$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/828c35a4-d70a-329b-afc8-43f0c6744f3e.roa File: 828c35a4-d70a-329b-afc8-43f0c6744f3e.roa (raw, json) Hash identifier: m4F0Oxcc9c3ol7e6cmRzKSnmrMN9NuVK4AVjm8C3uR0= Subject key identifier: 98:A4:53:4B:60:08:07:B5:4D:0A:E4:F6:49:B8:6F:A4:5B:10:81:8D Certificate issuer: /CN=3b72c968-d673-4a7a-bfec-4071a7be5317 Certificate serial: 010D0C9F4328584909E6A6AB878E087853EF0200 Authority key identifier: D4:D0:6C:E1:8F:F9:73:1D:53:22:23:6D:36:3F:38:F6:81:03:B5:6F Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317.cer Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/828c35a4-d70a-329b-afc8-43f0c6744f3e.roa Signing time: Sat 01 Mar 2025 02:00:39 +0000 ROA not before: Sat 01 Mar 2025 02:00:39 +0000 ROA not after: Fri 30 May 2025 01:00:39 +0000 asID: 27589 IP address blocks: 64.59.64.0/18 maxlen: 24 66.244.144.0/20 maxlen: 24 74.206.160.0/19 maxlen: 24 99.192.128.0/17 maxlen: 24 104.193.120.0/22 maxlen: 24 162.250.76.0/22 maxlen: 24 184.94.144.0/20 maxlen: 24 199.19.200.0/21 maxlen: 24 199.59.88.0/21 maxlen: 24 199.182.104.0/21 maxlen: 24 199.241.96.0/21 maxlen: 24 208.74.148.0/22 maxlen: 24 208.122.192.0/19 maxlen: 24 2607:f5a8::/32 maxlen: 48 2607:ffb8::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/3b72c968-d673-4a7a-bfec-4071a7be5317.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/3b72c968-d673-4a7a-bfec-4071a7be5317.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 13 Apr 2025 16:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:0d:0c:9f:43:28:58:49:09:e6:a6:ab:87:8e:08:78:53:ef:02:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b72c968-d673-4a7a-bfec-4071a7be5317 Validity Not Before: Mar 1 02:00:39 2025 GMT Not After : May 30 01:00:39 2025 GMT Subject: CN=247db4da-2676-4b58-ae0c-5b33089ca100 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:cc:86:1d:60:2d:5a:a9:66:ff:81:d5:25:a1: 38:ab:81:08:36:b4:31:b6:32:c1:70:2b:a4:b3:94: 25:2b:dd:5f:01:4d:36:b8:25:a3:15:f0:27:9b:34: 9e:63:26:0b:b7:06:9a:5d:a9:cb:91:dc:55:b6:6f: ee:06:ee:01:b7:fc:6e:fe:ec:3b:15:ee:70:09:8e: ca:7d:a3:2f:df:46:9c:be:a5:3d:c8:e4:c6:48:3e: 20:c4:f4:40:72:e8:ee:3e:84:5e:9d:d0:2d:8a:63: d8:a2:be:e4:06:72:0d:c5:4c:72:fb:ea:57:cf:2f: 9e:20:11:08:08:e9:3e:05:4e:2c:2c:38:a8:7e:5f: a3:29:3a:f4:39:30:bc:87:c4:cb:97:d7:4d:a6:b8: 65:7b:6c:19:b5:3b:7b:6a:5f:a9:56:2c:38:e9:fa: 27:a8:30:04:9a:b1:42:49:45:59:de:26:c9:6d:df: a9:50:70:32:aa:7d:cc:bf:e1:fd:b8:2e:cc:19:74: a9:49:c2:d1:27:4d:c1:42:35:85:da:4d:05:40:f4: f9:68:6e:48:8d:96:75:b3:d3:16:1b:4d:11:c5:17: d8:cf:4b:03:65:cd:87:3f:de:09:03:f5:e5:37:b1: 18:84:01:fb:69:b6:b2:d1:08:90:97:30:84:19:b3: 40:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:A4:53:4B:60:08:07:B5:4D:0A:E4:F6:49:B8:6F:A4:5B:10:81:8D Subject Information Access: Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/828c35a4-d70a-329b-afc8-43f0c6744f3e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/3b72c968-d673-4a7a-bfec-4071a7be5317.crl X509v3 Authority Key Identifier: keyid:D4:D0:6C:E1:8F:F9:73:1D:53:22:23:6D:36:3F:38:F6:81:03:B5:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317.cer sbgp-ipAddrBlock: critical IPv4: 