$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/4714ad7b-a768-483a-bdb9-c35a68830b39.roa File: 4714ad7b-a768-483a-bdb9-c35a68830b39.roa (raw, json) Hash identifier: 9L+bGbw6D5uUseWxvtO+Gr1oCNdZ8/nBCzoM+gHhSX0= Subject key identifier: B2:34:45:2C:C6:89:8B:AB:8C:3E:D4:6C:A1:AE:FC:2B:82:BC:5E:FF Certificate issuer: /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5 Certificate serial: 498442FCC053B5D3AD209DFD884DCB9943897E47 Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/4714ad7b-a768-483a-bdb9-c35a68830b39.roa Signing time: Sat 25 Jan 2025 00:00:00 +0000 ROA not before: Sat 25 Jan 2025 00:00:00 +0000 ROA not after: Sat 01 Mar 2025 23:59:59 +0000 asID: 14618 IP address blocks: 23.249.216.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Mon 17 Feb 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:84:42:fc:c0:53:b5:d3:ad:20:9d:fd:88:4d:cb:99:43:89:7e:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5 Validity Not Before: Jan 25 00:00:00 2025 GMT Not After : Mar 1 23:59:59 2025 GMT Subject: CN=42519eb9-9579-4979-bdaf-164abd0e290e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:16:61:bb:58:ad:03:f3:bb:3e:d1:88:c9:2a: fd:77:0a:48:35:66:d3:62:fb:81:5e:88:a5:12:49: 97:37:bb:09:6d:d8:80:80:42:84:36:bd:38:9a:63: 61:b1:32:80:ce:57:7c:14:68:70:60:ed:09:fd:01: 40:57:bd:bc:ae:41:72:80:ae:49:3a:6a:fa:f0:06: 4a:8b:07:e2:3b:f0:39:c9:b1:a6:12:37:92:02:82: 33:0e:08:9a:14:5d:f2:43:9d:eb:90:f6:3e:34:12: 54:ec:73:09:70:a2:5d:8d:39:ab:67:e9:79:85:ee: b6:fa:5e:c7:2e:14:92:44:44:9b:74:50:94:c3:99: 6c:48:dd:82:88:fb:06:8a:61:72:b4:db:3d:38:46: 46:1a:c9:22:a0:da:ff:72:0c:8f:2f:47:b0:e3:5b: 87:ac:8b:46:c4:89:4f:c8:25:ae:3a:6c:36:52:c1: f7:a2:2f:d5:1f:79:74:92:68:78:78:fc:b2:a2:06: 5e:48:4e:b1:ab:14:4f:f0:46:d1:7f:bd:b1:c0:1a: 85:d0:30:11:d7:70:dd:fc:1f:41:8b:da:13:74:2f: 07:d9:31:b3:f7:17:36:54:d6:19:a3:44:c2:70:5f: ef:90:58:59:c3:b2:95:5a:f8:6d:ac:9d:f1:65:9e: 91:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:34:45:2C:C6:89:8B:AB:8C:3E:D4:6C:A1:AE:FC:2B:82:BC:5E:FF X509v3 Authority Key Identifier: keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/4714ad7b-a768-483a-bdb9-c35a68830b39.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 23.249.216.0/24 Signature Algorithm: sha256WithRSAEncryption 6d:84:cd:3e:63:86:78:95:7b:22:24:f1:b4:8f:c8:3e:7e:d0: e4:74:f9:7d:64:3f:d4:58:93:a8:36:65:e9:94:9a:21:36:7b: 38:b8:4f:3e:c6:78:af:59:87:d2:06:0b:cf:03:09:53:b3:69: 15:4e:78:cd:9f:9f:6c:9d:c7:c4:3d:5a:f9:62:34:96:21:e2: c7:75:0d:62:dc:31:8f:e1:a6:06:0d:91:28:9c:4f:8b:04:ca: 69:fb:cc:87:f6:2f:f2:9b:ca:13:3b:8f:dc:55:26:fb:ea:fd: cb:59:bd:7f:d3:ad:c4:b0:bd:72:c9:7e:43:67:0d:0f:f2:6b: 3b:50:36:f1:37:f5:6f:b2:10:6b:48:39:ff:fd:59:27:72:1a: 6a:6b:21:2a:8c:e2:49:ba:57:1f:5e:ff:d3:74:72:43:55:74: 35:08:2f:ac:99:41:6f:f2:11:d5:59:9a:cc:2c:65:41:ed:a4: b1:d9:26:a8:8f:95:de:b1:b0:25:d4:0b:78:bd:06:a3:31:91: 53:31:92:09:87:0e:04:94:14:17:39:37:53:0c:d7:f1:73:18: df:c2:8c:94:0f:56:68:7d:31:92:b9:8d:e7:0b:38:69:27:69: ff:49:b7:37:66:68:6d:27:aa:8f:06:70:17:0a:23:df:ac:2d: 6d:20:47:d6 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUSYRC/MBTtdOtIJ39iE3LmUOJfkcwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwMTI1MDAwMDAwWhcNMjUwMzAxMjM1OTU5 WjB6MUkwRwYDVQQFE0AwZTMyODlkYmM0YzIzZmE1NmE3MWNiY2U5NTg5NTA1ZGUz NjQ5OTY5YjY4NTQ4YzNhMTQzYjk2OGI2MmZjOTBhMS0wKwYDVQQDEyQ0MjUxOWVi OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDqFmG7WK0D87s+0YjJKv13Ckg1ZtNi+4FeiKUSSZc3uwlt 2ICAQoQ2vTiaY2GxMoDOV3wUaHBg7Qn9AUBXvbyuQXKArkk6avrwBkqLB+I78DnJ saYSN5ICgjMOCJoUXfJDneuQ9j40ElTscwlwol2NOatn6XmF7rb6XscuFJJERJt0 UJTDmWxI3YKI+waKYXK02z04RkYaySKg2v9yDI8vR7DjW4esi0bEiU/IJa46bDZS wfeiL9UfeXSSaHh4/LKiBl5ITrGrFE/wRtF/vbHAGoXQMBHXcN38H0GL2hN0LwfZ MbP3FzZU1hmjRMJwX++QWFnDspVa+G2snfFlnpF7AgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUsjRFLMaJi6uMPtRsoa78K4K8Xv8wHwYDVR0jBBgwFoAUvJOucQ+vFCI2 CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04 NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2 ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1 NTUxNGQ5YzdkLzQ3MTRhZDdiLWE3NjgtNDgzYS1iZGI5LWMzNWE2ODgzMGIzOS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAAX+dgwDQYJKoZIhvcNAQELBQADggEBAG2EzT5jhniVeyIk8bSPyD5+0OR0 +X1kP9RYk6g2ZemUmiE2ezi4Tz7GeK9Zh9IGC88DCVOzaRVOeM2fn2ydx8Q9Wvli NJYh4sd1DWLcMY/hpgYNkSicT4sEymn7zIf2L/KbyhM7j9xVJvvq/ctZvX/TrcSw vXLJfkNnDQ/yaztQNvE39W+yEGtIOf/9WSdyGmprISqM4km6Vx9e/9N0ckNVdDUI L6yZQW/yEdVZmswsZUHtpLHZJqiPld6xsCXUC3i9BqMxkVMxkgmHDgSUFBc5N1MM 1/FzGN/CjJQPVmh9MZK5jecLOGknaf9JtzdmaG0nqo8GcBcKI9+sLW0gR9Y= -----END CERTIFICATE-----Generated at Sun Feb 16 15:55:18 2025 by rpki-client