$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b711b513-e0f0-4a59-a188-036dda4ade5a.roa File: b711b513-e0f0-4a59-a188-036dda4ade5a.roa (raw, json) Hash identifier: buZWEfxJzfjE8+0iOmtQBpiMyXKUvfOP5VuOGlzRwhk= Subject key identifier: C1:F4:F2:CC:DB:DF:F9:DA:69:74:F3:23:74:EC:7A:35:D3:AF:61:06 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 5864DEEE266A955498409C66437A6CFB911C2D9E Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b711b513-e0f0-4a59-a188-036dda4ade5a.roa Signing time: Tue 20 May 2025 18:10:21 +0000 ROA not before: Tue 20 May 2025 18:10:21 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:f0fb:ef00::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 05 Jun 2025 13:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:64:de:ee:26:6a:95:54:98:40:9c:66:43:7a:6c:fb:91:1c:2d:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: May 20 18:10:21 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=740c3f9e25f172b8c4f1628637b57d91e707f8ad6f5af87ca4f5682731969edc, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:6a:7a:e5:26:45:6f:74:ce:9e:f8:f4:af:b5: 7a:fd:db:12:3e:a8:ab:95:86:98:84:90:9b:52:05: aa:70:3a:7d:0b:51:f9:e6:c2:79:54:01:70:1a:a6: d2:8d:cf:22:31:fb:ec:1d:d3:79:93:d7:c0:13:0f: f9:14:47:f7:b8:d0:21:6a:03:c9:0e:f8:50:28:b4: cc:1e:6a:bb:03:b1:e4:e4:d1:32:16:b7:e7:f0:53: f3:c9:ad:67:f0:57:9e:ea:f2:97:44:1b:c5:61:4b: 11:43:ae:93:80:b0:f8:76:b3:2e:ee:0b:97:4e:20: c6:71:63:1d:00:27:ea:b9:9e:df:f8:b9:45:09:dc: ef:9c:d5:54:1f:d2:a6:58:7c:b4:3f:88:30:22:05: cc:2c:57:20:89:d4:91:10:5c:b2:79:de:39:a9:2b: 2f:e3:71:46:dc:ce:dc:61:12:96:9c:60:9c:fe:18: b8:46:3c:cb:04:c2:cd:a7:01:08:7b:86:d7:7b:5b: d2:54:bb:e2:c8:47:da:71:00:40:00:88:67:1c:cb: 11:da:73:67:ce:84:af:4c:1b:34:eb:d2:67:aa:fc: 63:54:ec:f7:6b:9b:fa:32:e3:73:fd:12:c4:05:58: ab:27:c4:8f:32:ac:50:2c:45:77:06:39:18:8c:4a: 6c:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:F4:F2:CC:DB:DF:F9:DA:69:74:F3:23:74:EC:7A:35:D3:AF:61:06 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/b711b513-e0f0-4a59-a188-036dda4ade5a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0fb:ef00::/40 Signature Algorithm: sha256WithRSAEncryption 05:39:77:84:eb:c7:50:73:95:4b:e2:7a:0a:64:33:7e:5f:e4: 82:b0:3c:6f:2a:12:5c:ee:6b:ae:20:d6:e5:cf:c8:b1:cd:dd: 54:68:70:53:7f:d0:01:26:c1:cd:0f:4e:05:4a:9c:da:cd:43: b4:37:1a:9a:73:63:3c:81:20:ae:2c:3e:ef:59:93:b1:bb:a8: 36:e1:1c:46:cd:0e:b5:b4:20:92:fd:a2:14:8c:c3:e5:e4:1b: 9b:cf:57:3b:9d:76:c5:84:41:1d:52:66:12:26:04:b9:5e:d8: e4:99:a8:37:a8:de:c2:e0:2f:82:f5:a7:e5:78:32:cf:57:41: 00:b5:83:dd:80:48:16:3f:bc:cd:c8:8c:84:9e:85:a7:a5:bc: 0c:95:27:0d:bc:c3:59:bc:f3:7d:9d:ff:60:cc:1c:d5:3a:8b: 50:2a:ba:67:42:0f:d7:3e:c2:cc:74:04:d7:d6:86:3d:cd:09: 15:3e:56:3e:f5:8c:cb:51:c9:a7:3c:dd:c3:2f:d6:29:79:59: 31:b3:e0:b9:63:70:4d:0c:d3:78:d8:0e:08:a5:af:3f:f6:21: 15:e7:aa:48:57:04:75:09:8b:6e:9a:0b:d9:20:6f:56:9d:d5: 9a:2a:cf:1c:c1:a4:7a:d5:29:98:fc:ef:09:88:cf:36:3a:4a: f8:a3:3c:26 -----BEGIN CERTIFICATE----- MIIF+jCCBOKgAwIBAgIUWGTe7iZqlVSYQJxmQ3ps+5EcLZ4wDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNTIwMTgxMDIxWhcNMjUwNjI0MjM1OTU5 WjB6MUkwRwYDVQQFE0A3NDBjM2Y5ZTI1ZjE3MmI4YzRmMTYyODYzN2I1N2Q5MWU3 MDdmOGFkNmY1YWY4N2NhNGY1NjgyNzMxOTY5ZWRjMS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCmanrlJkVvdM6e+PSvtXr92xI+qKuVhpiEkJtSBapwOn0L UfnmwnlUAXAaptKNzyIx++wd03mT18ATD/kUR/e40CFqA8kO+FAotMwearsDseTk 0TIWt+fwU/PJrWfwV57q8pdEG8VhSxFDrpOAsPh2sy7uC5dOIMZxYx0AJ+q5nt/4 uUUJ3O+c1VQf0qZYfLQ/iDAiBcwsVyCJ1JEQXLJ53jmpKy/jcUbcztxhEpacYJz+ GLhGPMsEws2nAQh7htd7W9JUu+LIR9pxAEAAiGccyxHac2fOhK9MGzTr0meq/GNU 7Pdrm/oy43P9EsQFWKsnxI8yrFAsRXcGORiMSmwTAgMBAAGjggKzMIICrzAdBgNV HQ4EFgQUwfTyzNvf+dppdPMjdOx6NdOvYQYwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2L2I3MTFiNTEzLWUwZjAtNGE1OS1hMTg4LTAzNmRkYTRhZGU1YS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAmAPD77zANBgkqhkiG9w0BAQsFAAOCAQEABTl3hOvHUHOVS+J6CmQzfl/k grA8byoSXO5rriDW5c/Isc3dVGhwU3/QASbBzQ9OBUqc2s1DtDcamnNjPIEgriw+ 71mTsbuoNuEcRs0OtbQgkv2iFIzD5eQbm89XO512xYRBHVJmEiYEuV7Y5JmoN6je wuAvgvWn5Xgyz1dBALWD3YBIFj+8zciMhJ6Fp6W8DJUnDbzDWbzzfZ3/YMwc1TqL UCq6Z0IP1z7CzHQE19aGPc0JFT5WPvWMy1HJpzzdwy/WKXlZMbPguWNwTQzTeNgO CKWvP/YhFeeqSFcEdQmLbpoL2SBvVp3VmirPHMGketUpmPzvCYjPNjpK+KM8Jg== -----END CERTIFICATE-----Generated at Wed Jun 4 11:07:53 2025 by rpki-client