$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/cff2aad7-f173-47b6-ad48-6f279ff321d1.roa File: cff2aad7-f173-47b6-ad48-6f279ff321d1.roa (raw, json) Hash identifier: RgUFdZDHQdNzzKvk6xi6LgtJdLmRhDJzPXuzfoPkWl8= Subject key identifier: 44:B7:16:24:B6:0A:3B:F3:9B:B2:3D:4B:0A:40:5C:DD:22:67:96:05 Certificate issuer: /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5 Certificate serial: 01656D836A5E96BD399C185901267A776E7C91BB Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/cff2aad7-f173-47b6-ad48-6f279ff321d1.roa Signing time: Sat 25 Jan 2025 00:00:00 +0000 ROA not before: Sat 25 Jan 2025 00:00:00 +0000 ROA not after: Sat 01 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 23.249.212.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Mon 17 Feb 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:65:6d:83:6a:5e:96:bd:39:9c:18:59:01:26:7a:77:6e:7c:91:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5 Validity Not Before: Jan 25 00:00:00 2025 GMT Not After : Mar 1 23:59:59 2025 GMT Subject: CN=42519eb9-9579-4979-bdaf-164abd0e290e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:72:d1:ff:be:76:ac:31:82:a1:98:48:f0:ce: fc:94:14:d8:39:c0:92:67:70:64:37:3a:63:1d:b0: eb:ec:d8:9e:78:d9:34:81:88:67:f2:67:e2:9b:f6: b5:10:9e:b1:bf:47:37:ea:f2:83:ae:2a:26:cf:db: e9:4b:61:bc:53:ab:ee:8f:af:8a:0e:8b:d3:3d:ae: f0:e2:18:14:3b:bc:bd:f9:14:73:e2:9e:c9:1a:02: 3a:00:e9:50:f0:73:c5:2d:5b:39:43:f1:29:2e:e3: 96:3d:5e:7e:1b:a3:08:fd:eb:1a:43:02:39:49:e3: 37:20:b6:b5:48:e4:a8:ae:27:52:0c:c9:1a:a7:eb: 2c:d3:12:6c:f3:cd:c1:84:99:83:bd:64:b3:5a:42: 77:fa:3c:66:60:10:cf:9a:d8:6b:6b:8e:4f:56:dd: 1b:a0:e3:25:21:e4:da:b2:c4:75:2d:08:1a:ce:b0: 04:4d:d7:a4:86:2a:40:d2:32:1e:e5:53:a2:c4:aa: c7:3a:08:d9:11:74:c6:e1:ea:05:48:f6:38:65:73: 9e:15:c1:fd:00:ae:64:34:2d:24:36:7d:7d:5e:b3: 80:6a:da:d0:3c:97:12:6c:a6:7e:ef:6b:90:e3:c6: a9:79:8e:d7:3d:be:eb:9b:7b:9e:df:e9:ba:8e:7d: 74:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:B7:16:24:B6:0A:3B:F3:9B:B2:3D:4B:0A:40:5C:DD:22:67:96:05 X509v3 Authority Key Identifier: keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/cff2aad7-f173-47b6-ad48-6f279ff321d1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 23.249.212.0/24 Signature Algorithm: sha256WithRSAEncryption 59:17:48:d4:38:35:e7:a9:ff:ce:27:62:fb:5f:49:79:13:d7: bf:60:75:8e:dc:85:9d:64:d1:41:56:39:03:d7:2e:5c:57:f2: b8:48:ed:05:c7:df:c2:9c:a9:4d:6f:cb:7f:2a:22:28:0c:98: c0:18:e2:77:17:a9:8b:d7:62:34:13:55:a9:40:6c:9a:b7:bd: 9f:d5:90:06:41:29:e3:20:32:76:3a:45:4c:52:91:b1:e0:71: 55:37:ff:a4:b7:47:dc:0d:bd:f8:ea:c9:46:88:73:6b:35:ae: f7:31:b6:16:e9:ad:c1:70:01:86:12:61:5a:a3:ed:16:3f:5e: d9:8e:7f:55:94:c5:fd:84:f7:4a:ed:f4:d2:dc:9e:82:ac:84: 2e:12:2d:2f:47:b0:d3:68:d8:d0:14:b2:cd:bf:64:01:12:94: 76:61:b3:fd:44:5e:4a:86:a9:92:aa:03:cf:d8:4e:6d:f5:81: 12:94:02:24:32:46:c4:12:e7:bc:e3:e7:e0:da:49:cb:40:db: 84:d4:5b:10:bb:ce:f5:89:67:e3:20:d9:db:e1:90:17:b1:7e: 5d:89:fa:bc:2d:7f:6a:8f:45:aa:30:77:a8:e0:fe:14:f9:56: 08:a4:c5:d3:8d:50:2d:3a:c5:73:f6:9c:2c:78:1d:c5:75:97: 8a:f7:77:0e -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUAWVtg2pelr05nBhZASZ6d258kbswDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwMTI1MDAwMDAwWhcNMjUwMzAxMjM1OTU5 WjB6MUkwRwYDVQQFE0AxODQyYTk3OGJlYTJkZjNiYmExMmJlNDllNGM1MjcwMTY1 N2I5OGNjYTk0Y2I0OTVkNzdiYjA0MDAzODU0Y2M0MS0wKwYDVQQDEyQ0MjUxOWVi OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDRctH/vnasMYKhmEjwzvyUFNg5wJJncGQ3OmMdsOvs2J54 2TSBiGfyZ+Kb9rUQnrG/Rzfq8oOuKibP2+lLYbxTq+6Pr4oOi9M9rvDiGBQ7vL35 FHPinskaAjoA6VDwc8UtWzlD8Sku45Y9Xn4bowj96xpDAjlJ4zcgtrVI5KiuJ1IM yRqn6yzTEmzzzcGEmYO9ZLNaQnf6PGZgEM+a2Gtrjk9W3Rug4yUh5NqyxHUtCBrO sARN16SGKkDSMh7lU6LEqsc6CNkRdMbh6gVI9jhlc54Vwf0ArmQ0LSQ2fX1es4Bq 2tA8lxJspn7va5Djxql5jtc9vuube57f6bqOfXQtAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQURLcWJLYKO/Obsj1LCkBc3SJnlgUwHwYDVR0jBBgwFoAUvJOucQ+vFCI2 CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04 NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2 ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1 NTUxNGQ5YzdkL2NmZjJhYWQ3LWYxNzMtNDdiNi1hZDQ4LTZmMjc5ZmYzMjFkMS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAAX+dQwDQYJKoZIhvcNAQELBQADggEBAFkXSNQ4Neep/84nYvtfSXkT179g dY7chZ1k0UFWOQPXLlxX8rhI7QXH38KcqU1vy38qIigMmMAY4ncXqYvXYjQTValA bJq3vZ/VkAZBKeMgMnY6RUxSkbHgcVU3/6S3R9wNvfjqyUaIc2s1rvcxthbprcFw AYYSYVqj7RY/XtmOf1WUxf2E90rt9NLcnoKshC4SLS9HsNNo2NAUss2/ZAESlHZh s/1EXkqGqZKqA8/YTm31gRKUAiQyRsQS57zj5+DaSctA24TUWxC7zvWJZ+Mg2dvh kBexfl2J+rwtf2qPRaowd6jg/hT5VgikxdONUC06xXP2nCx4HcV1l4r3dw4= -----END CERTIFICATE-----Generated at Sun Feb 16 15:15:09 2025 by rpki-client