$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2fa354da-deef-4ef4-8608-88cced029ec6.roa File: 2fa354da-deef-4ef4-8608-88cced029ec6.roa (raw, json) Hash identifier: zLZB1gK5qM3s11HEXRdgLbPUT5rI28XngMEa4IPmQI4= Subject key identifier: A1:AC:0E:6D:AE:11:F0:14:54:D4:BB:A0:B5:4D:53:36:02:DA:B2:47 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 67620103D383A0B41B51DC4B48A631A6D23826A1 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2fa354da-deef-4ef4-8608-88cced029ec6.roa Signing time: Wed 16 Apr 2025 00:10:56 +0000 ROA not before: Wed 16 Apr 2025 00:10:56 +0000 ROA not after: Wed 21 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 66.245.0.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 27 Apr 2025 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:62:01:03:d3:83:a0:b4:1b:51:dc:4b:48:a6:31:a6:d2:38:26:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Apr 16 00:10:56 2025 GMT Not After : May 21 23:59:59 2025 GMT Subject: serialNumber=072f02d5122d1e2518874cbfa1962d1d6df920f8575d28d91829b8b0fc99b5d4, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:94:b9:87:21:51:81:ad:9a:c6:07:c5:ea:5e: 96:20:20:f2:a7:34:69:d2:ad:46:33:7f:8b:7f:cb: d7:8a:23:47:49:88:66:df:30:4b:84:34:68:b3:5d: c2:ef:33:e9:09:99:a5:50:f2:5a:55:9f:50:fa:56: 83:f6:02:95:50:d1:68:74:a5:68:06:6a:87:35:0c: 38:ab:7e:5d:3f:33:68:9e:23:4b:43:9e:96:6b:ca: 4f:a3:02:cd:00:08:ee:8a:4d:f3:d6:97:1b:08:b1: 52:42:69:fd:ff:9d:f6:ed:eb:ce:89:b2:94:b3:1b: 19:ca:d1:18:5e:a6:1e:12:1c:fb:f4:1c:cf:8d:8c: b9:22:e2:65:c0:be:c3:60:da:b7:4a:b2:8d:7c:42: 15:fd:85:4f:a5:d0:22:0a:2f:2a:8b:73:69:22:c8: 31:84:50:46:af:93:14:56:61:4b:8c:fe:71:93:c9: 67:ed:d4:fb:e0:9c:30:f4:0c:92:f9:81:b9:4f:da: a9:5b:27:fe:f7:43:73:82:42:74:69:19:2c:c6:86: 32:f4:69:6d:3b:ce:13:b8:ca:15:2a:70:a3:54:70: dc:b8:79:72:a2:a7:c9:8b:f0:20:c8:5d:78:cb:57: 85:d9:65:8c:67:42:2b:fb:e6:16:b5:a8:ff:53:ae: 61:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:AC:0E:6D:AE:11:F0:14:54:D4:BB:A0:B5:4D:53:36:02:DA:B2:47 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2fa354da-deef-4ef4-8608-88cced029ec6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 66.245.0.0/17 Signature Algorithm: sha256WithRSAEncryption 0f:ca:36:4c:57:bd:b0:3e:66:43:fa:f3:d9:22:a0:3a:cd:82: 62:1d:bd:f3:47:78:ee:ae:e2:b4:82:ce:aa:db:b5:a7:c7:fc: 65:09:d7:39:88:85:d2:21:4a:63:a3:f2:96:21:32:28:d5:7f: cb:8a:78:75:b7:50:b5:72:55:87:1c:1b:11:5b:b2:09:9e:6d: eb:df:0b:fd:f8:fe:e1:dd:ce:bb:e1:d9:01:57:80:23:1e:1e: 2b:9e:0d:2a:23:d1:2d:72:88:2b:ec:e6:09:1b:85:44:1f:b4: 32:9a:2d:15:6c:f4:72:50:89:15:6d:a7:9d:3f:a0:67:62:52: 54:f9:d1:76:1b:4b:a1:0d:4d:b3:bf:f8:bf:e2:b3:f4:4c:8a: dc:47:5c:31:3b:8f:0c:fe:a3:6f:88:d8:26:b6:99:da:c8:85: b3:40:6d:83:55:ae:dd:7d:2b:41:9d:ed:21:a6:db:0e:ae:30: 45:b7:51:fb:6a:96:bc:96:89:d9:39:25:f7:30:75:a8:c9:4e: f4:9b:a7:4f:9a:98:55:a6:5d:3b:48:a6:b9:c9:9d:74:ef:52: bc:10:79:09:f1:bd:d0:3b:86:14:79:17:f3:d3:9a:c6:22:d5: d6:dc:0d:62:d0:15:ec:79:6e:bb:7b:bb:f2:6c:1c:1d:29:d2: 47:0d:fc:1b -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUZ2IBA9ODoLQbUdxLSKYxptI4JqEwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDE2MDAxMDU2WhcNMjUwNTIxMjM1OTU5 WjB6MUkwRwYDVQQFE0AwNzJmMDJkNTEyMmQxZTI1MTg4NzRjYmZhMTk2MmQxZDZk ZjkyMGY4NTc1ZDI4ZDkxODI5YjhiMGZjOTliNWQ0MS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCjlLmHIVGBrZrGB8XqXpYgIPKnNGnSrUYzf4t/y9eKI0dJ iGbfMEuENGizXcLvM+kJmaVQ8lpVn1D6VoP2ApVQ0Wh0pWgGaoc1DDirfl0/M2ie I0tDnpZryk+jAs0ACO6KTfPWlxsIsVJCaf3/nfbt686JspSzGxnK0Rheph4SHPv0 HM+NjLki4mXAvsNg2rdKso18QhX9hU+l0CIKLyqLc2kiyDGEUEavkxRWYUuM/nGT yWft1PvgnDD0DJL5gblP2qlbJ/73Q3OCQnRpGSzGhjL0aW07zhO4yhUqcKNUcNy4 eXKip8mL8CDIXXjLV4XZZYxnQiv75ha1qP9TrmEPAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUoawOba4R8BRU1LugtU1TNgLaskcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzJmYTM1NGRhLWRlZWYtNGVmNC04NjA4LTg4Y2NlZDAyOWVjNi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAdC9QAwDQYJKoZIhvcNAQELBQADggEBAA/KNkxXvbA+ZkP689kioDrNgmId vfNHeO6u4rSCzqrbtafH/GUJ1zmIhdIhSmOj8pYhMijVf8uKeHW3ULVyVYccGxFb sgmebevfC/34/uHdzrvh2QFXgCMeHiueDSoj0S1yiCvs5gkbhUQftDKaLRVs9HJQ iRVtp50/oGdiUlT50XYbS6ENTbO/+L/is/RMitxHXDE7jwz+o2+I2Ca2mdrIhbNA bYNVrt19K0Gd7SGm2w6uMEW3UftqlryWidk5JfcwdajJTvSbp0+amFWmXTtIprnJ nXTvUrwQeQnxvdA7hhR5F/PTmsYi1dbcDWLQFex5brt7u/JsHB0p0kcN/Bs= -----END CERTIFICATE-----Generated at Sat Apr 26 16:45:58 2025 by rpki-client