$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/66e59786-c1f4-4146-bccb-708e47a5469a.roa File: 66e59786-c1f4-4146-bccb-708e47a5469a.roa (raw, json) Hash identifier: uRdUiIgsyCq/DGF7MbqpuMpyA7uotAP8kenYWzje/7w= Subject key identifier: 5F:62:F3:E4:85:E1:B6:29:4E:10:14:E2:D7:39:F0:FD:AD:8A:00:D4 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 65CA8BF3203DD1B7187BF1309BE68050861ECF Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/66e59786-c1f4-4146-bccb-708e47a5469a.roa Signing time: Fri 25 Apr 2025 00:40:17 +0000 ROA not before: Fri 25 Apr 2025 00:40:17 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 40.48.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 27 Apr 2025 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:ca:8b:f3:20:3d:d1:b7:18:7b:f1:30:9b:e6:80:50:86:1e:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Apr 25 00:40:17 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=989db3d533d0a606b3b93aa1b6691f00c90256140d33109ab134a78f8c4ce134, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:de:30:86:81:48:d8:74:db:f0:d5:97:7d:55: 60:42:c2:95:90:4c:28:a4:ef:35:19:7c:e9:25:6d: d6:93:6a:b6:48:34:ab:69:f6:63:91:e7:37:b7:3f: 6b:d0:e0:b2:a2:dd:e1:59:b1:f9:56:d5:9c:07:66: c5:b0:04:6a:57:50:fe:db:28:49:3d:11:72:1d:9d: ad:16:5f:17:3f:ab:4e:f9:e9:c5:c4:7b:bf:64:58: 6c:f1:7a:6d:cd:63:c3:68:07:09:ed:bd:bd:6b:47: 43:ab:d1:85:7a:d7:51:0c:69:38:fb:ae:7b:ea:c8: 33:7f:df:58:23:b0:cc:a8:0a:51:76:40:3e:0b:78: ef:d4:cf:ca:86:47:e9:36:87:6a:35:28:6b:f2:34: c2:d9:0f:87:25:d4:2b:26:49:99:86:10:42:db:6c: d8:9f:d5:58:44:25:8f:81:36:5d:1b:80:07:1e:b6: ec:00:0f:e0:2e:ee:c6:7b:21:4f:ae:d7:ef:eb:8c: e6:b0:84:93:1e:3d:b4:41:8e:5b:2e:08:aa:2f:29: 4f:2f:a6:59:5b:04:b9:73:54:96:70:bd:65:85:72: 19:27:07:3b:37:c3:2c:ba:7f:49:8a:0c:c2:63:5b: 51:73:58:1c:87:70:cd:4c:42:3b:9b:91:5b:0f:55: 34:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:62:F3:E4:85:E1:B6:29:4E:10:14:E2:D7:39:F0:FD:AD:8A:00:D4 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/66e59786-c1f4-4146-bccb-708e47a5469a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 40.48.0.0/16 Signature Algorithm: sha256WithRSAEncryption 18:3a:8e:73:13:27:16:35:5a:ea:f2:f2:60:d5:55:48:69:10: 7d:9c:0e:3a:6c:f6:3f:bc:6c:40:55:15:86:db:71:6e:14:d5: 54:b4:ca:e1:79:84:1a:82:af:51:e1:4b:0e:ac:71:51:aa:d8: 47:ce:f7:33:3f:eb:00:69:55:22:35:1a:78:ac:93:00:3b:33: 32:71:b3:67:e3:30:e8:df:43:1b:7a:42:da:78:50:a6:18:27: 6b:cc:5a:2a:0d:1c:6f:27:16:b0:71:d1:ee:72:3d:8f:a2:b6: 9f:1d:f7:3d:d7:d8:a8:55:c6:4e:2a:48:14:c1:27:1b:24:4a: a1:ff:c7:3e:83:10:9d:cd:ae:ce:1e:5e:05:e3:9c:fb:28:90: e8:9e:eb:d2:6f:05:e1:c9:24:79:65:86:1c:d7:b8:cb:54:fc: 31:78:34:e6:c2:d2:30:77:82:e4:16:8d:a6:f8:21:78:6a:e5: 82:ba:f8:24:1d:bc:12:19:cd:9c:34:e7:d6:b9:83:f2:db:d0: 88:7e:12:5e:55:93:d5:4f:7b:7f:68:4d:da:e1:8e:19:31:54: e3:00:73:74:2a:1e:05:48:79:3d:f8:3c:ab:7e:68:13:e5:6b: 82:d2:3b:4a:89:5e:67:a6:2a:71:d6:38:be:69:fd:b4:4c:73: b5:f1:c3:ae -----BEGIN CERTIFICATE----- MIIF9jCCBN6gAwIBAgITZcqL8yA90bcYe/Ewm+aAUIYezzANBgkqhkiG9w0BAQsF ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz NzEwN2RiZThjYjcxZDBhNzAeFw0yNTA0MjUwMDQwMTdaFw0yNTA1MzAyMzU5NTla MHoxSTBHBgNVBAUTQDk4OWRiM2Q1MzNkMGE2MDZiM2I5M2FhMWI2NjkxZjAwYzkw MjU2MTQwZDMzMTA5YWIxMzRhNzhmOGM0Y2UxMzQxLTArBgNVBAMTJGIyNWM5NzBm LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBAMzeMIaBSNh02/DVl31VYELClZBMKKTvNRl86SVt1pNqtkg0 q2n2Y5HnN7c/a9DgsqLd4Vmx+VbVnAdmxbAEaldQ/tsoST0Rch2drRZfFz+rTvnp xcR7v2RYbPF6bc1jw2gHCe29vWtHQ6vRhXrXUQxpOPuue+rIM3/fWCOwzKgKUXZA Pgt479TPyoZH6TaHajUoa/I0wtkPhyXUKyZJmYYQQtts2J/VWEQlj4E2XRuABx62 7AAP4C7uxnshT67X7+uM5rCEkx49tEGOWy4Iqi8pTy+mWVsEuXNUlnC9ZYVyGScH OzfDLLp/SYoMwmNbUXNYHIdwzUxCO5uRWw9VNJcCAwEAAaOCArAwggKsMB0GA1Ud DgQWBBRfYvPkheG2KU4QFOLXOfD9rYoA1DAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy NWMwNDI5NDIvNjZlNTk3ODYtYzFmNC00MTQ2LWJjY2ItNzA4ZTQ3YTU0NjlhLnJv YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0 LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw BQMDACgwMA0GCSqGSIb3DQEBCwUAA4IBAQAYOo5zEycWNVrq8vJg1VVIaRB9nA46 bPY/vGxAVRWG23FuFNVUtMrheYQagq9R4UsOrHFRqthHzvczP+sAaVUiNRp4rJMA OzMycbNn4zDo30MbekLaeFCmGCdrzFoqDRxvJxawcdHucj2PorafHfc919ioVcZO KkgUwScbJEqh/8c+gxCdza7OHl4F45z7KJDonuvSbwXhySR5ZYYc17jLVPwxeDTm wtIwd4LkFo2m+CF4auWCuvgkHbwSGc2cNOfWuYPy29CIfhJeVZPVT3t/aE3a4Y4Z MVTjAHN0Kh4FSHk9+DyrfmgT5WuC0jtKiV5npipx1ji+af20THO18cOu -----END CERTIFICATE-----Generated at Sat Apr 26 14:52:41 2025 by rpki-client