$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c704ddcc-711f-4127-96d6-6282d5b2cfec.roa File: c704ddcc-711f-4127-96d6-6282d5b2cfec.roa (raw, json) Hash identifier: MHYewwvZKxw6WVBDVUCeKhX16aie3NXHtZS+0NM1FaM= Subject key identifier: 49:2C:30:0B:9C:0B:9A:FF:F0:92:6E:58:E3:1C:DF:B4:50:07:2D:F2 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 688231C7B95E0CBA867D741518CA1645776751 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c704ddcc-711f-4127-96d6-6282d5b2cfec.roa Signing time: Wed 24 Apr 2024 00:00:00 +0000 ROA not before: Wed 24 Apr 2024 00:00:00 +0000 ROA not after: Wed 29 May 2024 23:59:59 +0000 asID: 14618 IP address blocks: 56.86.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Fri 03 May 2024 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:82:31:c7:b9:5e:0c:ba:86:7d:74:15:18:ca:16:45:77:67:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Apr 24 00:00:00 2024 GMT Not After : May 29 23:59:59 2024 GMT Subject: serialNumber=2d1a14c618156117a688c8d076d6f894501a84ed4ec02fbcf8394d059f342c34, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:db:f4:cd:2b:23:49:9b:dc:e2:b4:23:54:1e: 4e:ca:36:48:24:a0:c8:f2:43:48:42:3e:10:45:aa: e2:1a:e2:df:94:92:25:76:71:57:62:4c:bf:8e:c7: 17:43:a4:3d:ff:f4:12:c4:72:05:a4:21:88:7e:dd: 95:6d:26:66:e5:b4:f2:5a:40:72:b7:83:44:5c:c3: 33:a7:d3:48:e7:30:34:e8:5e:09:f1:a2:b3:6d:01: 65:37:75:3d:f5:0a:35:bf:89:48:56:92:83:e5:5c: 17:e5:f4:8d:72:55:7c:f5:bf:21:5d:c2:09:f9:13: 5d:54:a4:15:a6:7d:97:fd:7a:41:fe:cf:9b:fa:49: f6:1d:13:82:43:48:f5:7e:2b:a4:38:4c:0b:ce:76: 37:3a:9a:d0:54:12:8b:3f:8c:d4:47:91:95:58:04: 53:d5:fc:3f:da:55:8c:61:46:ed:4d:da:c0:df:0d: b1:e9:c1:96:81:36:0e:45:47:db:f8:98:6d:52:ad: ea:c4:cb:5e:47:4f:e0:7e:41:92:a0:93:0a:6a:ab: ba:2c:e9:b1:21:e7:50:fb:9b:c4:04:6e:3e:6a:0f: bd:b5:74:f0:b2:67:dd:34:02:16:34:96:ea:f2:9c: ed:21:65:d1:af:e9:b5:e8:b5:2e:d5:06:40:34:75: e3:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:2C:30:0B:9C:0B:9A:FF:F0:92:6E:58:E3:1C:DF:B4:50:07:2D:F2 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c704ddcc-711f-4127-96d6-6282d5b2cfec.