$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/dc822c01-1717-4e45-a5a8-3a5dc916c76d.roa File: dc822c01-1717-4e45-a5a8-3a5dc916c76d.roa (raw, json) Hash identifier: B+haFxquC6BFQf3tFOrY4YE2vaTLz4kXEWmvUdNA7Ms= Subject key identifier: CB:9E:A9:5C:7C:CA:A8:93:D4:68:81:21:C0:19:2E:B9:83:D3:01:0D Certificate issuer: /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c Certificate serial: 305170F73F3BF0D11E060034D140B779980707B6 Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/dc822c01-1717-4e45-a5a8-3a5dc916c76d.roa Signing time: Tue 03 Jun 2025 16:20:14 +0000 ROA not before: Tue 03 Jun 2025 16:20:14 +0000 ROA not after: Tue 08 Jul 2025 23:59:59 +0000 asID: 801 IP address blocks: 35.96.11.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 08 Jun 2025 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:51:70:f7:3f:3b:f0:d1:1e:06:00:34:d1:40:b7:79:98:07:07:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c Validity Not Before: Jun 3 16:20:14 2025 GMT Not After : Jul 8 23:59:59 2025 GMT Subject: serialNumber=3271d83818f2bf819bd9834a03a17027977eebd6cc7f5d9ddb13005350e47048, CN=8cd8442f-235f-4171-84e6-8e1007a64c60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:63:8a:5b:f2:c9:6b:19:d2:d7:b7:22:c8:65: a8:a2:93:09:45:df:7a:80:19:00:d7:58:92:a7:de: 7d:54:b3:bb:7f:76:e2:c5:b8:b3:f5:40:44:13:d8: 96:76:72:98:eb:de:a5:02:e7:7d:f8:6c:d7:13:93: 92:79:9f:96:b9:c6:bf:8e:f6:20:1a:97:d9:1b:11: 6a:ce:a8:19:40:d1:7e:76:a6:82:4e:2f:1a:20:fe: 82:f5:e9:c7:66:44:35:2a:9b:1b:c4:54:10:c1:02: 31:ce:cf:79:00:9b:19:77:05:bd:a9:3b:7c:bf:43: 5f:55:3b:96:29:18:02:c6:d9:5a:d4:91:21:0f:33: d3:90:16:6b:f2:07:53:17:88:65:32:20:1f:20:30: c2:d2:fb:b4:8a:47:8e:32:11:91:73:d9:c7:0a:33: c9:ff:2c:ce:bf:dd:b3:a3:17:46:21:2e:7f:04:ae: 84:b2:1c:8f:ea:78:43:a4:2c:8d:b3:e9:dd:ce:de: 76:f1:9a:21:df:78:28:94:5e:76:bb:3a:92:d8:84: 59:ae:a0:ce:fb:a6:35:1d:85:62:9d:c5:e4:75:e6: b5:70:4a:c0:ca:49:32:08:99:3a:71:3a:1b:c5:21: 6b:11:0d:ec:19:fd:31:da:5c:56:b7:00:03:4c:f8: a8:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:9E:A9:5C:7C:CA:A8:93:D4:68:81:21:C0:19:2E:B9:83:D3:01:0D X509v3 Authority Key Identifier: keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/dc822c01-1717-4e45-a5a8-3a5dc916c76d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 35.96.11.0/24 Signature Algorithm: sha256WithRSAEncryption 50:7c:0b:16:63:98:74:4b:db:96:87:02:bb:01:f8:57:4f:f1: 11:09:47:ef:86:01:77:65:e3:c5:d7:c1:fa:ef:0a:d3:58:e2: 42:e4:8b:8e:a2:a5:b4:d2:a5:4c:4b:e7:86:ed:e0:88:a5:55: 0a:30:bd:f5:10:1a:43:d6:a6:9d:7a:9a:3b:dc:8a:87:34:23: 74:ea:65:eb:e6:0e:52:b1:da:04:70:45:c2:25:70:da:f9:a2: 0e:2b:67:ea:80:91:ac:d6:7c:5c:a6:04:fe:c3:1e:ba:e7:77: fa:3c:0c:38:d6:d8:8c:da:de:83:b8:ea:84:0e:6f:cb:1e:ca: ce:c9:de:df:18:78:ce:92:58:83:c9:b8:34:5b:a5:81:eb:8b: ad:4e:7a:37:77:93:bb:e3:ad:6a:e4:8a:45:56:64:1e:9f:a3: de:f2:92:c6:bf:48:33:a0:39:f0:08:94:e7:9a:13:10:18:1c: 68:6c:36:3a:2f:a1:e4:52:fb:53:c8:16:d6:9b:ab:51:57:81: 4f:fd:ee:11:0b:0f:15:cf:eb:9a:09:bd:e3:ad:96:ec:d6:c3: 00:74:ea:46:30:60:4d:10:d5:eb:cd:1e:50:0e:33:97:b6:97: 95:14:c4:2f:ad:d7:3d:e6:38:0d:fc:8f:e9:37:cc:7d:2c:b4: 53:45:c4:75 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUMFFw9z878NEeBgA00UC3eZgHB7YwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUwNjAzMTYyMDE0WhcNMjUwNzA4MjM1OTU5 WjB6MUkwRwYDVQQFE0AzMjcxZDgzODE4ZjJiZjgxOWJkOTgzNGEwM2ExNzAyNzk3 N2VlYmQ2Y2M3ZjVkOWRkYjEzMDA1MzUwZTQ3MDQ4MS0wKwYDVQQDEyQ4Y2Q4NDQy Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDCY4pb8slrGdLXtyLIZaiikwlF33qAGQDXWJKn3n1Us7t/ duLFuLP1QEQT2JZ2cpjr3qUC5334bNcTk5J5n5a5xr+O9iAal9kbEWrOqBlA0X52 poJOLxog/oL16cdmRDUqmxvEVBDBAjHOz3kAmxl3Bb2pO3y/Q19VO5YpGALG2VrU kSEPM9OQFmvyB1MXiGUyIB8gMMLS+7SKR44yEZFz2ccKM8n/LM6/3bOjF0YhLn8E roSyHI/qeEOkLI2z6d3O3nbxmiHfeCiUXna7OpLYhFmuoM77pjUdhWKdxeR15rVw SsDKSTIImTpxOhvFIWsRDewZ/THaXFa3AANM+KifAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUy56pXHzKqJPUaIEhwBkuuYPTAQ0wHwYDVR0jBBgwFoAUasw+faLnbZkR D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00 NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1 Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx MTI5ODY2MzYyL2RjODIyYzAxLTE3MTctNGU0NS1hNWE4LTNhNWRjOTE2Yzc2ZC5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4 LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAAjYAswDQYJKoZIhvcNAQELBQADggEBAFB8CxZjmHRL25aHArsB+FdP8REJ R++GAXdl48XXwfrvCtNY4kLki46ipbTSpUxL54bt4IilVQowvfUQGkPWpp16mjvc ioc0I3TqZevmDlKx2gRwRcIlcNr5og4rZ+qAkazWfFymBP7DHrrnd/o8DDjW2Iza 3oO46oQOb8seys7J3t8YeM6SWIPJuDRbpYHri61Oejd3k7vjrWrkikVWZB6fo97y ksa/SDOgOfAIlOeaExAYHGhsNjovoeRS+1PIFtabq1FXgU/97hELDxXP65oJveOt luzWwwB06kYwYE0Q1evNHlAOM5e2l5UUxC+t1z3mOA38j+k3zH0stFNFxHU= -----END CERTIFICATE-----Generated at Sat Jun 7 17:46:21 2025 by rpki-client