$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/951b66f0-8993-47d2-9bf5-e85f4ad5e32b.roa File: 951b66f0-8993-47d2-9bf5-e85f4ad5e32b.roa (raw, json) Hash identifier: kyWH8Pwv8rts+Q97LLHuj/T3ipd/4nixK3ghHwpQ54Y= Subject key identifier: CA:08:59:03:AE:AA:EC:B5:8E:DD:69:56:D5:DD:31:83:14:DB:29:61 Certificate issuer: /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5 Certificate serial: 36DE96AEDAAF95080A292D5035B114E013E24143 Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/951b66f0-8993-47d2-9bf5-e85f4ad5e32b.roa Signing time: Sat 09 Sep 2023 00:00:00 +0000 ROA not before: Sat 09 Sep 2023 00:00:00 +0000 ROA not after: Sat 14 Oct 2023 23:59:59 +0000 asID: 16509 IP address blocks: 23.249.218.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 10 Sep 2023 12:04:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:de:96:ae:da:af:95:08:0a:29:2d:50:35:b1:14:e0:13:e2:41:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5 Validity Not Before: Sep 9 00:00:00 2023 GMT Not After : Oct 14 23:59:59 2023 GMT Subject: serialNumber=617683ebf4033403cbca789cef8697fc9d1b90cf75a52210dde858d9265f5e1b, CN=42519eb9-9579-4979-bdaf-164abd0e290e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:7b:3a:d9:a0:74:44:e5:b1:29:77:bd:49:df: cb:d5:a7:8d:28:52:96:38:21:48:b7:18:54:a9:6d: 77:29:f6:72:ea:54:31:45:2c:00:8e:d2:0f:af:8c: 69:88:6e:ba:cc:5e:23:c3:6f:d2:11:da:2f:d6:71: 85:ef:49:48:66:cf:97:2d:66:21:40:fe:10:62:a5: dd:56:94:22:c6:b7:10:7d:08:aa:5d:29:96:84:7d: af:19:ea:31:48:e0:9f:d1:71:f3:ca:0b:85:5e:c3: f0:f4:1b:92:a8:cd:a8:ad:e1:9e:f3:79:c7:d3:64: b6:39:8b:8f:e7:6b:be:e4:ab:d3:8d:9e:b8:56:d4: 93:4f:a5:60:95:1f:55:c3:a6:63:c2:69:9d:25:02: b2:93:06:1f:3e:13:9d:d2:84:45:7e:54:83:d6:40: ab:08:6a:26:9f:a7:1b:d2:67:69:81:73:4d:e5:69: d9:21:d4:bf:19:2f:ba:8b:ca:c0:43:e1:ed:de:19: c6:54:94:54:b5:8c:8a:fd:56:6e:41:39:ee:97:61: 8d:dc:3c:ad:52:f2:b3:f4:15:06:89:67:93:f9:17: 5a:78:d1:8d:ff:14:b9:54:e3:cc:12:9e:b2:c2:6f: 61:a6:61:80:d6:52:76:1e:38:b0:df:45:9e:b1:92: 2a:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:08:59:03:AE:AA:EC:B5:8E:DD:69:56:D5:DD:31:83:14:DB:29:61 X509v3 Authority Key Identifier: keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/951b66f0-8993-47d2-9bf5-e85f4ad5e32b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 23.249.218.0/23 Signature Algorithm: sha256WithRSAEncryption 