$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/14518d87-9a80-47da-80c6-efeb62f0643b.roa File: 14518d87-9a80-47da-80c6-efeb62f0643b.roa (raw, json) Hash identifier: dBTn0uvxU0smVPW+c9eXfn8VMxxcpFqCd3Wr8LpUayc= Subject key identifier: EE:1C:6F:DD:40:D0:50:47:68:49:B5:8E:B1:37:DC:34:3F:4F:E9:B0 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 6A53A286F25766A49827C717079B2D17E0DA3048 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/14518d87-9a80-47da-80c6-efeb62f0643b.roa Signing time: Tue 20 May 2025 18:00:57 +0000 ROA not before: Tue 20 May 2025 18:00:57 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:f0f0:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Wed 04 Jun 2025 22:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:53:a2:86:f2:57:66:a4:98:27:c7:17:07:9b:2d:17:e0:da:30:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: May 20 18:00:57 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=ed64bd4482ca928cd92cf01a0cec1e8b99cabb9ed7bab9959e2df8d096f7e198, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:59:44:43:92:44:49:46:1c:ff:78:59:53:a1: 27:5d:58:e9:25:85:03:79:82:1e:24:bd:1a:e9:b0: 92:5e:6d:52:1f:36:43:6d:77:86:ca:e3:2c:0e:68: 4c:88:41:85:98:82:a1:3c:31:75:be:5e:36:d5:cf: 1d:7c:7f:9d:b5:3e:f3:d5:47:71:cf:7b:d6:80:5f: b4:b1:15:12:d0:fe:9b:83:c0:eb:c5:2e:49:97:82: e0:2b:8b:c2:12:1c:74:02:42:80:44:f7:e8:e3:1b: 9a:9a:f0:f0:67:6e:4a:ab:71:4f:8a:69:7e:ed:ad: a1:84:30:42:28:58:b4:cb:65:da:23:de:6f:12:0e: 01:05:7c:32:c3:62:10:c4:7e:f8:d1:16:98:7d:af: e5:df:6b:35:4b:b3:e5:88:52:3e:20:29:b9:3a:22: d9:2d:f3:65:34:10:48:e7:fd:a1:de:b3:9a:e5:ee: ca:7d:bf:69:3c:40:8d:79:28:98:48:6a:1c:5c:01: fc:79:93:99:0c:14:72:33:30:63:af:94:42:d7:2d: f8:66:87:3d:e7:d8:b3:6e:6b:2a:a1:45:98:fa:eb: fe:17:17:aa:24:4f:c4:2e:64:c0:b9:1a:ae:95:f5: ab:99:2c:07:f2:3e:b8:88:85:e2:c7:a7:21:a9:4e: 17:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:1C:6F:DD:40:D0:50:47:68:49:B5:8E:B1:37:DC:34:3F:4F:E9:B0 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/14518d87-9a80-47da-80c6-efeb62f0643b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0f0:3::/48 Signature Algorithm: sha256WithRSAEncryption 2a:88:13:a6:26:a4:99:3e:5d:6d:b1:c5:df:c3:48:b1:40:ed: ea:e1:70:21:00:b6:51:02:76:52:2f:0a:e5:8d:e4:f0:1b:41: 12:92:b8:9a:56:1f:2c:ff:b3:73:56:73:6e:85:8e:86:e3:ff: 23:73:20:78:df:63:69:80:df:5c:93:0f:06:ae:82:0f:59:d6: 78:fc:c4:6a:7d:3e:35:c2:07:33:42:ca:5b:b6:ef:c1:ca:67: f3:fa:60:51:3a:bc:4b:5c:d6:54:62:7a:dd:29:6d:a8:6e:ab: 74:16:85:90:31:b7:7c:31:d1:fd:b7:26:08:10:cc:e1:58:0a: 30:89:ab:8f:50:5c:b5:d4:a6:2f:b2:7a:d2:f1:a6:d2:9a:16: 90:2a:96:3f:04:eb:e9:0c:1a:57:66:89:86:96:b2:ff:10:e3: bf:37:3d:7a:7b:cb:75:f7:81:d6:c1:34:77:af:c8:23:85:99: 67:09:d9:3e:81:87:ab:63:95:3d:86:d8:23:39:23:ef:3d:80: 40:fb:63:e7:9d:17:0a:3d:33:b5:c7:35:82:01:39:24:b6:b4: e5:e7:39:0b:ba:76:af:2d:dc:aa:5f:1c:c4:2d:aa:ef:fd:ba: b9:1b:01:8b:aa:40:db:1f:dc:80:a3:f7:07:49:6d:bd:e9:f2: 0f:ca:10:b5 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUalOihvJXZqSYJ8cXB5stF+DaMEgwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNTIwMTgwMDU3WhcNMjUwNjI0MjM1OTU5 WjB6MUkwRwYDVQQFE0BlZDY0YmQ0NDgyY2E5MjhjZDkyY2YwMWEwY2VjMWU4Yjk5 Y2FiYjllZDdiYWI5OTU5ZTJkZjhkMDk2ZjdlMTk4MS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQC7WURDkkRJRhz/eFlToSddWOklhQN5gh4kvRrpsJJebVIf NkNtd4bK4ywOaEyIQYWYgqE8MXW+XjbVzx18f521PvPVR3HPe9aAX7SxFRLQ/puD wOvFLkmXguAri8ISHHQCQoBE9+jjG5qa8PBnbkqrcU+KaX7traGEMEIoWLTLZdoj 3m8SDgEFfDLDYhDEfvjRFph9r+XfazVLs+WIUj4gKbk6Itkt82U0EEjn/aHes5rl 7sp9v2k8QI15KJhIahxcAfx5k5kMFHIzMGOvlELXLfhmhz3n2LNuayqhRZj66/4X F6okT8QuZMC5Gq6V9auZLAfyPriIheLHpyGpTheXAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQU7hxv3UDQUEdoSbWOsTfcND9P6bAwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2LzE0NTE4ZDg3LTlhODAtNDdkYS04MGM2LWVmZWI2MmYwNjQzYi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwAmAPDwAAMwDQYJKoZIhvcNAQELBQADggEBACqIE6YmpJk+XW2xxd/DSLFA 7erhcCEAtlECdlIvCuWN5PAbQRKSuJpWHyz/s3NWc26Fjobj/yNzIHjfY2mA31yT Dwaugg9Z1nj8xGp9PjXCBzNCylu278HKZ/P6YFE6vEtc1lRiet0pbahuq3QWhZAx t3wx0f23JggQzOFYCjCJq49QXLXUpi+yetLxptKaFpAqlj8E6+kMGldmiYaWsv8Q 4783PXp7y3X3gdbBNHevyCOFmWcJ2T6Bh6tjlT2G2CM5I+89gED7Y+edFwo9M7XH NYIBOSS2tOXnOQu6dq8t3KpfHMQtqu/9urkbAYuqQNsf3ICj9wdJbb3p8g/KELU= -----END CERTIFICATE-----Generated at Mon Jun 2 16:54:49 2025 by rpki-client