$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/828c35a4-d70a-329b-afc8-43f0c6744f3e.roa File: 828c35a4-d70a-329b-afc8-43f0c6744f3e.roa (raw, json) Hash identifier: lQWH6wjQyT3miHEDB/PifXOLzSWd6DzD9q2lPK6in7s= Subject key identifier: 3E:EB:45:F3:53:19:22:CC:1C:82:76:59:59:26:3C:42:4F:06:1E:B7 Certificate issuer: /CN=3b72c968-d673-4a7a-bfec-4071a7be5317 Certificate serial: 010D0C9F43285849E91FA905B660DD881439BC00 Authority key identifier: D4:D0:6C:E1:8F:F9:73:1D:53:22:23:6D:36:3F:38:F6:81:03:B5:6F Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317.cer Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/828c35a4-d70a-329b-afc8-43f0c6744f3e.roa Signing time: Tue 20 May 2025 01:00:49 +0000 ROA not before: Tue 20 May 2025 01:00:49 +0000 ROA not after: Mon 18 Aug 2025 01:00:49 +0000 asID: 27589 IP address blocks: 64.59.64.0/18 maxlen: 24 66.244.144.0/20 maxlen: 24 74.206.160.0/19 maxlen: 24 99.192.128.0/17 maxlen: 24 104.193.120.0/22 maxlen: 24 162.250.76.0/22 maxlen: 24 184.94.144.0/20 maxlen: 24 199.19.200.0/21 maxlen: 24 199.59.88.0/21 maxlen: 24 199.182.104.0/21 maxlen: 24 199.241.96.0/21 maxlen: 24 208.74.148.0/22 maxlen: 24 208.122.192.0/19 maxlen: 24 2607:f5a8::/32 maxlen: 48 2607:ffb8::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/3b72c968-d673-4a7a-bfec-4071a7be5317.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/3b72c968-d673-4a7a-bfec-4071a7be5317.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 12 Jun 2025 16:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:0d:0c:9f:43:28:58:49:e9:1f:a9:05:b6:60:dd:88:14:39:bc:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b72c968-d673-4a7a-bfec-4071a7be5317 Validity Not Before: May 20 01:00:49 2025 GMT Not After : Aug 18 01:00:49 2025 GMT Subject: CN=9e1793e4-a725-4b6e-8cf3-d6dbad1952f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:0e:ed:ce:de:4c:39:9f:62:56:24:c0:6b:8e: df:1f:36:22:92:1e:b0:d9:68:56:8d:da:20:4d:ea: 1e:3d:1c:fb:ef:12:ac:d7:36:d1:e3:1b:cf:da:92: a3:e4:27:56:61:3c:f8:b5:e5:d8:5f:70:54:7a:45: bd:d2:d9:f1:06:d2:6a:d3:94:cb:80:9f:41:1f:20: d3:dd:8a:8e:d9:80:aa:27:08:27:05:22:d4:e9:41: 24:db:77:f0:c0:c8:fd:7e:1c:45:4c:73:80:65:10: 85:32:b3:99:64:91:84:09:d0:85:7a:cc:e0:75:c1: 4b:ac:f3:30:61:dc:91:99:2a:97:01:ab:2d:dd:53: c8:c9:ea:26:db:f8:69:dc:e5:f3:3d:61:fb:19:57: 6c:c7:45:9d:24:a3:3d:d9:71:63:a3:4d:f7:9a:85: 64:ae:48:40:dc:6a:f3:10:cd:40:43:5d:c3:1c:72: 6e:69:d8:d3:d8:f7:8f:55:52:8f:1b:26:09:57:23: 21:06:5c:15:18:23:56:2d:54:3b:05:b5:26:2e:43: d9:de:b2:0c:fa:9f:a2:0e:43:30:26:84:e9:38:67: 52:56:dd:6e:28:e3:5c:ed:7b:41:cb:ef:db:79:93: 0a:11:b0:fe:5f:f0:03:02:fc:8d:bc:9d:81:4e:4e: f0:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:EB:45:F3:53:19:22:CC:1C:82:76:59:59:26:3C:42:4F:06:1E:B7 Subject Information Access: Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/828c35a4-d70a-329b-afc8-43f0c6744f3e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/3b72c968-d673-4a7a-bfec-4071a7be5317.crl X509v3 Authority Key Identifier: keyid:D4:D0:6C:E1:8F:F9:73:1D:53:22:23:6D:36:3F:38:F6:81:03:B5:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317.cer sbgp-ipAddrBlock: critical IPv4: 