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 56.86.0.0/16 Signature Algorithm: sha256WithRSAEncryption 02:04:bc:d9:eb:b0:cb:fe:bb:1f:7c:f7:72:ff:21:af:23:9e: 98:d6:cc:3b:ac:8a:b8:7e:aa:f3:7b:de:f6:f3:04:49:ac:c5: 3b:7f:38:6f:e6:f3:33:6e:5f:91:1f:ca:c2:8f:9d:79:53:29: 5a:5f:6b:57:7a:5d:6a:7d:de:ea:c3:dd:42:bb:9b:96:df:c4: 55:de:34:bd:91:e1:2c:11:fa:75:47:39:47:1c:e5:a0:69:40: e7:39:4c:2f:3a:f7:5c:d2:82:79:0d:36:98:fc:f6:57:e4:94: 25:2c:a7:d8:76:04:cc:c3:55:b2:59:a3:d3:e2:8a:b9:bb:8b: 35:a2:e9:dc:ec:eb:05:ff:61:a4:e0:c5:8c:9e:48:aa:e1:d1: 9f:00:30:05:73:45:fa:21:6f:9c:b6:6f:4c:b4:6a:b5:16:a8: 77:ef:b1:d3:53:90:c0:76:38:21:b4:41:40:26:3c:c4:3a:82: 53:77:20:dd:05:80:27:34:64:55:70:fc:56:ca:7e:9c:21:82: b3:36:b8:2b:12:78:a3:db:7c:bd:d9:13:5d:2c:cc:d2:f5:26: e6:4e:d6:7c:0b:63:ae:26:6a:88:7b:81:0f:df:4f:95:b7:57: 85:21:b2:9a:cf:26:16:4d:2a:30:9e:8a:ee:99:98:7c:70:20: 04:3c:36:0b -----BEGIN CERTIFICATE----- MIIF9jCCBN6gAwIBAgITaIIxx7leDLqGfXQVGMoWRXdnUTANBgkqhkiG9w0BAQsF ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz NzEwN2RiZThjYjcxZDBhNzAeFw0yNDA0MjQwMDAwMDBaFw0yNDA1MjkyMzU5NTla MHoxSTBHBgNVBAUTQDJkMWExNGM2MTgxNTYxMTdhNjg4YzhkMDc2ZDZmODk0NTAx YTg0ZWQ0ZWMwMmZiY2Y4Mzk0ZDA1OWYzNDJjMzQxLTArBgNVBAMTJGIyNWM5NzBm LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBAM7b9M0rI0mb3OK0I1QeTso2SCSgyPJDSEI+EEWq4hri35SS JXZxV2JMv47HF0OkPf/0EsRyBaQhiH7dlW0mZuW08lpAcreDRFzDM6fTSOcwNOhe CfGis20BZTd1PfUKNb+JSFaSg+VcF+X0jXJVfPW/IV3CCfkTXVSkFaZ9l/16Qf7P m/pJ9h0TgkNI9X4rpDhMC852Nzqa0FQSiz+M1EeRlVgEU9X8P9pVjGFG7U3awN8N senBloE2DkVH2/iYbVKt6sTLXkdP4H5BkqCTCmqruizpsSHnUPubxARuPmoPvbV0 8LJn3TQCFjSW6vKc7SFl0a/ptei1LtUGQDR14xcCAwEAAaOCArAwggKsMB0GA1Ud DgQWBBRJLDALnAua//CSbljjHN+0UAct8jAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy NWMwNDI5NDIvYzcwNGRkY2MtNzExZi00MTI3LTk2ZDYtNjI4MmQ1YjJjZmVjLnJv YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0 LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw BQMDADhWMA0GCSqGSIb3DQEBCwUAA4IBAQACBLzZ67DL/rsffPdy/yGvI56Y1sw7 rIq4fqrze9728wRJrMU7fzhv5vMzbl+RH8rCj515UylaX2tXel1qfd7qw91Cu5uW 38RV3jS9keEsEfp1RzlHHOWgaUDnOUwvOvdc0oJ5DTaY/PZX5JQlLKfYdgTMw1Wy WaPT4oq5u4s1ounc7OsF/2Gk4MWMnkiq4dGfADAFc0X6IW+ctm9MtGq1Fqh377HT U5DAdjghtEFAJjzEOoJTdyDdBYAnNGRVcPxWyn6cIYKzNrgrEnij23y92RNdLMzS 9SbmTtZ8C2OuJmqIe4EP30+Vt1eFIbKazyYWTSownorumZh8cCAEPDYL -----END CERTIFICATE-----Generated at Thu May 2 11:33:24 2024 by rpki-client on console-fra.rpki-client.org