33:ad:83:ba:68:a6:b0:b3:d7:0c:62:46: db:8a:df:d6:e4:cf:30:49:06:f8:9c:65:47:2d:16:b4:8a:59: 3b:a9:8f:fa:76:68:ea:5f:29:4e:6d:81:bd:49:87:c7:8f:fa: 9b:59:2d:bb:18:3b:71:50:98:ae:87:2e:c1:44:72:cb:b5:a2: 95:44:8d:ce:f1:92:fc:a6:b6:12:61:8c:31:05:18:0e:73:5c: bb:81:39:03:82:25:c6:38:e2:ed:2f:47:27:bb:19:16:82:73: ec:93:1e:68:7a:ee:90:fc:c6:6a:7c:e1:66:2e:80:03:dc:e5: 87:63:33:7b:aa:0e:a9:3d:62:1c:36:00:e0:c7:4a:d3:dc:52: 46:e2:d1:a4 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUX58yh7HotaOoX8Ve2VgfGB5iFCAwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjMwOTIyMDAwMDAwWhcNMjMxMDI3MjM1OTU5 WjB6MUkwRwYDVQQFE0A4ODE0ZDU1NjM3NzdiZTFhMDQ4OTQzZTVjNjNhMzUwNTFk Y2YzNGMzNzcyNzcxMzNjZGNjZDVjNDBhOGNhYzE5MS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCiO6ptQcP2jrgulIniRnKjpsmKPRDRAWNYXV5g0IMzuTUJ EjLL7ZDwqYtdNYU9hRfjk4POs/QXTm7jWo3qMwh2cYyDJciKGXzIHlzwYjnIz0gB NmE14VY2eP49T8w0Nu/8pD6HVNqZo/6QN7xb0mYUJDtgS6+xi71hogYnPZxidv5H X06NUek7D6tlJ4FXNtwZ6sxHYO5VzHPfdxbnZbUTntvbsTTzAuFAGYGYxuyXDjEp Kdf8GGFGFa9pvF6kBsk+hy4VyC3IRGxc+XvF5hD6XPBpKtS33voJFejjy+zU/QvE mvL6QZ84J53hfhhEYYs0Xu4kF8M8TsaTfMXByFEPAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUAWzWDfroaGEgUif3A34WjbcT194wHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyL2FmZTNmNDFjLTM0NzctNGZiMy1hZDI2LTZmM2E5NzkzMDYzZi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBABomXcwDQYJKoZIhvcNAQELBQADggEBAKMbCFbNq0xBum8Qm2C97KMZhLep JYrs0jq3I1jZBd9K1gPQk9smgnLVe+tpHTphUSTXMk31bnMh7sUUwUG0q3hnalxZ t2vo8JLcejzyFdns8jJBWseSPtxcl8qctQCplCu+5WLRETmOFcapFDSUPxFHUjOt g7poprCz1wxiRtuK39bkzzBJBvicZUctFrSKWTupj/p2aOpfKU5tgb1Jh8eP+ptZ LbsYO3FQmK6HLsFEcsu1opVEjc7xkvymthJhjDEFGA5zXLuBOQOCJcY44u0vRye7 GRaCc+yTHmh67pD8xmp84WYugAPc5YdjM3uqDqk9Yhw2AODHStPcUkbi0aQ= -----END CERTIFICATE-----Generated at Fri Sep 22 22:27:02 2023 by rpki-client on console-fra.rpki-client.org