$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/df8b7abc-0a4f-3be9-b3e3-c5086883b738.roa File: df8b7abc-0a4f-3be9-b3e3-c5086883b738.roa (raw, json) Hash identifier: GQP+712xtXMkQBCKJVD+9ky+oXAWM9lfYlFVpQ9NDWs= Subject key identifier: 59:AA:FF:BB:0C:36:1B:4D:F1:8A:54:AA:E1:34:74:23:DF:74:A5:F9 Certificate issuer: /CN=68b287f4-51cf-421c-923b-f0e384de5eea Certificate serial: 010D0C9F432858488AE0AA838BB443453A42C500 Authority key identifier: 35:7E:4F:98:41:25:A3:72:03:F5:E2:BA:41:43:AE:4A:FA:E0:BC:1D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea.cer Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/df8b7abc-0a4f-3be9-b3e3-c5086883b738.roa Signing time: Tue 14 Jan 2025 14:00:51 +0000 ROA not before: Tue 14 Jan 2025 14:00:51 +0000 ROA not after: Mon 14 Apr 2025 13:00:51 +0000 asID: 8069 IP address blocks: 20.33.150.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/68b287f4-51cf-421c-923b-f0e384de5eea.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/68b287f4-51cf-421c-923b-f0e384de5eea.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Mon 17 Feb 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:0d:0c:9f:43:28:58:48:8a:e0:aa:83:8b:b4:43:45:3a:42:c5:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68b287f4-51cf-421c-923b-f0e384de5eea Validity Not Before: Jan 14 14:00:51 2025 GMT Not After : Apr 14 13:00:51 2025 GMT Subject: CN=1a516c39-9798-441a-8c23-685793063f17 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:e5:34:3c:bf:bb:49:2e:e3:64:7c:d8:30:c5: 54:37:ed:46:93:2a:41:b6:19:2e:fb:72:e3:14:9c: e6:c3:7a:d7:87:68:88:21:42:07:d4:94:da:1c:47: 30:68:8e:c9:e4:1d:2b:75:59:65:c7:4d:8c:62:a4: 98:60:f8:80:31:0c:ea:24:7d:9c:be:c4:c2:96:a2: 29:db:d3:8f:9e:96:fe:3a:dd:ce:f6:9e:be:07:bc: ef:4b:a6:79:19:0d:6f:51:bb:6d:60:bc:5e:3a:2f: b1:47:6b:7b:06:24:78:f1:28:40:3a:70:29:24:c5: 43:0a:ce:3a:bf:78:6b:ca:c6:a5:5c:e8:9d:05:e3: be:6e:61:3d:7d:f2:f0:d7:fd:5e:20:a7:d2:d8:ca: 94:ce:69:20:d2:50:b6:46:c9:4c:9f:ca:af:cb:74: a4:21:b3:17:bb:31:98:c9:9d:bc:e5:a3:83:3c:e5: aa:36:e0:7e:c0:1d:1d:07:7c:33:a3:e8:3b:fa:7c: 71:64:4d:25:26:a0:b6:4d:6b:78:e1:f6:a4:7a:aa: 52:20:76:bb:68:5c:f9:1a:62:8e:93:91:ee:ae:63: ad:dc:64:69:c9:24:97:40:78:ed:82:1b:42:4d:49: 29:8d:0b:fb:c5:c2:0c:80:5e:e8:27:9b:5d:a3:56: 80:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:AA:FF:BB:0C:36:1B:4D:F1:8A:54:AA:E1:34:74:23:DF:74:A5:F9 Subject Information Access: Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/df8b7abc-0a4f-3be9-b3e3-c5086883b738.