$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bd5d39ce-9ed8-4564-a1f8-c329aaebb997.roa File: bd5d39ce-9ed8-4564-a1f8-c329aaebb997.roa (raw, json) Hash identifier: Q4Q660YonPNGBMTnCdQ6d6huHdkb66b6+WumVPy7fiA= Subject key identifier: 18:CA:26:FB:F9:2F:19:B4:B8:1B:07:D4:84:3A:CB:8D:2B:49:31:F5 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 4158DFC8CE5B969C3825ED3FD46F25D65A00FC73 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bd5d39ce-9ed8-4564-a1f8-c329aaebb997.roa Signing time: Mon 17 Feb 2025 15:30:51 +0000 ROA not before: Mon 17 Feb 2025 15:30:51 +0000 ROA not after: Mon 24 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:1ffd:8190::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sat 15 Mar 2025 00:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:58:df:c8:ce:5b:96:9c:38:25:ed:3f:d4:6f:25:d6:5a:00:fc:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Feb 17 15:30:51 2025 GMT Not After : Mar 24 23:59:59 2025 GMT Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:52:73:cf:0b:9a:06:37:05:5f:11:a8:f4:b8: df:b5:5d:a1:7d:56:91:ba:1c:83:7b:44:8c:e4:ed: 04:1b:a4:1d:b0:6d:70:72:02:a2:b6:1e:f6:a9:37: 4c:9a:98:35:5e:02:57:2f:cf:09:7f:a7:b8:86:24: 23:d6:61:b5:50:8c:18:e6:18:ac:e9:7d:a4:36:8d: c7:df:8c:4b:b1:a0:f4:01:61:9c:a7:31:a4:38:5c: bb:c0:80:46:80:5c:1f:8e:c6:0b:5e:01:5a:89:e4: af:69:71:b9:f1:b6:20:aa:04:85:91:64:77:09:16: 5a:87:67:cd:cf:6c:ff:0c:c1:ff:b2:86:9f:8b:24: 5c:82:90:8f:e4:f0:f0:fe:85:d8:62:e0:dc:de:45: 0b:88:93:f3:a2:53:c9:fe:88:a4:78:9c:88:65:c8: 42:54:4a:b7:25:f5:52:35:cf:2f:8b:48:a9:b8:a2: 3c:d3:40:87:de:31:be:21:cd:d0:82:99:65:92:3f: e8:be:2e:a6:8e:26:1f:ce:f6:b9:bd:3f:40:49:9e: 89:92:f1:38:53:20:a2:99:30:47:77:38:30:a5:f7: 1f:c9:7a:89:7f:a0:db:af:fc:76:bd:82:29:b5:14: 1d:7c:0c:49:47:d3:77:81:11:c7:5a:10:21:e6:b3: 54:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:CA:26:FB:F9:2F:19:B4:B8:1B:07:D4:84:3A:CB:8D:2B:49:31:F5 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/bd5d39ce-9ed8-4564-a1f8-c329aaebb997.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:1ffd:8190::/48 Signature Algorithm: sha256WithRSAEncryption 6c:fe:06:78:8c:3e:75:a5:e2:3b:86:7e:65:c7:bf:b2:ae:4c: 31:ba:60:a5:bb:6a:aa:44:b3:ee:1b:96:8c:cc:bc:77:e4:98: f5:30:d2:56:62:e2:45:5f:f5:dc:51:df:65:5e:52:bf:e9:e0: 97:94:49:41:2b:b6:08:09:d1:34:c7:34:6d:bf:fb:26:1e:0c: 75:11:97:99:f6:86:c1:ac:bc:a7:bb:0c:2c:1c:68:a9:85:88: 30:16:29:da:ac:e9:d6:05:b6:c0:c6:83:6f:64:d9:38:1a:42: a7:f3:8f:9e:e9:41:c8:aa:c6:2e:71:0c:ee:42:ef:aa:f7:58: e7:9b:7e:1d:60:8a:47:25:7c:59:a2:92:d9:01:5a:a9:0d:19: 37:ea:a5:7a:d3:1c:72:e7:aa:ad:5a:6b:49:b4:ad:53:e6:4d: 48:95:d2:ec:e8:57:95:b7:98:71:45:3e:90:eb:31:bd:ae:35: 21:56:e2:22:f1:e2:8f:d5:93:11:00:22:60:cc:4d:1b:9a:49: 17:be:54:fc:72:7e:d9:28:bc:8d:2b:eb:5d:d4:b4:6b:8e:dd: 49:cf:db:34:3c:5d:ef:55:53:ec:cb:23:71:87:6a:47:49:97: cb:9d:8a:31:c6:ed:42:a9:b0:f6:e4:8f:5e:f6:c9:70:5d:8c: d5:4f:ff:82 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUQVjfyM5blpw4Je0/1G8l1loA/HMwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjE3MTUzMDUxWhcNMjUwMzI0MjM1OTU5 WjB6MUkwRwYDVQQFE0AyNDk0ZGM5ZTYwYjlhM2U3MTEyOWNlZDIzZjYzMmU0N2Vl ODliODdkYjRkN2ZmZWRkMjA5OGJiZThhMDllYTQwMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDhUnPPC5oGNwVfEaj0uN+1XaF9VpG6HIN7RIzk7QQbpB2w bXByAqK2HvapN0yamDVeAlcvzwl/p7iGJCPWYbVQjBjmGKzpfaQ2jcffjEuxoPQB YZynMaQ4XLvAgEaAXB+OxgteAVqJ5K9pcbnxtiCqBIWRZHcJFlqHZ83PbP8Mwf+y hp+LJFyCkI/k8PD+hdhi4NzeRQuIk/OiU8n+iKR4nIhlyEJUSrcl9VI1zy+LSKm4 ojzTQIfeMb4hzdCCmWWSP+i+LqaOJh/O9rm9P0BJnomS8ThTIKKZMEd3ODCl9x/J eol/oNuv/Ha9gim1FB18DElH03eBEcdaECHms1TPAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUGMom+/kvGbS4GwfUhDrLjStJMfUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyL2JkNWQzOWNlLTllZDgtNDU2NC1hMWY4LWMzMjlhYWViYjk5Ny5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwAmAB/9gZAwDQYJKoZIhvcNAQELBQADggEBAGz+BniMPnWl4juGfmXHv7Ku TDG6YKW7aqpEs+4blozMvHfkmPUw0lZi4kVf9dxR32VeUr/p4JeUSUErtggJ0TTH NG2/+yYeDHURl5n2hsGsvKe7DCwcaKmFiDAWKdqs6dYFtsDGg29k2TgaQqfzj57p Qciqxi5xDO5C76r3WOebfh1gikclfFmiktkBWqkNGTfqpXrTHHLnqq1aa0m0rVPm TUiV0uzoV5W3mHFFPpDrMb2uNSFW4iLx4o/VkxEAImDMTRuaSRe+VPxyftkovI0r 613UtGuO3UnP2zQ8Xe9VU+zLI3GHakdJl8udijHG7UKpsPbkj172yXBdjNVP/4I= -----END CERTIFICATE-----Generated at Thu Mar 13 23:54:43 2025 by rpki-client