$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/aa5ff16a-b7a9-490e-99be-3eaaa71e154b.roa File: aa5ff16a-b7a9-490e-99be-3eaaa71e154b.roa (raw, json) Hash identifier: SkC5IbMXGqEW90fx58XILJAUKRs/QcSHuqPxrswvnps= Subject key identifier: DF:1E:C0:A1:14:03:54:25:CF:32:05:46:C0:D4:C8:F9:F2:A0:B8:26 Certificate issuer: /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476 Certificate serial: 5039CD671A5007D11023073B04E3B478E6EA8AE4 Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/aa5ff16a-b7a9-490e-99be-3eaaa71e154b.roa Signing time: Fri 09 May 2025 15:20:08 +0000 ROA not before: Fri 09 May 2025 15:20:08 +0000 ROA not after: Fri 13 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 34.254.192.0/18 maxlen: 18 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sat 10 May 2025 20:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:39:cd:67:1a:50:07:d1:10:23:07:3b:04:e3:b4:78:e6:ea:8a:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476 Validity Not Before: May 9 15:20:08 2025 GMT Not After : Jun 13 23:59:59 2025 GMT Subject: serialNumber=8b2192fa0fb54eaab6ab4eee52e1520799a29e7cfc5c37543487a4eba361beae, CN=5f276045-5b9f-45ef-923d-f3fce24a6225 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:ac:7d:07:cc:aa:82:df:b5:0f:50:c9:bb:6e: da:6e:cd:6f:03:1e:53:7e:f0:fb:be:80:a0:32:c9: 5e:51:7f:db:13:e4:da:aa:48:48:7e:72:61:27:a1: bd:4d:76:76:fe:ae:93:66:94:bc:53:0a:a9:78:72: 05:cc:6d:5e:ed:ee:31:be:d7:c8:d1:aa:9e:55:92: 21:4c:ae:ca:70:f5:99:a5:64:2f:01:31:75:de:fa: d9:ac:2f:f9:cb:8f:df:b1:7e:5d:5d:e8:2c:e3:2b: 82:53:b8:85:27:fd:64:8a:75:71:f5:0d:fd:51:a9: 9b:b6:be:73:0a:14:5c:78:ba:3d:e7:b4:a8:90:1c: 34:0c:bf:e8:ce:b6:51:9d:7e:92:74:51:4f:87:a2: 93:1e:66:cb:77:24:5c:6a:79:76:62:b8:51:2f:94: c5:e0:23:3e:f4:22:51:4b:dd:60:f0:56:61:bd:53: 5c:92:1f:e2:3b:3b:54:dc:ec:ed:a2:24:8d:66:18: 3d:ff:b5:70:b5:ee:03:4b:cf:d1:c5:a5:38:c5:90: 46:39:56:d0:dd:6c:40:f1:85:70:88:d1:5f:33:87: 94:c7:fc:17:ba:05:20:b8:5d:a4:0b:81:d2:47:61: 4e:0b:d2:1f:6e:35:25:70:19:b3:92:7f:bd:fa:33: 5b:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:1E:C0:A1:14:03:54:25:CF:32:05:46:C0:D4:C8:F9:F2:A0:B8:26 X509v3 Authority Key Identifier: keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/aa5ff16a-b7a9-490e-99be-3eaaa71e154b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 34.254.192.0/18 Signature Algorithm: sha256WithRSAEncryption b1:14:1b:8c:e7:29:0c:9c:1c:84:de:0a:d8:36:d0:20:c5:24: 62:00:cc:28:db:e1:3c:e2:3e:59:7b:a3:1d:99:0a:35:17:71: b3:7e:8e:c3:53:54:64:e3:b4:03:5d:34:c6:b6:b3:2c:04:8f: ca:17:0f:4b:f8:33:3f:61:ad:8f:1a:9b:ac:cc:ab:82:e6:79: 54:8a:6a:52:29:26:58:60:a1:9c:7f:8b:d8:20:16:f0:74:3d: 0b:da:bb:3f:1c:b3:0e:15:1d:49:f6:22:f7:41:7c:7f:5b:0a: 57:3c:d1:28:b5:23:6a:9c:8f:48:da:71:d3:17:c9:2c:95:da: af:cd:49:4f:0a:54:c4:50:53:46:44:03:79:a8:9c:e9:df:de: 4c:c4:55:af:df:bc:84:9d:f4:1d:db:2b:73:c0:e3:71:19:9a: 6b:26:c8:25:41:ee:1e:99:6d:2d:f8:e5:8c:05:ed:d4:91:0e: ed:62:39:4c:91:ed:07:31:c1:b1:83:9f:37:6a:1e:9b:ed:8f: d3:78:38:10:41:f0:00:50:1c:34:50:e0:d9:bc:4e:fc:41:88: c1:9a:ff:4f:08:0a:7f:03:74:60:4f:62:72:c0:6d:2e:62:7d: 39:d7:4c:83:35:0b:5b:5d:b9:e5:93:f2:48:89:81:5a:cb:0c: b7:74:0a:e1 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUUDnNZxpQB9EQIwc7BOO0eObqiuQwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNTA5MTUyMDA4WhcNMjUwNjEzMjM1OTU5 WjB6MUkwRwYDVQQFE0A4YjIxOTJmYTBmYjU0ZWFhYjZhYjRlZWU1MmUxNTIwNzk5 YTI5ZTdjZmM1YzM3NTQzNDg3YTRlYmEzNjFiZWFlMS0wKwYDVQQDEyQ1ZjI3NjA0 NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDFrH0HzKqC37UPUMm7btpuzW8DHlN+8Pu+gKAyyV5Rf9sT 5NqqSEh+cmEnob1Ndnb+rpNmlLxTCql4cgXMbV7t7jG+18jRqp5VkiFMrspw9Zml ZC8BMXXe+tmsL/nLj9+xfl1d6CzjK4JTuIUn/WSKdXH1Df1RqZu2vnMKFFx4uj3n tKiQHDQMv+jOtlGdfpJ0UU+HopMeZst3JFxqeXZiuFEvlMXgIz70IlFL3WDwVmG9 U1ySH+I7O1Tc7O2iJI1mGD3/tXC17gNLz9HFpTjFkEY5VtDdbEDxhXCI0V8zh5TH /Be6BSC4XaQLgdJHYU4L0h9uNSVwGbOSf736M1uHAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQU3x7AoRQDVCXPMgVGwNTI+fKguCYwHwYDVR0jBBgwFoAUJa3TQrAet6WO rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4 MDkwNGU0MmQyL2FhNWZmMTZhLWI3YTktNDkwZS05OWJlLTNlYWFhNzFlMTU0Yi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAYi/sAwDQYJKoZIhvcNAQELBQADggEBALEUG4znKQycHITeCtg20CDFJGIA zCjb4TziPll7ox2ZCjUXcbN+jsNTVGTjtANdNMa2sywEj8oXD0v4Mz9hrY8am6zM q4LmeVSKalIpJlhgoZx/i9ggFvB0PQvauz8csw4VHUn2IvdBfH9bClc80Si1I2qc j0jacdMXySyV2q/NSU8KVMRQU0ZEA3monOnf3kzEVa/fvISd9B3bK3PA43EZmmsm yCVB7h6ZbS345YwF7dSRDu1iOUyR7QcxwbGDnzdqHpvtj9N4OBBB8ABQHDRQ4Nm8 TvxBiMGa/08ICn8DdGBPYnLAbS5ifTnXTIM1C1tdueWT8kiJgVrLDLd0CuE= -----END CERTIFICATE-----Generated at Fri May 9 19:54:12 2025 by rpki-client