8a:d8:02:62:dd:1e:da:bc:bb:da:01:8f:06:a5:f8:af:54:37: 75:e3:2b:8f:d2:30:cc:61:8c:6e:ab:d2:dc:1b:38:24:c7:c2: cb:54:b4:4a:57:3b:90:27:3d:64:7a:ce:65:19:4b:07:8d:1b: 8b:10:b9:e9:47:b1:d7:18:2f:86:d1:2d:a1:6a:07:db:e8:b6: ab:ab:93:e7:2a:79:58:08:40:dc:4f:68:36:22:a7:ef:10:db: 08:ef:65:ab:6b:9a:ae:79:d8:95:32:81:8b:32:fe:ed:74:16: df:13:cf:b3:ab:2b:bf:87:c1:ed:42:f0:ad:52:45:30:29:3b: 75:96:bc:92:2e:2a:47:75:f2:5b:c5:ca:92:9f:bf:96:67:ac: 5f:a9:cf:1c:e8:27:69:45:04:59:c2:9f:40:e6:6b:f9:d6:3b: e6:38:36:b2:6d:c2:80:e5:b0:c5:8d:5c:24:c0:42:9f:fe:1f: 22:80:4a:88:62:c6:f2:8c:ed:a1:ae:ea:34:11:0c:82:fd:1c: 2d:a3:41:f0:21:66:15:01:5d:58:7a:14:0e:3e:23:7c:7f:f9: b1:70:00:49:c3:05:15:e0:57:f4:de:bc:cd:56:29:fd:f7:d5: 5a:5b:a3:b3:0e:ef:3b:ed:8a:df:41:42:a8:07:3d:4a:99:ba: b1:a8:75:49 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUNt6WrtqvlQgKKS1QNbEU4BPiQUMwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjMwOTA5MDAwMDAwWhcNMjMxMDE0MjM1OTU5 WjB6MUkwRwYDVQQFE0A2MTc2ODNlYmY0MDMzNDAzY2JjYTc4OWNlZjg2OTdmYzlk MWI5MGNmNzVhNTIyMTBkZGU4NThkOTI2NWY1ZTFiMS0wKwYDVQQDEyQ0MjUxOWVi OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDuezrZoHRE5bEpd71J38vVp40oUpY4IUi3GFSpbXcp9nLq VDFFLACO0g+vjGmIbrrMXiPDb9IR2i/WcYXvSUhmz5ctZiFA/hBipd1WlCLGtxB9 CKpdKZaEfa8Z6jFI4J/RcfPKC4Vew/D0G5Kozait4Z7zecfTZLY5i4/na77kq9ON nrhW1JNPpWCVH1XDpmPCaZ0lArKTBh8+E53ShEV+VIPWQKsIaiafpxvSZ2mBc03l adkh1L8ZL7qLysBD4e3eGcZUlFS1jIr9Vm5BOe6XYY3cPK1S8rP0FQaJZ5P5F1p4 0Y3/FLlU48wSnrLCb2GmYYDWUnYeOLDfRZ6xkioTAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUyghZA66q7LWO3WlW1d0xgxTbKWEwHwYDVR0jBBgwFoAUvJOucQ+vFCI2 CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04 NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2 ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1 NTUxNGQ5YzdkLzk1MWI2NmYwLTg5OTMtNDdkMi05YmY1LWU4NWY0YWQ1ZTMyYi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAEX+dowDQYJKoZIhvcNAQELBQADggEBAIrYAmLdHtq8u9oBjwal+K9UN3Xj K4/SMMxhjG6r0twbOCTHwstUtEpXO5AnPWR6zmUZSweNG4sQuelHsdcYL4bRLaFq B9votqurk+cqeVgIQNxPaDYip+8Q2wjvZatrmq552JUygYsy/u10Ft8Tz7OrK7+H we1C8K1SRTApO3WWvJIuKkd18lvFypKfv5ZnrF+pzxzoJ2lFBFnCn0Dma/nWO+Y4 NrJtwoDlsMWNXCTAQp/+HyKASohixvKM7aGu6jQRDIL9HC2jQfAhZhUBXVh6FA4+ I3x/+bFwAEnDBRXgV/TevM1WKf331Vpbo7MO7zvtit9BQqgHPUqZurGodUk= -----END CERTIFICATE-----Generated at Sat Sep 9 00:26:29 2023 by rpki-client on console-fra.rpki-client.org