$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/bf3aefd7-144a-4210-8532-a7b6e0533dd6.roa File: bf3aefd7-144a-4210-8532-a7b6e0533dd6.roa (raw, json) Hash identifier: QlyyoDd4CZOXArXS3Bzpww/RfyITLmWFNywX64duo5M= Subject key identifier: 6F:52:7D:82:9F:72:13:91:AA:F0:40:FC:8C:86:EE:C0:CE:4B:7D:00 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 1B18C68353BD0E7422060EEF548A9C3BCE65E2C5 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/bf3aefd7-144a-4210-8532-a7b6e0533dd6.roa Signing time: Tue 20 May 2025 18:10:51 +0000 ROA not before: Tue 20 May 2025 18:10:51 +0000 ROA not after: Tue 24 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:f0fb:e700::/42 maxlen: 42 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Wed 04 Jun 2025 22:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:18:c6:83:53:bd:0e:74:22:06:0e:ef:54:8a:9c:3b:ce:65:e2:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: May 20 18:10:51 2025 GMT Not After : Jun 24 23:59:59 2025 GMT Subject: serialNumber=a0a6e1faf66571dcca810b0ff5f891ea6bdfd144d43f300fb43d8f625c9dd371, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:91:7e:d7:67:6c:c1:cd:75:2d:a2:cf:f9:8a: 3d:ba:0d:47:8b:ee:64:7e:83:99:3a:93:9f:e0:ac: fa:e1:ae:dc:a6:57:c5:94:58:19:da:84:ca:2d:fb: 16:94:58:40:61:54:10:8d:9e:af:69:00:01:bd:56: df:e2:6d:67:fb:2e:0f:be:ff:64:f2:40:6a:3d:32: 3d:6b:65:91:02:16:ea:1e:12:4a:38:b6:51:fa:5f: 00:60:71:fc:4b:62:ab:df:c3:be:f1:b4:ee:ac:35: fb:32:d4:16:69:64:be:56:3b:60:98:27:34:2b:c5: 01:ff:5b:bf:98:ae:e4:fa:2c:d1:b1:cc:11:a2:9f: e7:fe:76:15:93:09:9b:5f:9f:3f:9a:44:f4:a2:8f: a0:1d:5d:14:8a:62:38:8d:b1:09:a8:12:e8:07:10: c3:9d:c4:11:7e:56:6b:fb:16:a8:25:62:db:5b:cc: 89:4f:fc:7f:48:c0:59:0d:9c:48:2d:5a:04:a4:8b: 74:62:11:55:fe:09:41:e0:80:26:ca:85:5b:38:c8: be:83:7a:aa:57:ca:c0:4b:c0:df:08:bb:06:0c:1b: 43:09:1f:5f:2a:17:55:b6:ae:07:05:e7:06:92:5c: 0a:55:db:f4:72:ed:ac:b4:06:ef:a2:48:bc:ff:27: c2:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:52:7D:82:9F:72:13:91:AA:F0:40:FC:8C:86:EE:C0:CE:4B:7D:00 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/bf3aefd7-144a-4210-8532-a7b6e0533dd6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0fb:e700::/42 Signature Algorithm: sha256WithRSAEncryption 7c:c0:f6:20:79:0e:3e:69:fe:e1:66:1f:86:8c:47:ce:ff:d3: 1a:00:08:62:30:8d:7c:cd:3d:65:09:f3:4c:c7:7b:e2:d0:47: e2:84:25:2d:19:c8:eb:b6:ab:68:23:5e:07:76:16:c2:f8:34: 70:ba:f0:ac:43:dc:69:9b:d0:63:fe:88:0d:e1:cc:0a:4e:bf: 7a:e2:2c:a8:07:bf:2d:d1:12:f5:45:55:4f:4a:71:49:a2:b8: 5d:f8:d2:62:05:74:fa:9e:a2:cb:23:25:c0:54:2d:48:1a:d2: 03:85:b5:b5:52:0a:69:5c:d5:63:65:40:47:7a:65:59:80:0c: 4e:6d:73:ec:d4:52:23:04:45:7f:db:7e:a5:d4:8f:a8:17:40: ec:93:c9:5d:89:a1:2d:cf:8f:2f:66:a2:b1:2c:54:5a:5e:85: 9b:dd:2e:e6:84:bb:4c:b7:34:0e:01:d1:b3:94:8d:be:ac:ee: 9f:44:e2:49:5a:e2:54:a6:6b:dc:a6:3f:0e:12:33:6f:91:ae: 06:f2:e9:e2:d6:19:c6:15:ca:26:a3:4a:03:a0:47:9a:72:35: 1d:b4:88:f9:89:e5:d5:ae:6a:bf:5a:01:f8:b3:2b:e1:e4:3a: a0:63:08:c0:af:2a:f9:66:35:c0:ca:66:42:08:d2:7b:bb:a1: b9:8a:c6:02 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUGxjGg1O9DnQiBg7vVIqcO85l4sUwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNTIwMTgxMDUxWhcNMjUwNjI0MjM1OTU5 WjB6MUkwRwYDVQQFE0BhMGE2ZTFmYWY2NjU3MWRjY2E4MTBiMGZmNWY4OTFlYTZi ZGZkMTQ0ZDQzZjMwMGZiNDNkOGY2MjVjOWRkMzcxMS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCmkX7XZ2zBzXUtos/5ij26DUeL7mR+g5k6k5/grPrhrtym V8WUWBnahMot+xaUWEBhVBCNnq9pAAG9Vt/ibWf7Lg++/2TyQGo9Mj1rZZECFuoe Eko4tlH6XwBgcfxLYqvfw77xtO6sNfsy1BZpZL5WO2CYJzQrxQH/W7+YruT6LNGx zBGin+f+dhWTCZtfnz+aRPSij6AdXRSKYjiNsQmoEugHEMOdxBF+Vmv7FqglYttb zIlP/H9IwFkNnEgtWgSki3RiEVX+CUHggCbKhVs4yL6DeqpXysBLwN8IuwYMG0MJ H18qF1W2rgcF5waSXApV2/Ry7ay0Bu+iSLz/J8JnAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUb1J9gp9yE5Gq8ED8jIbuwM5LfQAwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2L2JmM2FlZmQ3LTE0NGEtNDIxMC04NTMyLWE3YjZlMDUzM2RkNi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwYmAPD75wAwDQYJKoZIhvcNAQELBQADggEBAHzA9iB5Dj5p/uFmH4aMR87/ 0xoACGIwjXzNPWUJ80zHe+LQR+KEJS0ZyOu2q2gjXgd2FsL4NHC68KxD3Gmb0GP+ iA3hzApOv3riLKgHvy3REvVFVU9KcUmiuF340mIFdPqeossjJcBULUga0gOFtbVS Cmlc1WNlQEd6ZVmADE5tc+zUUiMERX/bfqXUj6gXQOyTyV2JoS3Pjy9morEsVFpe hZvdLuaEu0y3NA4B0bOUjb6s7p9E4kla4lSma9ymPw4SM2+Rrgby6eLWGcYVyiaj SgOgR5pyNR20iPmJ5dWuar9aAfizK+HkOqBjCMCvKvlmNcDKZkII0nu7obmKxgI= -----END CERTIFICATE-----Generated at Mon Jun 2 16:47:04 2025 by rpki-client