$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c25e168e-b858-4af0-b1a1-cf163e4d2802.roa File: c25e168e-b858-4af0-b1a1-cf163e4d2802.roa (raw, json) Hash identifier: HvHYLyBzRbj++Vdgk4rktqBv3QQObzsHo0EEkFAWiG0= Subject key identifier: 54:D4:B4:E9:02:81:32:63:5C:14:9D:10:C7:0C:F0:9F:46:32:A4:96 Certificate issuer: /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476 Certificate serial: 258009BAAAC755C5A85A5C9C5547272954574AD4 Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c25e168e-b858-4af0-b1a1-cf163e4d2802.roa Signing time: Thu 23 Mar 2023 00:00:00 +0000 ROA not before: Thu 23 Mar 2023 00:00:00 +0000 ROA not after: Thu 27 Apr 2023 23:59:59 +0000 asID: 16509 IP address blocks: 15.213.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Fri 24 Mar 2023 12:09:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:80:09:ba:aa:c7:55:c5:a8:5a:5c:9c:55:47:27:29:54:57:4a:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476 Validity Not Before: Mar 23 00:00:00 2023 GMT Not After : Apr 27 23:59:59 2023 GMT Subject: serialNumber=4e4320fda0457dc33235d2fca2aea0ec4f07f7da019a8aaad07803e1e01e126c, CN=5f276045-5b9f-45ef-923d-f3fce24a6225, OU=Amazon RPKI, O=Amazon.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:e2:49:07:59:38:38:1b:3c:bb:b3:33:e3:14: a4:b0:72:c5:5c:c4:99:3f:24:ce:57:5c:72:80:e1: 1d:6a:37:c7:62:30:2a:1e:59:4d:37:06:11:51:ba: 39:4c:3a:0a:84:07:5a:25:0a:f7:58:3f:f0:16:51: fb:3e:0a:2d:3a:af:a1:6b:65:72:ef:ef:23:73:da: 2e:a1:30:33:d9:18:7e:af:fd:a3:f5:81:59:5d:49: 53:e3:e6:69:b1:ec:33:29:7b:a3:8a:3a:fe:4f:85: 19:01:f2:8f:c9:d7:f6:dd:9b:82:b9:01:86:46:fd: de:61:6b:3a:26:d4:4c:c8:23:b2:33:b8:5c:02:ce: 35:7d:16:b1:d6:11:bf:39:1e:f8:56:19:6d:6b:88: 3d:31:f7:6a:4a:5d:53:2a:1b:2e:ce:c6:6f:6c:cb: 23:22:50:96:b3:e1:f0:22:3a:11:f8:fe:41:c5:d9: a3:5a:c4:d9:d0:63:b4:8d:e2:9f:e4:33:1e:ec:06: 86:c1:d9:57:dd:f2:9e:a8:c1:bf:06:aa:83:cb:a0: bd:d6:f5:c3:a3:83:19:b4:70:dd:72:c9:eb:e9:6c: 14:39:7f:4e:71:ba:1e:b9:4b:07:a4:39:4f:1c:70: 43:d7:98:26:e8:af:98:ee:41:e8:09:1f:bb:7f:f9: 6e:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:D4:B4:E9:02:81:32:63:5C:14:9D:10:C7:0C:F0:9F:46:32:A4:96 X509v3 Authority Key Identifier: keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c25e168e-b858-4af0-b1a1-cf163e4d2802.