$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2651bd32-be0e-47db-b5f3-aa5e30add0da.roa File: 2651bd32-be0e-47db-b5f3-aa5e30add0da.roa (raw, json) Hash identifier: GPLzi59yx0ff4yxkmTqW4Dg+O6Q0YsOd0UZs+Yk4tdY= Subject key identifier: EA:78:D9:26:88:FC:71:9A:50:90:32:B2:B4:4D:55:FB:BE:A4:91:9F Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 322D26AFC828901D24BB85695819BDC4E7B85B79 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2651bd32-be0e-47db-b5f3-aa5e30add0da.roa Signing time: Fri 04 Apr 2025 00:00:11 +0000 ROA not before: Fri 04 Apr 2025 00:00:11 +0000 ROA not after: Fri 09 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 136.143.0.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 27 Apr 2025 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:2d:26:af:c8:28:90:1d:24:bb:85:69:58:19:bd:c4:e7:b8:5b:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Apr 4 00:00:11 2025 GMT Not After : May 9 23:59:59 2025 GMT Subject: serialNumber=259ef22489217f0974058302e7ba8ec476e155b372eb8fe53823e2d6341320f7, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:fa:d0:ee:86:1d:f7:20:b5:2e:43:2e:94:66: 97:06:4d:5f:b5:24:31:97:56:b4:70:8d:90:37:0c: 79:89:72:b3:f6:a4:38:49:37:4d:0b:58:56:9d:3f: 31:a1:9a:6e:97:3d:e5:e8:1c:dd:ee:8c:ba:5a:63: b0:52:4a:7a:be:0d:a0:ce:eb:b6:bd:b0:d3:e7:36: d7:df:60:0c:19:5a:f1:14:1e:15:a1:b3:78:43:59: 5c:28:11:04:83:2d:6a:5f:6d:9e:fd:d3:cf:4c:d7: b0:73:27:9e:a8:74:dc:d2:5b:54:29:d7:0e:4a:9c: be:b7:d8:c4:a4:db:b7:26:7a:b0:99:7e:f0:96:1c: d0:14:ff:64:05:05:f1:7f:82:d2:38:20:80:c5:73: 5c:47:68:22:b5:db:f4:04:82:d1:02:8b:9f:34:7a: 12:fd:be:0f:85:7a:b5:39:3a:d1:59:cd:d8:9a:63: 5e:95:bf:09:8f:59:00:38:74:45:2a:03:a2:27:eb: bf:82:e2:7f:85:68:30:28:7b:6a:a3:21:85:4c:8f: bd:d6:b3:66:57:1b:b0:41:5a:55:8c:ff:b5:03:5f: 62:c5:e3:2d:fa:9e:1d:1a:ef:5b:69:66:fc:17:aa: 55:b5:30:28:0f:4c:59:e8:7f:ee:db:ff:3e:22:2f: a7:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:78:D9:26:88:FC:71:9A:50:90:32:B2:B4:4D:55:FB:BE:A4:91:9F X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2651bd32-be0e-47db-b5f3-aa5e30add0da.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 136.143.0.0/17 Signature Algorithm: sha256WithRSAEncryption 42:5b:0e:99:c6:47:7e:f6:09:07:25:6f:cc:f9:b3:8e:c2:22: 8e:d4:27:7a:c5:70:f0:16:a9:c2:79:44:6b:e2:ed:b0:7e:ce: ad:90:70:d8:0a:5e:6d:82:eb:ff:04:a2:6b:69:d0:0a:e2:e5: eb:c2:c7:48:ff:c9:53:2d:f9:a9:d0:a9:61:22:b2:f3:47:02: 20:c0:be:e0:78:be:c7:9d:15:39:9c:dd:96:b8:da:c1:0d:12: b7:90:70:3c:a6:54:ba:04:e5:70:69:e0:1a:e4:f3:2b:1c:6a: 3d:b7:33:00:fc:31:38:b4:03:51:5e:c5:2b:d5:ce:4d:e3:aa: 1e:2c:52:e5:3d:59:b8:56:17:e7:60:89:43:b8:ed:ee:5e:c3: 06:5d:dd:25:59:b2:ad:2e:92:65:9e:10:10:2e:6e:90:15:d3: 3c:7e:53:d4:c8:52:de:58:65:d4:c0:7e:5d:0c:54:61:28:3d: 3c:e5:87:bd:16:80:f6:1b:08:86:67:73:87:0b:9e:13:c4:b1: 3d:88:70:74:fb:fa:f9:3c:75:5d:c9:f5:83:68:ae:8f:6d:4f: ca:94:7b:f4:d5:97:d5:96:a8:bd:6e:05:7c:5a:1e:76:1b:96: a4:19:39:68:91:fb:5e:d0:b1:e0:79:db:e7:8a:f6:c9:bf:87: 65:61:a9:cd -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUMi0mr8gokB0ku4VpWBm9xOe4W3kwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDA0MDAwMDExWhcNMjUwNTA5MjM1OTU5 WjB6MUkwRwYDVQQFE0AyNTllZjIyNDg5MjE3ZjA5NzQwNTgzMDJlN2JhOGVjNDc2 ZTE1NWIzNzJlYjhmZTUzODIzZTJkNjM0MTMyMGY3MS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDY+tDuhh33ILUuQy6UZpcGTV+1JDGXVrRwjZA3DHmJcrP2 pDhJN00LWFadPzGhmm6XPeXoHN3ujLpaY7BSSnq+DaDO67a9sNPnNtffYAwZWvEU HhWhs3hDWVwoEQSDLWpfbZ79089M17BzJ56odNzSW1Qp1w5KnL632MSk27cmerCZ fvCWHNAU/2QFBfF/gtI4IIDFc1xHaCK12/QEgtECi580ehL9vg+FerU5OtFZzdia Y16VvwmPWQA4dEUqA6In67+C4n+FaDAoe2qjIYVMj73Ws2ZXG7BBWlWM/7UDX2LF 4y36nh0a71tpZvwXqlW1MCgPTFnof+7b/z4iL6dzAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQU6njZJoj8cZpQkDKytE1V+76kkZ8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzI2NTFiZDMyLWJlMGUtNDdkYi1iNWYzLWFhNWUzMGFkZDBkYS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAeIjwAwDQYJKoZIhvcNAQELBQADggEBAEJbDpnGR372CQclb8z5s47CIo7U J3rFcPAWqcJ5RGvi7bB+zq2QcNgKXm2C6/8Eomtp0Ari5evCx0j/yVMt+anQqWEi svNHAiDAvuB4vsedFTmc3Za42sENEreQcDymVLoE5XBp4Brk8yscaj23MwD8MTi0 A1FexSvVzk3jqh4sUuU9WbhWF+dgiUO47e5ewwZd3SVZsq0ukmWeEBAubpAV0zx+ U9TIUt5YZdTAfl0MVGEoPTzlh70WgPYbCIZnc4cLnhPEsT2IcHT7+vk8dV3J9YNo ro9tT8qUe/TVl9WWqL1uBXxaHnYblqQZOWiR+17QseB52+eK9sm/h2Vhqc0= -----END CERTIFICATE-----Generated at Sat Apr 26 14:50:54 2025 by rpki-client