$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c23a83e6-32c4-43b4-9986-8f3da063223c.roa File: c23a83e6-32c4-43b4-9986-8f3da063223c.roa (raw, json) Hash identifier: 08iUtQXo5Zxf02xY6Wu6dB/WCoN/ymnvYaZefMqTlC8= Subject key identifier: CA:97:E1:44:2C:B2:FF:49:2B:2D:A8:2A:46:94:92:AF:E4:60:E6:7C Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 5E02379064DBBF494EA3E56AB0C476694A6C45DC Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c23a83e6-32c4-43b4-9986-8f3da063223c.roa Signing time: Mon 31 Mar 2025 15:11:43 +0000 ROA not before: Mon 31 Mar 2025 15:11:43 +0000 ROA not after: Mon 05 May 2025 23:59:59 +0000 asID: 14618 IP address blocks: 204.236.192.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 17 Apr 2025 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:02:37:90:64:db:bf:49:4e:a3:e5:6a:b0:c4:76:69:4a:6c:45:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Mar 31 15:11:43 2025 GMT Not After : May 5 23:59:59 2025 GMT Subject: serialNumber=08cbd7e4f1dd32703d1fc1607d79abec7a593301069d239115c38a49d02e8150, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:8d:39:c8:d6:8e:c0:3d:d0:28:d4:d2:96:95: 42:53:f3:de:9c:75:29:85:a6:31:d3:89:13:28:ae: 20:5f:cd:9f:7f:07:96:c4:f0:c3:1e:db:43:e1:93: 89:9b:11:e2:fd:32:c9:64:44:82:df:e5:11:eb:96: d7:6c:f6:ab:4d:c5:61:32:b1:db:7d:63:73:89:cb: ca:3f:cc:62:a0:7b:8e:75:02:4d:8a:30:6c:b9:00: 8d:42:92:ad:a2:9d:0b:29:94:38:28:4c:78:58:c1: 16:10:70:fb:2f:70:ec:25:c1:91:2b:a9:b4:08:21: e8:9e:09:83:77:37:11:4e:6d:6e:ac:03:2f:ed:6f: 03:63:5a:2b:0d:b8:ac:96:83:f8:40:38:e9:51:b6: 33:ce:4a:07:e2:cf:cd:44:d6:9a:cf:82:ed:0f:3d: 5d:95:7b:2b:34:4f:57:52:91:53:92:6e:7a:1e:54: fd:71:f1:e2:ec:5b:7d:11:ba:2d:ed:37:99:e6:2b: 8a:24:c3:94:55:23:f9:c6:59:6d:91:8b:ea:06:75: af:63:e5:d8:df:1d:3a:03:2b:63:c8:be:b8:a2:c9: 9c:a6:6f:a5:1f:78:db:b4:f7:d6:f0:3d:0c:58:30: 8a:02:51:5b:72:33:18:de:13:3d:2b:3f:53:62:57: 1c:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:97:E1:44:2C:B2:FF:49:2B:2D:A8:2A:46:94:92:AF:E4:60:E6:7C X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c23a83e6-32c4-43b4-9986-8f3da063223c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 204.236.192.0/20 Signature Algorithm: sha256WithRSAEncryption 1d:79:f8:14:b6:88:db:9d:7d:0b:52:eb:2a:45:26:b4:ff:8a: 01:7d:93:dc:07:85:ee:b9:ba:f3:82:31:33:c7:60:ab:14:a1: d1:38:66:8c:c2:a5:7a:e1:59:b7:e7:d9:79:71:f1:75:e1:43: cc:9c:48:f5:5c:e5:ae:96:73:ba:38:d7:fc:8d:31:66:7e:f4: 6a:c0:8d:93:99:ad:0d:fa:65:74:41:4b:a6:38:76:22:3c:41: 65:25:11:d9:57:d7:60:52:38:40:7f:3b:90:ca:ac:c2:86:59: e7:53:ac:49:5b:d5:c5:d6:e2:21:92:64:4d:f4:01:01:4d:1c: fb:f4:ac:a8:dc:53:cb:19:de:4e:c0:9a:22:fd:a4:54:00:ff: ec:5c:3b:b4:9d:b5:7e:17:4d:9b:5b:11:73:16:00:d3:e5:2c: 57:3e:85:b2:97:1e:1a:1e:33:5d:b2:7c:04:23:63:e1:2d:d2: cb:52:a8:de:b6:55:e1:56:c7:e9:79:cd:47:36:e7:4f:31:37: 98:76:55:59:7d:af:7b:18:86:8b:27:c6:cf:5b:3e:cf:47:f7: 57:dd:1e:1b:29:cd:6c:52:60:6b:2d:3a:c3:c4:65:36:42:55: c7:f8:1c:78:bd:16:dd:f5:d8:ea:af:22:51:93:c4:42:90:43: b9:dc:f8:8d -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUXgI3kGTbv0lOo+VqsMR2aUpsRdwwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzMxMTUxMTQzWhcNMjUwNTA1MjM1OTU5 WjB6MUkwRwYDVQQFE0AwOGNiZDdlNGYxZGQzMjcwM2QxZmMxNjA3ZDc5YWJlYzdh NTkzMzAxMDY5ZDIzOTExNWMzOGE0OWQwMmU4MTUwMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQChjTnI1o7APdAo1NKWlUJT896cdSmFpjHTiRMoriBfzZ9/ B5bE8MMe20Phk4mbEeL9MslkRILf5RHrltds9qtNxWEysdt9Y3OJy8o/zGKge451 Ak2KMGy5AI1Ckq2inQsplDgoTHhYwRYQcPsvcOwlwZErqbQIIeieCYN3NxFObW6s Ay/tbwNjWisNuKyWg/hAOOlRtjPOSgfiz81E1prPgu0PPV2Veys0T1dSkVOSbnoe VP1x8eLsW30Rui3tN5nmK4okw5RVI/nGWW2Ri+oGda9j5djfHToDK2PIvriiyZym b6UfeNu099bwPQxYMIoCUVtyMxjeEz0rP1NiVxyFAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUypfhRCyy/0krLagqRpSSr+Rg5nwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyL2MyM2E4M2U2LTMyYzQtNDNiNC05OTg2LThmM2RhMDYzMjIzYy5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBATM7MAwDQYJKoZIhvcNAQELBQADggEBAB15+BS2iNudfQtS6ypFJrT/igF9 k9wHhe65uvOCMTPHYKsUodE4ZozCpXrhWbfn2Xlx8XXhQ8ycSPVc5a6Wc7o41/yN MWZ+9GrAjZOZrQ36ZXRBS6Y4diI8QWUlEdlX12BSOEB/O5DKrMKGWedTrElb1cXW 4iGSZE30AQFNHPv0rKjcU8sZ3k7AmiL9pFQA/+xcO7SdtX4XTZtbEXMWANPlLFc+ hbKXHhoeM12yfAQjY+Et0stSqN62VeFWx+l5zUc2508xN5h2VVl9r3sYhosnxs9b Ps9H91fdHhspzWxSYGstOsPEZTZCVcf4HHi9Ft312OqvIlGTxEKQQ7nc+I0= -----END CERTIFICATE-----Generated at Wed Apr 16 16:44:43 2025 by rpki-client