$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/b2a4ddb8-c852-4876-b718-a984606f10af.roa File: b2a4ddb8-c852-4876-b718-a984606f10af.roa (raw, json) Hash identifier: r7JHeFWA1+LtYXR9RkeplmJijENQg1Tf0m1RcfTL8EE= Subject key identifier: 25:76:73:80:3D:D5:C1:8F:B9:47:52:A1:35:5F:0F:01:3C:B0:B5:5F Certificate issuer: /CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424 Certificate serial: 31F4E7DF5ED5BC03B87ADC77D7F56F70E12904E6 Authority key identifier: BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/b2a4ddb8-c852-4876-b718-a984606f10af.roa Signing time: Mon 17 Mar 2025 15:31:06 +0000 ROA not before: Mon 17 Mar 2025 15:31:06 +0000 ROA not after: Mon 21 Apr 2025 23:59:59 +0000 asID: 21664 IP address blocks: 2605:9cc0:c0c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 06 Apr 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:f4:e7:df:5e:d5:bc:03:b8:7a:dc:77:d7:f5:6f:70:e1:29:04:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424 Validity Not Before: Mar 17 15:31:06 2025 GMT Not After : Apr 21 23:59:59 2025 GMT Subject: CN=f7243785-46de-414b-9b8f-7a9699e979e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:37:5d:84:67:b3:1c:96:fc:b3:fc:a0:8b:e3: bb:e6:95:10:b6:16:24:e6:cf:4a:3e:99:69:03:cc: 74:1b:05:22:1b:eb:ae:21:54:ae:6a:07:46:39:62: 9d:52:3e:0a:8c:b4:86:54:31:13:22:15:e8:0a:5a: 96:02:6d:a0:4e:cc:2d:d5:a0:3b:6d:7b:f9:ab:9c: 86:7c:c3:8a:21:cd:79:95:84:db:a1:ab:5c:8f:9e: 2f:54:1d:b7:45:05:59:72:60:8d:df:8b:c2:eb:d7: aa:46:a0:a1:e9:72:13:ad:63:8e:9b:99:d5:88:dc: 63:fb:13:90:2d:60:40:34:4d:42:db:88:85:d3:c8: 3a:14:93:09:92:5d:00:8f:e4:e8:1d:14:6d:b8:70: f4:56:fb:34:bb:70:2f:61:c7:d0:bd:63:d7:4d:47: 55:22:13:de:14:ff:87:c6:03:1f:f1:cc:bb:a3:3e: 91:ff:7c:5f:77:3e:34:97:97:8f:5f:df:87:0e:bd: 25:a1:03:3f:35:b8:35:c6:49:df:4c:51:34:ae:80: 95:28:e6:25:3e:38:2b:b0:69:90:b3:27:53:cd:46: 38:6f:e7:c2:da:29:0c:34:ac:d7:9f:eb:7b:91:5e: ec:1e:ce:6e:40:33:79:0d:26:c0:fa:20:44:16:a0: 64:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:76:73:80:3D:D5:C1:8F:B9:47:52:A1:35:5F:0F:01:3C:B0:B5:5F X509v3 Authority Key Identifier: keyid:BA:0C:E1:7E:23:3F:BC:71:D4:30:AB:DA:C2:C3:0C:79:04:B6:A0:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/d3ea6eab-f41f-4e46-a8f6-3da4a128d78c/97ac0028d6efbddafb7d9c71e29eb71c005e34fc19f1f7c424.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/b2a4ddb8-c852-4876-b718-a984606f10af.