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 15.213.0.0/16 Signature Algorithm: sha256WithRSAEncryption 49:e6:1d:42:a9:1c:42:14:89:b2:4d:53:66:ec:fc:d0:25:d1: 1b:00:bb:10:d1:a1:67:69:73:c3:0d:a3:a7:c6:37:e8:1f:af: 78:a5:16:fb:fa:16:fc:63:55:a4:c8:ec:26:90:f9:19:ce:5a: 0c:ca:60:2e:1d:d6:0c:8b:a0:5e:32:3a:a7:6c:a0:3a:7b:2d: c4:79:22:b8:a5:32:21:85:91:45:de:7d:a5:8f:75:f1:44:3b: 5d:a6:a6:b0:a7:6a:9c:da:e2:41:9d:8f:9d:fd:84:42:3d:11: d1:98:73:1c:1b:80:5c:fb:41:b3:0a:37:9d:00:6e:7c:90:df: d8:36:b7:17:76:aa:82:3c:4a:52:ff:1b:ef:4a:8a:74:97:92: e5:f4:65:66:46:06:d6:b4:ba:3a:9c:81:4d:df:49:50:6b:02: 8d:9c:30:68:fc:a5:9c:51:32:9d:ec:97:07:8d:df:64:b6:3d: c6:25:30:7f:c5:d2:2a:ec:98:71:fa:89:37:40:3d:64:22:f4: c7:ec:32:c6:72:2b:05:54:3b:6b:cb:95:0a:6b:67:7b:2f:78: 6b:90:39:8e:3e:d7:e4:ee:a1:aa:5d:69:72:eb:14:ab:9e:4a: ba:f2:8e:23:68:53:34:b2:b2:29:1a:a3:4c:e3:c4:b8:a2:e3: 3b:ac:9f:60 -----BEGIN CERTIFICATE----- MIIGIzCCBQugAwIBAgIUJYAJuqrHVcWoWlycVUcnKVRXStQwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjMwMzIzMDAwMDAwWhcNMjMwNDI3MjM1OTU5 WjCBpTFJMEcGA1UEBRNANGU0MzIwZmRhMDQ1N2RjMzMyMzVkMmZjYTJhZWEwZWM0 ZjA3ZjdkYTAxOWE4YWFhZDA3ODAzZTFlMDFlMTI2YzEtMCsGA1UEAxMkNWYyNzYw NDUtNWI5Zi00NWVmLTkyM2QtZjNmY2UyNGE2MjI1MRQwEgYDVQQLEwtBbWF6b24g UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP ADCCAQoCggEBANTiSQdZODgbPLuzM+MUpLByxVzEmT8kzldccoDhHWo3x2IwKh5Z TTcGEVG6OUw6CoQHWiUK91g/8BZR+z4KLTqvoWtlcu/vI3PaLqEwM9kYfq/9o/WB WV1JU+PmabHsMyl7o4o6/k+FGQHyj8nX9t2bgrkBhkb93mFrOibUTMgjsjO4XALO NX0WsdYRvzke+FYZbWuIPTH3akpdUyobLs7Gb2zLIyJQlrPh8CI6Efj+QcXZo1rE 2dBjtI3in+QzHuwGhsHZV93ynqjBvwaqg8ugvdb1w6ODGbRw3XLJ6+lsFDl/TnG6 HrlLB6Q5TxxwQ9eYJuivmO5B6Akfu3/5bqcCAwEAAaOCArAwggKsMB0GA1UdDgQW BBRU1LTpAoEyY1wUnRDHDPCfRjKkljAfBgNVHSMEGDAWgBQlrdNCsB63pY6tGZAm iLVLP4H0uDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMmEy NDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzg1MWNlZjE3LTEzMmEt NDMzNy1iN2QxLWJmMTZhNTJmZmQwMy9kZjZmM2IzYTM0YjYzODZkMWEzMmQ4ZjRm YTMxNzhlZjMxODg3ZDhiNDI4ZGZhYTQ3Ni5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6 b25hd3MuY29tL3ZvbHVtZS9mNzAzNjk2ZS1lNDdiLTRjMjAtYmQ5My02ZjgwOTA0 ZTQyZDIvYzI1ZTE2OGUtYjg1OC00YWYwLWIxYTEtY2YxNjNlNGQyODAyLnJvYTCB iAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4 MDkwNGU0MmQyL3RqaHRHakxZOVBveGVPOHhpSDJMUW8zNnBIWS5jcmwwGAYDVR0g AQH/BA4wDDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMD AA/VMA0GCSqGSIb3DQEBCwUAA4IBAQBJ5h1CqRxCFImyTVNm7PzQJdEbALsQ0aFn aXPDDaOnxjfoH694pRb7+hb8Y1WkyOwmkPkZzloMymAuHdYMi6BeMjqnbKA6ey3E eSK4pTIhhZFF3n2lj3XxRDtdpqawp2qc2uJBnY+d/YRCPRHRmHMcG4Bc+0GzCjed AG58kN/YNrcXdqqCPEpS/xvvSop0l5Ll9GVmRgbWtLo6nIFN30lQawKNnDBo/KWc UTKd7JcHjd9ktj3GJTB/xdIq7Jhx+ok3QD1kIvTH7DLGcisFVDtry5UKa2d7L3hr kDmOPtfk7qGqXWly6xSrnkq68o4jaFM0srIpGqNM48S4ouM7rJ9g -----END CERTIFICATE-----Generated at Thu Mar 23 00:32:36 2023 by rpki-client on console-fra.rpki-client.org