$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0289d084-7f33-4bbc-baa0-e777f631c75e.roa File: 0289d084-7f33-4bbc-baa0-e777f631c75e.roa (raw, json) Hash identifier: 040M2VO+QJi953fjLv5m6QAm2Zni6N1XdZYXL7dXakg= Subject key identifier: C9:89:7C:28:A2:B7:EC:5B:DE:2A:A9:E1:22:89:7C:C8:29:1B:B9:EC Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 331891ED4E1FE897F151486AC2983942DB61DB8B Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0289d084-7f33-4bbc-baa0-e777f631c75e.roa Signing time: Tue 15 Apr 2025 00:20:10 +0000 ROA not before: Tue 15 Apr 2025 00:20:10 +0000 ROA not after: Tue 20 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 56.9.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 27 Apr 2025 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:18:91:ed:4e:1f:e8:97:f1:51:48:6a:c2:98:39:42:db:61:db:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Apr 15 00:20:10 2025 GMT Not After : May 20 23:59:59 2025 GMT Subject: serialNumber=e6135271fd168c157094768296bb2bc6beae536fa2db8abc3192c4c2da1ed0b9, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:06:57:a5:d8:77:9b:e7:25:08:69:b4:52:dd: 57:0a:01:88:85:d6:65:83:de:ed:c7:1b:cb:79:63: 89:4a:c3:3a:23:c4:a3:5b:8b:74:ef:17:55:63:b0: 57:d3:c1:41:30:90:db:cf:52:d2:bf:85:3c:64:db: ec:80:a1:c7:3d:e2:9f:a7:7e:e7:df:db:e7:ae:43: d2:d6:88:79:f5:be:fe:4a:ec:08:a3:80:cc:77:a9: f2:6c:52:0c:6d:bf:4f:90:fa:ff:e1:e7:66:35:29: 94:71:7c:92:fd:74:48:a0:85:f0:b9:b2:f1:64:02: 58:65:14:01:42:63:1d:73:9f:a0:1f:5e:8a:21:12: b2:b8:cf:46:7a:75:fb:ab:a0:a1:04:54:e5:13:3d: 1e:8c:06:90:28:03:c8:c1:a7:99:88:08:6e:42:6c: 24:f0:ae:9c:be:4f:e3:c7:cd:a2:2d:3c:18:2d:f8: cc:35:00:d4:9f:a8:75:6d:1c:47:7c:06:fe:3a:96: 82:44:66:0e:87:8b:1c:53:fc:32:74:d8:a4:30:78: 10:5e:06:4f:89:7d:0c:89:c2:1e:69:e8:7a:5e:a2: c9:12:b2:92:47:5e:05:50:e5:5e:29:72:10:4a:3e: 72:57:fa:8b:94:49:7e:4b:ff:3c:fe:d3:d4:c1:41: f6:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:89:7C:28:A2:B7:EC:5B:DE:2A:A9:E1:22:89:7C:C8:29:1B:B9:EC X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0289d084-7f33-4bbc-baa0-e777f631c75e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 56.9.0.0/16 Signature Algorithm: sha256WithRSAEncryption 84:0f:85:45:a6:18:ae:f3:d4:43:22:28:ec:24:e2:84:5d:b3: 74:fd:10:cc:90:72:85:f0:c5:8f:72:4a:4f:dc:83:83:9e:05: 7a:0e:e2:d5:95:f5:bd:6d:d1:1d:75:bd:15:73:fa:ce:0d:5a: b0:7b:ab:39:b0:47:ed:43:d7:8e:37:fe:55:06:bc:dc:3e:6f: 88:93:87:be:ea:69:01:d8:ae:a8:fb:1f:aa:b4:ff:ef:88:63: 35:7a:69:de:1c:c8:36:01:de:9e:89:77:b5:ad:b9:85:41:7f: 97:24:57:34:3c:96:33:a3:0b:ac:a4:a2:12:dc:e5:4c:0c:45: 41:06:fe:16:ac:17:9e:1f:a4:dd:e5:06:a2:bd:7d:26:be:fe: 4c:ef:bb:ab:0e:16:d9:65:24:a8:75:62:c0:8e:af:64:74:e9: 35:67:78:b6:56:47:21:39:69:cb:5c:6f:e1:80:67:9d:31:01: 52:54:99:67:81:99:87:23:f9:d1:fe:fd:bc:0e:47:7d:b8:d4: af:4e:5a:35:fb:58:48:ae:29:48:cf:7f:47:e7:70:32:5c:2a: e3:0d:22:21:c4:82:38:f5:01:b6:ca:f0:88:57:35:54:3f:50: a4:b9:28:46:58:f5:91:0b:aa:c3:1b:bc:39:9f:b9:44:f9:4f: 81:09:a5:c3 -----BEGIN CERTIFICATE----- MIIF9zCCBN+gAwIBAgIUMxiR7U4f6JfxUUhqwpg5Qtth24swDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDE1MDAyMDEwWhcNMjUwNTIwMjM1OTU5 WjB6MUkwRwYDVQQFE0BlNjEzNTI3MWZkMTY4YzE1NzA5NDc2ODI5NmJiMmJjNmJl YWU1MzZmYTJkYjhhYmMzMTkyYzRjMmRhMWVkMGI5MS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCcBlel2Heb5yUIabRS3VcKAYiF1mWD3u3HG8t5Y4lKwzoj xKNbi3TvF1VjsFfTwUEwkNvPUtK/hTxk2+yAocc94p+nfuff2+euQ9LWiHn1vv5K 7AijgMx3qfJsUgxtv0+Q+v/h52Y1KZRxfJL9dEighfC5svFkAlhlFAFCYx1zn6Af XoohErK4z0Z6dfuroKEEVOUTPR6MBpAoA8jBp5mICG5CbCTwrpy+T+PHzaItPBgt +Mw1ANSfqHVtHEd8Bv46loJEZg6HixxT/DJ02KQweBBeBk+JfQyJwh5p6HpeoskS spJHXgVQ5V4pchBKPnJX+ouUSX5L/zz+09TBQfbrAgMBAAGjggKwMIICrDAdBgNV HQ4EFgQUyYl8KKK37FveKqnhIol8yCkbuewwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzAyODlkMDg0LTdmMzMtNGJiYy1iYWEwLWU3NzdmNjMxYzc1ZS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB MAUDAwA4CTANBgkqhkiG9w0BAQsFAAOCAQEAhA+FRaYYrvPUQyIo7CTihF2zdP0Q zJByhfDFj3JKT9yDg54Feg7i1ZX1vW3RHXW9FXP6zg1asHurObBH7UPXjjf+VQa8 3D5viJOHvuppAdiuqPsfqrT/74hjNXpp3hzINgHenol3ta25hUF/lyRXNDyWM6ML rKSiEtzlTAxFQQb+FqwXnh+k3eUGor19Jr7+TO+7qw4W2WUkqHViwI6vZHTpNWd4 tlZHITlpy1xv4YBnnTEBUlSZZ4GZhyP50f79vA5HfbjUr05aNftYSK4pSM9/R+dw Mlwq4w0iIcSCOPUBtsrwiFc1VD9QpLkoRlj1kQuqwxu8OZ+5RPlPgQmlww== -----END CERTIFICATE-----Generated at Sat Apr 26 16:40:30 2025 by rpki-client