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/54602fb0-a9d4-4f9f-b0ca-be2a139ea92b/773a-32cceKetxwAXjT8GfH3xCQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2605:9cc0:c0c::/48 Signature Algorithm: sha256WithRSAEncryption 31:97:9a:2f:93:d6:5a:f9:8a:b6:e1:dc:ae:c9:93:0a:49:a9: 2a:8e:f3:49:11:27:89:b6:c4:fd:1c:e7:d9:4a:53:1e:f0:e4: bc:63:55:32:86:7e:d5:b3:c8:25:5f:53:11:c0:88:ee:1d:7c: f6:bc:cf:ab:37:0c:98:95:ca:f4:df:5c:b4:db:8e:75:49:cd: 66:a0:72:12:f3:48:de:09:00:ca:28:50:9c:6d:72:07:51:09: d1:a3:6e:a0:c4:d1:bd:a8:d3:1b:54:3e:73:ea:ee:83:55:e9: 8d:a5:cb:be:0c:5e:22:bc:69:cd:54:3a:a5:74:ad:30:56:62: de:94:c9:9c:6c:32:87:4e:18:04:2b:9f:ea:a6:0d:d5:24:f4: 86:09:08:18:bc:78:43:1e:19:75:61:8f:d9:2c:45:30:07:ef: d0:a7:5f:e3:e3:ef:36:56:4a:7f:f0:d4:48:52:48:03:6a:d9: 52:e9:6a:67:f5:81:48:f6:ce:be:40:71:ed:4d:72:bd:71:6c: 9f:a2:6a:aa:11:13:b6:4c:38:e4:b2:18:3c:e4:a8:08:f2:86: e9:3b:33:8a:03:7d:01:43:5c:9d:1c:6d:0a:4c:4a:03:27:d8: c9:8a:10:fd:e1:01:a9:84:7b:7f:10:8d:a5:dc:ea:f2:6a:4d: 33:c6:33:96 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUMfTn317VvAO4etx31/VvcOEpBOYwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyOTdhYzAwMjhkNmVmYmRkYWZiN2Q5YzcxZTI5ZWI3MWMw MDVlMzRmYzE5ZjFmN2M0MjQwHhcNMjUwMzE3MTUzMTA2WhcNMjUwNDIxMjM1OTU5 WjB6MUkwRwYDVQQFE0A4NzE5Y2YyOTgwZjgzM2UwODJkZWYxZGQwODE4OWQ3NTU0 ZmE3MjY5OTczM2QyOTQ5ZDU5N2ZhNWM2Nzg0ZTI3MS0wKwYDVQQDEyRmNzI0Mzc4 NS00NmRlLTQxNGItOWI4Zi03YTk2OTllOTc5ZTIwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCqN12EZ7Mclvyz/KCL47vmlRC2FiTmz0o+mWkDzHQbBSIb 664hVK5qB0Y5Yp1SPgqMtIZUMRMiFegKWpYCbaBOzC3VoDtte/mrnIZ8w4ohzXmV hNuhq1yPni9UHbdFBVlyYI3fi8Lr16pGoKHpchOtY46bmdWI3GP7E5AtYEA0TULb iIXTyDoUkwmSXQCP5OgdFG24cPRW+zS7cC9hx9C9Y9dNR1UiE94U/4fGAx/xzLuj PpH/fF93PjSXl49f34cOvSWhAz81uDXGSd9MUTSugJUo5iU+OCuwaZCzJ1PNRjhv 58LaKQw0rNef63uRXuwezm5AM3kNJsD6IEQWoGR/AgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUJXZzgD3VwY+5R1KhNV8PATywtV8wHwYDVR0jBBgwFoAUugzhfiM/vHHU MKvawsMMeQS2oOcwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9kM2VhNmVhYi1m NDFmLTRlNDYtYThmNi0zZGE0YTEyOGQ3OGMvOTdhYzAwMjhkNmVmYmRkYWZiN2Q5 YzcxZTI5ZWI3MWMwMDVlMzRmYzE5ZjFmN2M0MjQuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTQ2MDJmYjAtYTlkNC00ZjlmLWIwY2EtYmUy YTEzOWVhOTJiL2IyYTRkZGI4LWM4NTItNDg3Ni1iNzE4LWE5ODQ2MDZmMTBhZi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzU0NjAyZmIwLWE5ZDQtNGY5Zi1iMGNh LWJlMmExMzllYTkyYi83NzNhLTMyY2NlS2V0eHdBWGpUOEdmSDN4Q1EuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwAmBZzADAwwDQYJKoZIhvcNAQELBQADggEBADGXmi+T1lr5irbh3K7JkwpJ qSqO80kRJ4m2xP0c59lKUx7w5LxjVTKGftWzyCVfUxHAiO4dfPa8z6s3DJiVyvTf XLTbjnVJzWagchLzSN4JAMooUJxtcgdRCdGjbqDE0b2o0xtUPnPq7oNV6Y2ly74M XiK8ac1UOqV0rTBWYt6UyZxsModOGAQrn+qmDdUk9IYJCBi8eEMeGXVhj9ksRTAH 79CnX+Pj7zZWSn/w1EhSSANq2VLpamf1gUj2zr5Ace1Ncr1xbJ+iaqoRE7ZMOOSy GDzkqAjyhuk7M4oDfQFDXJ0cbQpMSgMn2MmKEP3hAamEe38QjaXc6vJqTTPGM5Y= -----END CERTIFICATE-----Generated at Sat Apr 5 15:30:29 2025 by rpki-client