$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c95d920e-7e95-4907-9edf-29509d14ad36.roa File: c95d920e-7e95-4907-9edf-29509d14ad36.roa (raw, json) Hash identifier: xhlZx6r0tL4xQVII1+WQN9KwjavN+OoRFS5RXRE3dUU= Subject key identifier: 5D:CF:DA:C3:EB:25:10:EE:2F:68:A7:2D:7C:74:C2:10:5D:A8:6C:72 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 1917D7DB244D312330093F1FE5E2A02ABA957445 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c95d920e-7e95-4907-9edf-29509d14ad36.roa Signing time: Mon 06 Jan 2025 00:00:00 +0000 ROA not before: Mon 06 Jan 2025 00:00:00 +0000 ROA not after: Mon 10 Feb 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2600:f0fb:eb00::/42 maxlen: 42 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 06 Feb 2025 21:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:17:d7:db:24:4d:31:23:30:09:3f:1f:e5:e2:a0:2a:ba:95:74:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Jan 6 00:00:00 2025 GMT Not After : Feb 10 23:59:59 2025 GMT Subject: CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fd:58:cd:4a:89:6d:ce:91:d3:b4:f5:e7:99:26: 78:85:77:27:9a:f6:cf:86:08:03:12:80:91:8e:69: be:7d:92:46:37:63:45:ef:c9:26:4a:d0:b0:24:7d: 75:a0:0a:d7:21:97:7c:fa:85:cc:cd:e0:2a:f9:e2: 50:8a:8a:30:a5:b4:39:cb:0b:b7:3c:69:96:17:13: f9:86:fb:17:a4:7e:2f:35:dd:7e:42:66:1c:4c:40: a1:1d:59:88:9e:58:e3:08:c5:6e:75:ce:3e:91:26: 4c:d2:c6:9e:72:56:29:3c:14:51:7d:a9:c9:7c:7e: aa:3e:c3:6c:47:ab:82:b5:98:f4:ea:b5:e0:ae:98: 57:91:9c:52:85:71:7d:82:c3:87:19:45:57:f2:2b: 50:f2:a3:85:80:17:b8:fa:73:b2:af:6c:35:71:f8: ac:d9:4b:0f:5d:b1:b7:60:ba:ba:ed:84:e6:dd:22: 0c:86:b1:c0:5a:d4:ff:84:10:d5:be:8b:7d:70:7f: ea:ed:c0:45:ca:e6:34:c6:c8:bc:5e:31:17:f0:9b: 11:af:c4:45:71:28:a4:75:37:43:e0:02:b2:2b:47: 48:02:fa:2f:6e:81:9f:93:8a:57:5e:57:9e:a9:13: c9:48:1d:0e:16:9b:9b:70:23:85:db:fd:c1:65:55: 24:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:CF:DA:C3:EB:25:10:EE:2F:68:A7:2D:7C:74:C2:10:5D:A8:6C:72 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c95d920e-7e95-4907-9edf-29509d14ad36.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0fb:eb00::/42 Signature Algorithm: sha256WithRSAEncryption 61:f4:53:06:43:61:c5:34:22:7e:1a:bf:85:f9:60:bf:c0:18: e8:e8:58:a1:0c:95:f8:11:4e:d9:eb:d0:b5:a7:f4:3f:1d:0f: ca:af:d1:df:e2:9d:de:fd:93:71:4f:f5:bb:bb:b0:67:b4:38: 44:cd:ce:98:37:33:94:ec:58:b5:25:26:f3:d7:e5:b7:fc:e1: 88:bf:c9:72:9f:c1:0e:cb:0a:cf:4a:ff:a2:8a:77:8f:30:94: 41:fa:d5:6f:24:76:a2:d5:bb:b9:7d:9c:f0:ae:a3:0b:9a:01: bd:1c:47:8d:dd:44:d7:82:cf:c0:00:f1:6b:ae:d2:48:22:30: 43:ac:7b:1f:a4:03:bb:29:c1:fe:28:7e:25:3b:98:e3:7b:3f: a9:16:c7:e6:e8:68:80:83:22:c9:df:d2:05:7d:be:02:05:c8: d4:fb:e2:82:47:09:b7:1f:4d:fa:c7:01:bc:8d:ec:10:50:85: aa:cb:99:b4:8f:34:5d:08:be:fe:81:ce:e7:54:6d:80:b3:f8: 3e:7f:70:36:90:af:3a:a2:5e:f1:f6:c8:06:67:b9:2c:cf:b7: ad:cf:5c:dc:92:87:58:9a:ad:16:a7:63:98:b3:d9:d6:47:ea: a7:96:a5:33:83:19:da:5e:ff:d4:0b:bf:2b:22:0b:fe:5f:07: e4:36:d9:d8 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUGRfX2yRNMSMwCT8f5eKgKrqVdEUwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5 WjB6MUkwRwYDVQQFE0BhM2FkYjBhMmFjY2Y1YzdlNDk5ZGM3NzIyNWY3NjZiMTBl ODE0ZjZmYzNhYTJiMWJhNmE4ZWI2M2U4NmU2M2UyMS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQD9WM1KiW3OkdO09eeZJniFdyea9s+GCAMSgJGOab59kkY3 Y0XvySZK0LAkfXWgCtchl3z6hczN4Cr54lCKijCltDnLC7c8aZYXE/mG+xekfi81 3X5CZhxMQKEdWYieWOMIxW51zj6RJkzSxp5yVik8FFF9qcl8fqo+w2xHq4K1mPTq teCumFeRnFKFcX2Cw4cZRVfyK1Dyo4WAF7j6c7KvbDVx+KzZSw9dsbdgurrthObd IgyGscBa1P+EENW+i31wf+rtwEXK5jTGyLxeMRfwmxGvxEVxKKR1N0PgArIrR0gC +i9ugZ+TildeV56pE8lIHQ4Wm5twI4Xb/cFlVSRbAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUXc/aw+slEO4vaKctfHTCEF2obHIwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2L2M5NWQ5MjBlLTdlOTUtNDkwNy05ZWRmLTI5NTA5ZDE0YWQzNi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwYmAPD76wAwDQYJKoZIhvcNAQELBQADggEBAGH0UwZDYcU0In4av4X5YL/A GOjoWKEMlfgRTtnr0LWn9D8dD8qv0d/ind79k3FP9bu7sGe0OETNzpg3M5TsWLUl JvPX5bf84Yi/yXKfwQ7LCs9K/6KKd48wlEH61W8kdqLVu7l9nPCuowuaAb0cR43d RNeCz8AA8Wuu0kgiMEOsex+kA7spwf4ofiU7mON7P6kWx+boaICDIsnf0gV9vgIF yNT74oJHCbcfTfrHAbyN7BBQharLmbSPNF0Ivv6BzudUbYCz+D5/cDaQrzqiXvH2 yAZnuSzPt63PXNySh1iarRanY5iz2dZH6qeWpTODGdpe/9QLvysiC/5fB+Q22dg= -----END CERTIFICATE-----Generated at Wed Feb 5 09:43:57 2025 by rpki-client