64.59.64.0/18 66.244.144.0/20 74.206.160.0/19 99.192.128.0/17 104.193.120.0/22 162.250.76.0/22 184.94.144.0/20 199.19.200.0/21 199.59.88.0/21 199.182.104.0/21 199.241.96.0/21 208.74.148.0/22 208.122.192.0/19 IPv6: 2607:f5a8::/32 2607:ffb8::/32 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.arin.net/resources/rpki/cps.html Signature Algorithm: sha256WithRSAEncryption 7a:50:54:d8:c5:97:f3:29:0d:a5:55:e0:ca:16:06:05:b6:f2: 5f:28:4b:c1:cd:bf:cd:83:1f:34:ac:06:62:74:9b:9f:12:7b: ec:5e:24:52:29:6f:aa:ae:9f:4d:a2:77:c9:2f:3a:36:60:3f: 86:15:da:24:6d:8c:d9:27:ad:4d:05:c5:28:f0:94:c1:5a:30: 71:41:24:f4:36:7d:ba:0f:79:0e:cf:f4:fc:f1:90:b8:ca:3d: 9b:4f:46:c9:08:0b:cf:f9:6d:41:2f:77:af:88:29:45:f1:b1: 19:6c:02:58:f6:b3:33:93:ac:61:89:6e:35:7b:5a:ba:af:22: 20:1d:84:ac:17:09:90:08:8f:2b:b5:25:44:33:66:6c:6f:7e: a0:ed:27:25:cc:ee:82:1c:b6:f0:be:5c:05:99:89:62:71:48: 45:a2:eb:10:4e:61:54:be:fd:5e:53:3d:9f:e8:c6:fa:50:8d: 4d:43:8e:4e:c4:57:c3:63:30:4f:4b:aa:1e:24:90:b7:c8:2a: ad:7f:91:bb:04:14:cc:08:4a:10:7e:aa:06:12:df:ed:2d:01: bf:b0:ec:0d:08:91:8b:ee:e1:4a:67:60:8b:22:85:c8:c7:7b: 67:ec:2d:56:dd:31:fe:ab:82:58:c5:5d:af:fe:d0:b6:fa:e6: 48:b8:42:cb -----BEGIN CERTIFICATE----- MIIGoTCCBYmgAwIBAgIUAQ0Mn0MoWEkJ5qarh44IeFPvAgAwDQYJKoZIhvcNAQEL BQAwLzEtMCsGA1UEAxMkM2I3MmM5NjgtZDY3My00YTdhLWJmZWMtNDA3MWE3YmU1 MzE3MB4XDTI1MDMwMTAyMDAzOVoXDTI1MDUzMDAxMDAzOVowLzEtMCsGA1UEAxMk MjQ3ZGI0ZGEtMjY3Ni00YjU4LWFlMGMtNWIzMzA4OWNhMTAwMIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMyGHWAtWqlm/4HVJaE4q4EINrQxtjLBcCuk s5QlK91fAU02uCWjFfAnmzSeYyYLtwaaXanLkdxVtm/uBu4Bt/xu/uw7Fe5wCY7K faMv30acvqU9yOTGSD4gxPRAcujuPoRendAtimPYor7kBnINxUxy++pXzy+eIBEI COk+BU4sLDiofl+jKTr0OTC8h8TLl9dNprhle2wZtTt7al+pViw46fonqDAEmrFC SUVZ3ibJbd+pUHAyqn3Mv+H9uC7MGXSpScLRJ03BQjWF2k0FQPT5aG5IjZZ1s9MW G00RxRfYz0sDZc2HP94JA/XlN7EYhAH7abay0QiQlzCEGbNABQIDAQABo4IDszCC A68wHQYDVR0OBBYEFJikU0tgCAe1TQrk9km4b6RbEIGNMIHlBggrBgEFBQcBCwSB 2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8zYjcy Yzk2OC1kNjczLTRhN2EtYmZlYy00MDcxYTdiZTUzMTcvODI4YzM1YTQtZDcwYS0z MjliLWFmYzgtNDNmMGM2NzQ0ZjNlLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvM2I3MmM5NjgtZDY3My00YTdhLWJm ZWMtNDA3MWE3YmU1MzE3LzNiNzJjOTY4LWQ2NzMtNGE3YS1iZmVjLTQwNzFhN2Jl NTMxNy5jcmwwHwYDVR0jBBgwFoAU1NBs4Y/5cx1TIiNtNj849oEDtW8wDgYDVR0P AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2 Yy1iYTA1LTg3MTg3ZjAwOTliMi8zYjcyYzk2OC1kNjczLTRhN2EtYmZlYy00MDcx YTdiZTUzMTcuY2VyMH0GCCsGAQUFBwEHAQH/BG4wbDBUBAIAATBOAwQGQDtAAwQE QvSQAwQFSs6gAwQHY8CAAwQCaMF4AwQCovpMAwQEuF6QAwQDxxPIAwQDxztYAwQD x7ZoAwQDx/FgAwQC0EqUAwQF0HrAMBQEAgACMA4DBQAmB/WoAwUAJgf/uDBUBgNV HSABAf8ESjBIMEYGCCsGAQUFBw4CMDowOAYIKwYBBQUHAgEWLGh0dHBzOi8vd3d3 LmFyaW4ubmV0L3Jlc291cmNlcy9ycGtpL2Nwcy5odG1sMA0GCSqGSIb3DQEBCwUA A4IBAQB6UFTYxZfzKQ2lVeDKFgYFtvJfKEvBzb/Ngx80rAZidJufEnvsXiRSKW+q rp9NonfJLzo2YD+GFdokbYzZJ61NBcUo8JTBWjBxQST0Nn26D3kOz/T88ZC4yj2b T0bJCAvP+W1BL3eviClF8bEZbAJY9rMzk6xhiW41e1q6ryIgHYSsFwmQCI8rtSVE M2Zsb36g7SclzO6CHLbwvlwFmYlicUhFousQTmFUvv1eUz2f6Mb6UI1NQ45OxFfD YzBPS6oeJJC3yCqtf5G7BBTMCEoQfqoGEt/tLQG/sOwNCJGL7uFKZ2CLIoXIx3tn 7C1W3TH+q4JYxV2v/tC2+uZIuELL -----END CERTIFICATE-----Generated at Sat Apr 12 13:40:13 2025 by rpki-client