$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/39987a4f-c632-4bdd-8f12-5e92d4db3be2.roa File: 39987a4f-c632-4bdd-8f12-5e92d4db3be2.roa (raw, json) Hash identifier: 4d28kNL2U0y9cm8mb0nh8qeC9UsdqMoVr6JV1HGMTtg= Subject key identifier: 68:68:07:0C:64:65:D7:6B:C8:01:D2:58:F9:B9:AA:BB:59:F1:38:A9 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 609CD17A79FC3BFE37F024C5BEBE0805FC6D00BA Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/39987a4f-c632-4bdd-8f12-5e92d4db3be2.roa Signing time: Wed 23 Apr 2025 00:11:19 +0000 ROA not before: Wed 23 Apr 2025 00:11:19 +0000 ROA not after: Wed 28 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 107.21.200.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 27 Apr 2025 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:9c:d1:7a:79:fc:3b:fe:37:f0:24:c5:be:be:08:05:fc:6d:00:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Apr 23 00:11:19 2025 GMT Not After : May 28 23:59:59 2025 GMT Subject: serialNumber=114c7d93cacbbc496bb3a44cc38c3430b6d74e3732668de8407c8eeaf7402120, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:c4:29:60:cf:8b:86:40:3c:f5:e9:0d:15:fd: c1:22:dd:65:cd:4d:26:3c:48:a3:c0:02:8d:c4:08: 03:d1:57:6d:78:92:49:59:b2:ce:49:19:d4:b5:ff: 55:06:54:90:97:bd:a4:1c:b1:62:d2:c5:2d:c9:24: b6:ce:9c:d6:ad:0d:ad:72:de:8e:42:05:7d:71:6a: e1:dd:7f:2e:ff:2c:b5:d6:b2:a4:3f:e1:87:bc:85: ee:1b:f7:63:8d:cb:71:3e:a0:9d:41:d6:6b:3f:0f: c0:0e:18:ce:97:0c:b3:7b:03:88:dc:a9:ee:88:a6: cd:a4:c1:70:14:8f:ab:52:e5:e2:78:12:27:6a:0d: b7:2c:03:fe:e7:99:43:35:c2:e9:2b:8d:88:1a:3f: 97:8a:4f:b8:db:50:c4:ee:0d:6b:4c:80:35:e6:9b: 85:e9:b1:db:02:26:61:ea:72:db:8f:81:e9:c5:30: 36:83:b4:9e:b3:a1:f0:e5:a8:4a:71:b7:3e:7d:c8: 77:55:ab:48:a1:36:10:91:d9:15:e6:43:a1:d8:ec: f4:65:4a:5f:38:fd:f8:6c:b8:00:34:0e:9a:02:2f: 4d:60:34:a4:1d:c7:8c:ab:df:dd:b0:65:b1:16:5d: db:04:09:dd:49:61:14:1f:c1:8c:f5:b1:e6:7b:91: 7f:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:68:07:0C:64:65:D7:6B:C8:01:D2:58:F9:B9:AA:BB:59:F1:38:A9 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/39987a4f-c632-4bdd-8f12-5e92d4db3be2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 107.21.200.0/21 Signature Algorithm: sha256WithRSAEncryption 1d:11:3e:ce:b5:35:fc:66:db:2d:a3:1c:a4:33:58:4d:81:69: 56:ba:be:15:5d:f0:c2:90:14:05:2c:10:10:d5:32:1e:cf:ea: d9:17:54:38:9a:b2:e2:fb:69:b5:fe:4f:ce:c0:c2:63:72:c9: a0:0f:f5:42:68:dc:30:fb:cd:e1:b8:40:28:56:45:43:bc:25: bc:e0:fa:15:1d:dc:4a:e0:b0:4d:0d:0f:e4:cc:57:b3:1f:92: f5:d8:f1:25:91:b2:7b:bd:03:a6:0a:34:e1:9c:b1:59:f2:d1: e4:58:34:09:74:31:e1:66:9d:0d:2c:19:c0:5d:1c:a0:9c:8b: 54:f7:0b:a9:5c:cc:23:2e:13:23:74:75:19:82:cb:59:17:44: b3:35:5f:ff:4d:fb:1f:78:de:67:f9:b7:f5:58:94:dd:03:a3: f0:15:0f:a9:64:12:99:e9:88:fc:0b:8d:ff:1b:f6:e5:62:27: 8a:b9:50:77:4f:4f:ca:cb:f6:bb:c8:35:0a:77:84:3f:d5:29: f7:17:a7:c7:a3:26:b6:06:1b:ba:f1:0e:c9:1e:63:05:8c:78: 25:22:d6:94:dc:09:05:12:50:dc:12:22:6c:8b:19:1e:6e:0b: 9e:20:77:bb:b5:f9:4f:da:22:1d:86:a7:25:f0:c9:04:55:f7: 01:78:4d:83 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUYJzRenn8O/438CTFvr4IBfxtALowDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDIzMDAxMTE5WhcNMjUwNTI4MjM1OTU5 WjB6MUkwRwYDVQQFE0AxMTRjN2Q5M2NhY2JiYzQ5NmJiM2E0NGNjMzhjMzQzMGI2 ZDc0ZTM3MzI2NjhkZTg0MDdjOGVlYWY3NDAyMTIwMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDRxClgz4uGQDz16Q0V/cEi3WXNTSY8SKPAAo3ECAPRV214 kklZss5JGdS1/1UGVJCXvaQcsWLSxS3JJLbOnNatDa1y3o5CBX1xauHdfy7/LLXW sqQ/4Ye8he4b92ONy3E+oJ1B1ms/D8AOGM6XDLN7A4jcqe6Ips2kwXAUj6tS5eJ4 EidqDbcsA/7nmUM1wukrjYgaP5eKT7jbUMTuDWtMgDXmm4XpsdsCJmHqctuPgenF MDaDtJ6zofDlqEpxtz59yHdVq0ihNhCR2RXmQ6HY7PRlSl84/fhsuAA0DpoCL01g NKQdx4yr392wZbEWXdsECd1JYRQfwYz1seZ7kX+nAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUaGgHDGRl12vIAdJY+bmqu1nxOKkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzM5OTg3YTRmLWM2MzItNGJkZC04ZjEyLTVlOTJkNGRiM2JlMi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBANrFcgwDQYJKoZIhvcNAQELBQADggEBAB0RPs61Nfxm2y2jHKQzWE2BaVa6 vhVd8MKQFAUsEBDVMh7P6tkXVDiasuL7abX+T87AwmNyyaAP9UJo3DD7zeG4QChW RUO8Jbzg+hUd3ErgsE0ND+TMV7MfkvXY8SWRsnu9A6YKNOGcsVny0eRYNAl0MeFm nQ0sGcBdHKCci1T3C6lczCMuEyN0dRmCy1kXRLM1X/9N+x943mf5t/VYlN0Do/AV D6lkEpnpiPwLjf8b9uViJ4q5UHdPT8rL9rvINQp3hD/VKfcXp8ejJrYGG7rxDske YwWMeCUi1pTcCQUSUNwSImyLGR5uC54gd7u1+U/aIh2GpyXwyQRV9wF4TYM= -----END CERTIFICATE-----Generated at Sat Apr 26 16:06:05 2025 by rpki-client