$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/73712e14-51d5-41db-bcf2-73aa504e6eab.roa File: 73712e14-51d5-41db-bcf2-73aa504e6eab.roa (raw, json) Hash identifier: xOci+HUWuWXlYPk6I3/0SgGiD5EQK8KwiTX/xHmVlB8= Subject key identifier: 10:A3:0D:D9:E1:F9:2B:FE:DD:E3:4B:24:11:C8:1D:D2:23:09:88:BC Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 3C1981C9C2BA3673187C789305E13FB994C6D953 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/73712e14-51d5-41db-bcf2-73aa504e6eab.roa Signing time: Tue 04 Mar 2025 23:10:00 +0000 ROA not before: Tue 04 Mar 2025 23:10:00 +0000 ROA not after: Tue 08 Apr 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2600:f0f0:80::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sat 15 Mar 2025 13:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:19:81:c9:c2:ba:36:73:18:7c:78:93:05:e1:3f:b9:94:c6:d9:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Mar 4 23:10:00 2025 GMT Not After : Apr 8 23:59:59 2025 GMT Subject: CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:b3:10:16:ba:8b:d4:7c:f6:23:01:42:42:9a: d2:35:e2:83:86:1c:b8:50:95:7a:55:90:48:05:f8: ed:66:1e:34:eb:75:ab:6f:0e:3d:52:f0:ea:f0:a5: ae:50:79:87:21:aa:35:5f:9a:a9:a9:3e:78:45:54: cd:f2:c1:aa:4f:08:f2:25:e8:88:9a:09:ab:8b:55: c0:4e:69:ae:96:3f:23:61:19:26:67:1e:e3:0a:4f: 12:63:64:cc:06:32:f7:a7:28:9e:1d:aa:b7:8d:29: 7d:b2:70:77:99:61:cf:84:a1:33:8d:c8:bf:bf:b1: 1d:91:cd:5a:77:af:bb:83:55:70:80:5e:6d:81:80: f0:7c:f9:83:56:b0:28:46:eb:cc:9e:8f:d1:50:9d: 6a:2f:60:e1:59:06:fd:67:8e:d7:cc:41:3a:7a:b0: eb:51:f0:3d:02:5e:23:50:72:75:5e:6e:3c:7f:d6: da:48:14:6d:60:19:62:5c:33:23:fa:ee:e8:de:78: c9:7d:b1:47:fd:65:bc:02:92:5a:dd:36:a1:ae:61: 73:4b:df:93:5e:ab:25:aa:5d:56:ca:eb:de:f7:a3: 51:86:ab:a0:a8:5a:4e:c3:7a:a4:c9:48:45:f8:cc: 1c:32:24:a8:d3:11:ad:59:1a:4b:82:ca:49:ee:0d: c8:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:A3:0D:D9:E1:F9:2B:FE:DD:E3:4B:24:11:C8:1D:D2:23:09:88:BC X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/73712e14-51d5-41db-bcf2-73aa504e6eab.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0f0:80::/48 Signature Algorithm: sha256WithRSAEncryption 8c:cc:e2:6e:63:50:55:08:f1:c1:01:93:98:11:c8:fb:3e:f0: 42:c0:66:af:38:6f:29:51:af:cb:51:7d:62:56:fc:3b:99:8c: 83:ff:df:7b:d0:eb:a0:c5:13:2b:1a:b8:f3:91:8c:5a:b0:77: dd:a1:be:59:cd:d2:fb:4e:48:1b:ea:e0:9a:09:44:41:d5:d1: a2:42:e8:1a:30:1a:6c:0a:d9:24:9a:e5:d5:7d:0f:a1:d5:a8: 37:e3:9c:2d:a2:86:f1:8d:11:ad:1e:4e:f2:90:b4:a6:fd:df: 0d:65:22:17:86:d9:72:cc:13:f2:e3:40:ca:88:e8:26:c1:a6: 79:07:67:2e:8a:c9:37:72:bb:ab:8a:f8:d3:dd:87:7c:55:3c: 40:ac:31:30:2e:57:9c:2f:15:dd:d1:a6:9b:60:ee:b8:9c:bb: a9:0c:8d:4b:a3:a6:7e:33:09:82:52:66:ff:82:d6:a5:6e:d6: d8:24:75:1d:94:a2:97:76:1d:50:2c:b0:dc:ac:02:7d:5d:d2: f6:bf:0c:ec:7a:44:59:8b:8b:b0:13:47:1e:d1:77:e4:40:98: 5b:1d:f9:19:53:e7:7e:82:3c:fa:6c:4a:a2:7b:95:36:ca:bb: ef:b0:34:8e:a8:93:4c:24:e2:f2:68:19:3b:6f:e9:f3:c6:22: 92:fa:a2:e1 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUPBmBycK6NnMYfHiTBeE/uZTG2VMwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMzA0MjMxMDAwWhcNMjUwNDA4MjM1OTU5 WjB6MUkwRwYDVQQFE0BlMDEzZmNhN2JiOWNiOGQ3OGU3NzRmOWJmMjAyNzAzMWVl YTg0ZWRiYTc1MWE1NjczZmZhNzk5OWVlOWM5Y2E5MS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQC7sxAWuovUfPYjAUJCmtI14oOGHLhQlXpVkEgF+O1mHjTr datvDj1S8Orwpa5QeYchqjVfmqmpPnhFVM3ywapPCPIl6IiaCauLVcBOaa6WPyNh GSZnHuMKTxJjZMwGMvenKJ4dqreNKX2ycHeZYc+EoTONyL+/sR2RzVp3r7uDVXCA Xm2BgPB8+YNWsChG68yej9FQnWovYOFZBv1njtfMQTp6sOtR8D0CXiNQcnVebjx/ 1tpIFG1gGWJcMyP67ujeeMl9sUf9ZbwCklrdNqGuYXNL35NeqyWqXVbK6973o1GG q6CoWk7DeqTJSEX4zBwyJKjTEa1ZGkuCyknuDcg1AgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUEKMN2eH5K/7d40skEcgd0iMJiLwwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2LzczNzEyZTE0LTUxZDUtNDFkYi1iY2YyLTczYWE1MDRlNmVhYi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwAmAPDwAIAwDQYJKoZIhvcNAQELBQADggEBAIzM4m5jUFUI8cEBk5gRyPs+ 8ELAZq84bylRr8tRfWJW/DuZjIP/33vQ66DFEysauPORjFqwd92hvlnN0vtOSBvq 4JoJREHV0aJC6BowGmwK2SSa5dV9D6HVqDfjnC2ihvGNEa0eTvKQtKb93w1lIheG 2XLME/LjQMqI6CbBpnkHZy6KyTdyu6uK+NPdh3xVPECsMTAuV5wvFd3Rpptg7ric u6kMjUujpn4zCYJSZv+C1qVu1tgkdR2Uopd2HVAssNysAn1d0va/DOx6RFmLi7AT Rx7Rd+RAmFsd+RlT536CPPpsSqJ7lTbKu++wNI6ok0wk4vJoGTtv6fPGIpL6ouE= -----END CERTIFICATE-----Generated at Thu Mar 13 23:49:03 2025 by rpki-client