64.59.64.0/18 66.244.144.0/20 74.206.160.0/19 99.192.128.0/17 104.193.120.0/22 162.250.76.0/22 184.94.144.0/20 199.19.200.0/21 199.59.88.0/21 199.182.104.0/21 199.241.96.0/21 208.74.148.0/22 208.122.192.0/19 IPv6: 2607:f5a8::/32 2607:ffb8::/32 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.arin.net/resources/rpki/cps.html Signature Algorithm: sha256WithRSAEncryption 16:d8:a0:61:a4:fd:e9:16:16:be:99:d4:8d:f4:b2:fb:d4:7f: fd:28:65:34:a0:fa:76:7b:5a:1c:73:44:69:d1:80:bb:22:a0: 27:90:e3:a3:b8:a5:dd:26:81:e1:14:b7:d3:a3:39:c2:db:e1: c2:89:a8:3a:93:db:77:a8:2f:b0:2b:5a:2a:1f:f2:45:6f:6b: a5:7e:43:fa:e2:7b:ab:44:99:96:d8:ea:75:c2:37:0f:15:e7: df:0a:49:43:bd:03:7c:63:47:09:a2:ce:3e:70:ce:e2:c8:20: 91:d9:1d:7f:63:67:14:2e:b2:a7:02:46:28:d5:16:f4:91:0a: 2a:1f:b2:39:bf:9a:ad:24:64:0b:e0:e7:25:ce:a6:0c:42:23: ac:25:e8:c9:fc:ca:20:31:2f:8a:d5:8d:2c:85:4a:8d:f8:ac: 67:3e:c4:ef:01:1b:5c:47:95:83:c8:68:53:b8:25:85:d7:67: 42:a0:0d:a3:20:2f:32:b4:6b:83:cd:b2:fd:b8:ce:ff:5f:5b: 8a:70:bc:f7:25:a0:19:f9:0a:cd:ef:ab:0e:7d:5c:af:89:5e: fc:34:ce:c8:96:3d:b2:81:ca:88:d8:59:44:41:04:d4:61:46: 58:50:d1:4b:ff:a7:2a:34:40:73:06:b8:ad:82:e7:53:e0:e4: ca:0c:e8:b4 -----BEGIN CERTIFICATE----- MIIGoTCCBYmgAwIBAgIUAQ0Mn0MoWEnpH6kFtmDdiBQ5vAAwDQYJKoZIhvcNAQEL BQAwLzEtMCsGA1UEAxMkM2I3MmM5NjgtZDY3My00YTdhLWJmZWMtNDA3MWE3YmU1 MzE3MB4XDTI1MDUyMDAxMDA0OVoXDTI1MDgxODAxMDA0OVowLzEtMCsGA1UEAxMk OWUxNzkzZTQtYTcyNS00YjZlLThjZjMtZDZkYmFkMTk1MmY3MIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQ7tzt5MOZ9iViTAa47fHzYikh6w2WhWjdog TeoePRz77xKs1zbR4xvP2pKj5CdWYTz4teXYX3BUekW90tnxBtJq05TLgJ9BHyDT 3YqO2YCqJwgnBSLU6UEk23fwwMj9fhxFTHOAZRCFMrOZZJGECdCFeszgdcFLrPMw YdyRmSqXAast3VPIyeom2/hp3OXzPWH7GVdsx0WdJKM92XFjo033moVkrkhA3Grz EM1AQ13DHHJuadjT2PePVVKPGyYJVyMhBlwVGCNWLVQ7BbUmLkPZ3rIM+p+iDkMw JoTpOGdSVt1uKONc7XtBy+/beZMKEbD+X/ADAvyNvJ2BTk7wEQIDAQABo4IDszCC A68wHQYDVR0OBBYEFD7rRfNTGSLMHIJ2WVkmPEJPBh63MIHlBggrBgEFBQcBCwSB 2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8zYjcy Yzk2OC1kNjczLTRhN2EtYmZlYy00MDcxYTdiZTUzMTcvODI4YzM1YTQtZDcwYS0z MjliLWFmYzgtNDNmMGM2NzQ0ZjNlLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvM2I3MmM5NjgtZDY3My00YTdhLWJm ZWMtNDA3MWE3YmU1MzE3LzNiNzJjOTY4LWQ2NzMtNGE3YS1iZmVjLTQwNzFhN2Jl NTMxNy5jcmwwHwYDVR0jBBgwFoAU1NBs4Y/5cx1TIiNtNj849oEDtW8wDgYDVR0P AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2 Yy1iYTA1LTg3MTg3ZjAwOTliMi8zYjcyYzk2OC1kNjczLTRhN2EtYmZlYy00MDcx YTdiZTUzMTcuY2VyMH0GCCsGAQUFBwEHAQH/BG4wbDBUBAIAATBOAwQGQDtAAwQE QvSQAwQFSs6gAwQHY8CAAwQCaMF4AwQCovpMAwQEuF6QAwQDxxPIAwQDxztYAwQD x7ZoAwQDx/FgAwQC0EqUAwQF0HrAMBQEAgACMA4DBQAmB/WoAwUAJgf/uDBUBgNV HSABAf8ESjBIMEYGCCsGAQUFBw4CMDowOAYIKwYBBQUHAgEWLGh0dHBzOi8vd3d3 LmFyaW4ubmV0L3Jlc291cmNlcy9ycGtpL2Nwcy5odG1sMA0GCSqGSIb3DQEBCwUA A4IBAQAW2KBhpP3pFha+mdSN9LL71H/9KGU0oPp2e1occ0Rp0YC7IqAnkOOjuKXd JoHhFLfToznC2+HCiag6k9t3qC+wK1oqH/JFb2ulfkP64nurRJmW2Op1wjcPFeff CklDvQN8Y0cJos4+cM7iyCCR2R1/Y2cULrKnAkYo1Rb0kQoqH7I5v5qtJGQL4Ocl zqYMQiOsJejJ/MogMS+K1Y0shUqN+KxnPsTvARtcR5WDyGhTuCWF12dCoA2jIC8y tGuDzbL9uM7/X1uKcLz3JaAZ+QrN76sOfVyviV78NM7Ilj2ygcqI2FlEQQTUYUZY UNFL/6cqNEBzBritgudT4OTKDOi0 -----END CERTIFICATE-----Generated at Wed Jun 11 04:29:08 2025 by rpki-client