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/68b287f4-51cf-421c-923b-f0e384de5eea.crl X509v3 Authority Key Identifier: keyid:35:7E:4F:98:41:25:A3:72:03:F5:E2:BA:41:43:AE:4A:FA:E0:BC:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea.cer sbgp-ipAddrBlock: critical IPv4: 20.33.150.0/24 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.arin.net/resources/rpki/cps.html Signature Algorithm: sha256WithRSAEncryption 53:9a:87:2a:fa:ed:48:d9:9b:31:ad:8e:48:38:ed:7d:e2:7c: 74:94:25:28:5d:18:d1:aa:89:46:3c:18:aa:5d:04:8e:37:da: 5d:b9:8c:56:86:47:5e:3c:b5:f8:2a:3d:a2:de:41:4e:4a:1d: 85:80:23:33:f8:36:4a:c4:6e:f6:58:3c:cd:94:dd:30:d0:41: f5:ba:c6:f8:93:c7:4f:86:6f:4f:5d:67:7e:99:f0:fb:2a:39: f7:ad:03:22:52:a0:9b:c5:c2:90:b1:f1:62:08:91:20:ca:fd: c5:97:cb:12:64:2c:1c:6b:37:8b:d4:18:14:d2:05:a9:7d:b5: 77:64:30:43:8e:02:6c:6b:50:93:85:56:69:a7:d7:79:2d:07: dd:a9:b9:0f:87:cc:22:f2:65:a6:5e:bf:b7:dd:c6:21:1c:c3: 23:63:74:22:2a:ab:2a:57:2f:4c:49:96:63:97:7f:84:8a:c8: 9e:43:5d:0e:6e:6a:6e:3d:d1:62:5d:ad:63:50:59:e2:2e:00: 96:4a:29:3a:9e:e9:71:81:2f:30:bf:65:0f:6a:16:d5:d7:e0: 37:ef:d5:b7:07:93:1a:5b:30:11:78:d4:27:69:a0:24:bd:1b: 7e:fd:b0:64:a3:d1:fa:b8:78:5c:b4:dd:f6:6a:f9:1b:bc:06: f5:ae:a3:7e -----BEGIN CERTIFICATE----- MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEiK4KqDi7RDRTpCxQAwDQYJKoZIhvcNAQEL BQAwLzEtMCsGA1UEAxMkNjhiMjg3ZjQtNTFjZi00MjFjLTkyM2ItZjBlMzg0ZGU1 ZWVhMB4XDTI1MDExNDE0MDA1MVoXDTI1MDQxNDEzMDA1MVowLzEtMCsGA1UEAxMk MWE1MTZjMzktOTc5OC00NDFhLThjMjMtNjg1NzkzMDYzZjE3MIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuU0PL+7SS7jZHzYMMVUN+1GkypBthku+3Lj FJzmw3rXh2iIIUIH1JTaHEcwaI7J5B0rdVllx02MYqSYYPiAMQzqJH2cvsTClqIp 29OPnpb+Ot3O9p6+B7zvS6Z5GQ1vUbttYLxeOi+xR2t7BiR48ShAOnApJMVDCs46 v3hrysalXOidBeO+bmE9ffLw1/1eIKfS2MqUzmkg0lC2RslMn8qvy3SkIbMXuzGY yZ285aODPOWqNuB+wB0dB3wzo+g7+nxxZE0lJqC2TWt44fakeqpSIHa7aFz5GmKO k5HurmOt3GRpySSXQHjtghtCTUkpjQv7xcIMgF7oJ5tdo1aA+QIDAQABo4IDVTCC A1EwHQYDVR0OBBYEFFmq/7sMNhtN8YpUquE0dCPfdKX5MIHlBggrBgEFBQcBCwSB 2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS82OGIy ODdmNC01MWNmLTQyMWMtOTIzYi1mMGUzODRkZTVlZWEvZGY4YjdhYmMtMGE0Zi0z YmU5LWIzZTMtYzUwODY4ODNiNzM4LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvNjhiMjg3ZjQtNTFjZi00MjFjLTky M2ItZjBlMzg0ZGU1ZWVhLzY4YjI4N2Y0LTUxY2YtNDIxYy05MjNiLWYwZTM4NGRl NWVlYS5jcmwwHwYDVR0jBBgwFoAUNX5PmEElo3ID9eK6QUOuSvrgvB0wDgYDVR0P AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz OS1hMmYzLTYyOTlhM2IwMmUyOS82OGIyODdmNC01MWNmLTQyMWMtOTIzYi1mMGUz ODRkZTVlZWEuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAFCGWMFQG A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93 d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL BQADggEBAFOahyr67UjZmzGtjkg47X3ifHSUJShdGNGqiUY8GKpdBI432l25jFaG R148tfgqPaLeQU5KHYWAIzP4NkrEbvZYPM2U3TDQQfW6xviTx0+Gb09dZ36Z8Psq OfetAyJSoJvFwpCx8WIIkSDK/cWXyxJkLBxrN4vUGBTSBal9tXdkMEOOAmxrUJOF Vmmn13ktB92puQ+HzCLyZaZev7fdxiEcwyNjdCIqqypXL0xJlmOXf4SKyJ5DXQ5u am490WJdrWNQWeIuAJZKKTqe6XGBLzC/ZQ9qFtXX4Dfv1bcHkxpbMBF41CdpoCS9 G379sGSj0fq4eFy03fZq+Ru8BvWuo34= -----END CERTIFICATE-----Generated at Sun Feb 16 15:37:00 2025 by rpki-client