$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f30a276d-715e-46ee-8158-fd4576a10978.roa File: f30a276d-715e-46ee-8158-fd4576a10978.roa (raw, json) Hash identifier: idXuIo4Q/KnzH1dMRUcNhE0+k0K1QwcDa4pwe0Y//tw= Subject key identifier: 6C:6C:89:92:2E:E7:94:93:E9:A3:0A:1B:28:29:27:DA:B9:39:67:36 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 7CF2D9EC8BCB7B94D149ECEB6F3805FB9A96FE7B Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f30a276d-715e-46ee-8158-fd4576a10978.roa Signing time: Mon 06 Jan 2025 00:00:00 +0000 ROA not before: Mon 06 Jan 2025 00:00:00 +0000 ROA not after: Mon 10 Feb 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2600:f0fb:ec00::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 06 Feb 2025 21:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:f2:d9:ec:8b:cb:7b:94:d1:49:ec:eb:6f:38:05:fb:9a:96:fe:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Jan 6 00:00:00 2025 GMT Not After : Feb 10 23:59:59 2025 GMT Subject: CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:ca:35:c8:14:a5:b6:39:8f:cf:ce:d5:2f:08: 1e:d5:1f:c7:29:41:63:60:1a:21:5e:5d:a3:68:83: 23:6c:68:3f:5a:77:fb:91:90:82:43:b7:b7:a5:f8: 3c:e3:df:28:3e:ef:1f:8d:b5:26:79:10:59:d9:14: 89:f4:ab:6e:05:07:ff:43:c3:6a:00:57:f6:7d:e3: ef:22:53:d9:dc:38:49:b8:9b:47:ba:21:2e:be:84: 2e:0e:9f:45:65:36:17:49:8d:7c:e2:41:e2:e9:96: 75:55:a6:29:e0:71:39:4b:3b:3e:de:cf:7d:ca:96: 81:10:00:47:2b:c4:45:5b:3a:a0:42:da:6e:94:3b: 2e:55:1f:06:7d:1e:c1:8c:8a:60:77:31:74:53:3c: 4e:c5:66:2d:d8:cb:e4:4f:2c:7e:cd:c2:fa:54:4f: b8:be:ec:d8:39:67:20:f6:5f:d1:15:ad:98:73:52: aa:26:5e:df:85:51:6a:38:91:80:b4:1d:0e:97:a9: 1f:4f:0e:cf:77:4e:b9:36:34:d8:b5:32:6f:01:1d: f4:76:2b:df:5e:b0:0e:32:6e:f3:94:d6:8b:03:88: b6:50:34:88:83:3a:30:a3:db:6f:9e:6e:70:c6:d9: 2d:ce:d0:1d:d7:a0:1f:c0:0d:a5:a3:e9:c5:0b:2d: a4:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:6C:89:92:2E:E7:94:93:E9:A3:0A:1B:28:29:27:DA:B9:39:67:36 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f30a276d-715e-46ee-8158-fd4576a10978.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0fb:ec00::/40 Signature Algorithm: sha256WithRSAEncryption 1d:17:42:98:63:b1:1f:3c:37:19:e9:94:61:77:0e:d7:49:1d: a2:74:54:e7:26:ec:8d:d1:69:8c:df:95:4e:6c:2a:80:c3:57: 49:db:a2:49:fb:0c:7d:0f:ed:dc:63:8c:3a:da:26:fb:bc:e7: 79:40:6c:cd:d9:9b:93:f8:c9:92:14:d4:c2:1f:ca:0b:41:48: 75:26:96:17:d5:38:61:75:db:72:8d:3d:d8:4c:71:1e:f1:48: ee:ef:5f:16:65:4c:2a:0e:1c:6c:3a:74:af:91:9b:d8:dc:a2: 56:58:7f:91:a3:59:1e:7b:c7:02:09:2c:5e:c1:52:a6:35:20: 64:6c:18:98:82:fc:23:4d:1e:31:b0:d2:7c:1c:3d:7b:d5:6b: 1b:53:6b:3d:59:ef:99:d4:a0:f1:33:c0:bb:8a:6b:ea:82:49: b6:3f:84:4d:3a:ea:60:a5:c4:31:6a:75:3c:62:2d:14:b4:9c: 48:c6:22:bd:f5:d5:45:f9:ab:06:41:e1:71:54:2e:23:99:5f: 40:88:df:07:27:f2:67:f6:be:59:d1:e6:d1:b8:b5:a5:ed:a2: a8:f2:5c:ef:d8:a8:85:3f:8f:8b:63:47:cd:29:fd:91:ba:5f: e5:d4:7a:02:aa:fc:ca:ed:9f:2a:73:81:f4:0c:26:82:83:3e: 33:92:9d:e0 -----BEGIN CERTIFICATE----- MIIF+jCCBOKgAwIBAgIUfPLZ7IvLe5TRSezrbzgF+5qW/nswDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5 WjB6MUkwRwYDVQQFE0AwZDNmNmYzMjhmMWI3ODY2ZWYxN2FhM2IzMzY4YjNiNzY1 NjI0NzI0NDA0YjQ4N2JhNGQzNWUzZmFiZjg5MTdkMS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDJyjXIFKW2OY/PztUvCB7VH8cpQWNgGiFeXaNogyNsaD9a d/uRkIJDt7el+Dzj3yg+7x+NtSZ5EFnZFIn0q24FB/9Dw2oAV/Z94+8iU9ncOEm4 m0e6IS6+hC4On0VlNhdJjXziQeLplnVVpingcTlLOz7ez33KloEQAEcrxEVbOqBC 2m6UOy5VHwZ9HsGMimB3MXRTPE7FZi3Yy+RPLH7NwvpUT7i+7Ng5ZyD2X9EVrZhz UqomXt+FUWo4kYC0HQ6XqR9PDs93Trk2NNi1Mm8BHfR2K99esA4ybvOU1osDiLZQ NIiDOjCj22+ebnDG2S3O0B3XoB/ADaWj6cULLaQ5AgMBAAGjggKzMIICrzAdBgNV HQ4EFgQUbGyJki7nlJPpowobKCkn2rk5ZzYwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2L2YzMGEyNzZkLTcxNWUtNDZlZS04MTU4LWZkNDU3NmExMDk3OC5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAmAPD77DANBgkqhkiG9w0BAQsFAAOCAQEAHRdCmGOxHzw3GemUYXcO10kd onRU5ybsjdFpjN+VTmwqgMNXSduiSfsMfQ/t3GOMOtom+7zneUBszdmbk/jJkhTU wh/KC0FIdSaWF9U4YXXbco092ExxHvFI7u9fFmVMKg4cbDp0r5Gb2NyiVlh/kaNZ HnvHAgksXsFSpjUgZGwYmIL8I00eMbDSfBw9e9VrG1NrPVnvmdSg8TPAu4pr6oJJ tj+ETTrqYKXEMWp1PGItFLScSMYivfXVRfmrBkHhcVQuI5lfQIjfByfyZ/a+WdHm 0bi1pe2iqPJc79iohT+Pi2NHzSn9kbpf5dR6Aqr8yu2fKnOB9AwmgoM+M5Kd4A== -----END CERTIFICATE-----Generated at Wed Feb 5 09:49:44 2025 by rpki-client