$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9c5b22d0-c570-479a-9176-1b8ae33317b3.roa File: 9c5b22d0-c570-479a-9176-1b8ae33317b3.roa (raw, json) Hash identifier: B4eKwBGoKlkMu4WGyaXNxqKXQkt9X0+ncggutfzzEJk= Subject key identifier: 22:81:AC:61:99:F4:E4:09:E0:4D:6C:F6:30:45:FD:50:85:62:72:2C Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 49F9694272552484EB8F30AFEABA8ED198443060 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9c5b22d0-c570-479a-9176-1b8ae33317b3.roa Signing time: Fri 25 Apr 2025 15:11:36 +0000 ROA not before: Fri 25 Apr 2025 15:11:36 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 98.130.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 27 Apr 2025 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:f9:69:42:72:55:24:84:eb:8f:30:af:ea:ba:8e:d1:98:44:30:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Apr 25 15:11:36 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=205e473422f42f59f795dd4c8cfe23c98e1779e10ac6a510b45ca2438ad8b3d9, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:c4:06:ad:1d:f7:b3:af:e1:05:32:c9:6f:31: 19:de:ce:73:f7:58:55:3c:89:f9:42:63:de:20:dc: 84:3e:f1:e6:4c:2e:f4:d7:29:4d:13:bb:38:42:73: 08:49:93:2c:49:6d:6d:c9:7d:1d:00:22:d9:a2:01: be:15:a9:b2:3d:8f:61:48:7c:82:68:4c:26:54:1f: 57:bb:65:3d:58:d2:6f:8a:54:de:d7:6f:cd:89:5a: 87:d3:85:89:aa:d8:02:43:76:7a:87:38:36:c5:f0: f3:44:68:a1:1a:9b:64:5f:6b:64:f3:37:d8:f8:47: f2:64:9b:3e:de:39:a0:0b:e6:4c:4b:41:5d:aa:6d: 75:bb:24:68:69:11:cd:1e:ac:e5:4b:49:1e:35:3f: 13:2c:2b:eb:e8:c1:0d:a2:36:11:6f:5f:fa:3d:36: e1:5f:46:c2:a3:e7:94:1d:ed:9a:69:cf:49:42:da: 37:66:1a:55:35:5b:fa:d3:ab:94:e0:56:ac:a4:89: c9:ef:b1:42:52:dd:1e:f6:8e:cb:d5:65:a7:49:90: 6d:b6:0b:ba:a7:6f:bd:bf:22:92:7a:32:ef:48:25: d5:fd:33:1e:88:cd:2b:55:bd:45:d3:78:5b:2d:d9: 97:01:63:3b:81:b7:7b:b8:54:ab:6c:58:e1:32:fa: c9:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:81:AC:61:99:F4:E4:09:E0:4D:6C:F6:30:45:FD:50:85:62:72:2C X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9c5b22d0-c570-479a-9176-1b8ae33317b3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 98.130.0.0/16 Signature Algorithm: sha256WithRSAEncryption 44:2f:b1:50:69:6d:75:b7:7f:d1:90:97:a5:40:b6:23:1d:5f: b3:08:1f:dc:64:95:75:1a:b6:2a:1d:97:3d:bb:de:7d:16:23: d3:47:88:55:bd:fe:b0:57:79:90:d3:df:c8:dd:e9:35:7a:c2: 75:27:5d:5c:dc:e7:84:e1:d5:42:f5:bc:b1:ba:ba:32:a0:fc: a3:f1:6f:05:cb:ec:2b:e1:18:20:e1:4c:c5:66:2d:3b:42:44: b7:5b:9c:33:ec:88:6f:d0:cd:98:3b:50:f8:0a:dc:de:81:12: 96:ab:bc:a5:07:bb:6b:cf:1b:8b:67:53:76:cc:9e:86:b9:73: 34:50:4e:c1:b1:b7:20:b0:21:91:55:d5:ab:ee:ea:71:fc:b9: 71:58:c6:0c:76:78:d6:ef:f2:ff:38:64:51:f3:88:93:90:da: 64:1e:82:10:4a:2f:33:1f:a9:88:61:a9:80:f1:35:43:62:06: fc:79:1f:9a:f1:1a:e9:6a:f7:2e:15:a2:5d:90:2e:c4:67:60: 77:71:b1:69:d0:a7:dc:37:22:57:ec:7c:11:61:23:ba:55:ae: f6:d1:ad:26:56:13:4f:51:a1:d2:a6:77:44:ff:75:e9:e5:79: d2:64:3e:10:d0:a1:07:6d:44:7f:d7:5b:13:8d:ab:b6:ce:d1: 4b:a6:67:88 -----BEGIN CERTIFICATE----- MIIF9zCCBN+gAwIBAgIUSflpQnJVJITrjzCv6rqO0ZhEMGAwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDI1MTUxMTM2WhcNMjUwNTMwMjM1OTU5 WjB6MUkwRwYDVQQFE0AyMDVlNDczNDIyZjQyZjU5Zjc5NWRkNGM4Y2ZlMjNjOThl MTc3OWUxMGFjNmE1MTBiNDVjYTI0MzhhZDhiM2Q5MS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCNxAatHfezr+EFMslvMRneznP3WFU8iflCY94g3IQ+8eZM LvTXKU0TuzhCcwhJkyxJbW3JfR0AItmiAb4VqbI9j2FIfIJoTCZUH1e7ZT1Y0m+K VN7Xb82JWofThYmq2AJDdnqHODbF8PNEaKEam2Rfa2TzN9j4R/Jkmz7eOaAL5kxL QV2qbXW7JGhpEc0erOVLSR41PxMsK+vowQ2iNhFvX/o9NuFfRsKj55Qd7Zppz0lC 2jdmGlU1W/rTq5TgVqykicnvsUJS3R72jsvVZadJkG22C7qnb72/IpJ6Mu9IJdX9 Mx6IzStVvUXTeFst2ZcBYzuBt3u4VKtsWOEy+snFAgMBAAGjggKwMIICrDAdBgNV HQ4EFgQUIoGsYZn05AngTWz2MEX9UIViciwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzljNWIyMmQwLWM1NzAtNDc5YS05MTc2LTFiOGFlMzMzMTdiMy5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB MAUDAwBigjANBgkqhkiG9w0BAQsFAAOCAQEARC+xUGltdbd/0ZCXpUC2Ix1fswgf 3GSVdRq2Kh2XPbvefRYj00eIVb3+sFd5kNPfyN3pNXrCdSddXNznhOHVQvW8sbq6 MqD8o/FvBcvsK+EYIOFMxWYtO0JEt1ucM+yIb9DNmDtQ+Arc3oESlqu8pQe7a88b i2dTdsyehrlzNFBOwbG3ILAhkVXVq+7qcfy5cVjGDHZ41u/y/zhkUfOIk5DaZB6C EEovMx+piGGpgPE1Q2IG/HkfmvEa6Wr3LhWiXZAuxGdgd3GxadCn3DciV+x8EWEj ulWu9tGtJlYTT1Gh0qZ3RP916eV50mQ+ENChB21Ef9dbE42rts7RS6ZniA== -----END CERTIFICATE-----Generated at Sat Apr 26 16:43:52 2025 by rpki-client