$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba15b0da-3dcf-4a78-bae0-49536265a0a0.roa File: ba15b0da-3dcf-4a78-bae0-49536265a0a0.roa (raw, json) Hash identifier: 6enrZ/DNEV2lb8/JSbpva+b27TlQMDO7tUqb/6Ne7N4= Subject key identifier: EB:98:D8:18:FF:DF:2D:0D:33:BF:E0:B0:71:8C:E0:68:A5:91:E3:6B Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 5A81DB121AE44D5B33DCB78FE65152DFBF52047B Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba15b0da-3dcf-4a78-bae0-49536265a0a0.roa Signing time: Mon 14 Apr 2025 15:00:26 +0000 ROA not before: Mon 14 Apr 2025 15:00:26 +0000 ROA not after: Mon 19 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 136.18.138.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 01 May 2025 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:81:db:12:1a:e4:4d:5b:33:dc:b7:8f:e6:51:52:df:bf:52:04:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Apr 14 15:00:26 2025 GMT Not After : May 19 23:59:59 2025 GMT Subject: serialNumber=721fac6ee3e7619df88cec2d31ea6a086912c0b5bdff4844efe2179834c06be9, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:66:81:fa:83:5d:0f:bd:a6:d8:d8:ed:d3:77: 96:59:46:56:eb:98:78:ae:9f:48:ac:e1:c3:26:a1: d6:8f:d4:2d:76:70:d9:16:b5:8a:ad:b2:4c:12:61: c0:1b:01:e5:6b:50:a1:f3:e1:f2:f3:88:59:64:7b: 06:e8:1e:3c:a3:22:47:87:ac:c0:eb:4e:7a:a3:0d: a0:d0:aa:fa:07:8a:2a:be:58:0a:22:c8:93:4c:4c: 1a:69:79:a8:b9:2d:ea:4c:7e:07:89:39:b6:37:c0: 3c:ae:10:9a:15:8e:d6:0f:33:31:68:aa:01:2d:7e: 80:95:28:b7:02:68:34:48:d1:66:1a:7c:df:de:5c: d3:0e:c6:fc:b9:a0:89:70:c8:bc:15:2f:e4:75:ea: 5c:40:50:a9:90:c0:b5:22:16:ba:86:53:f2:ea:fb: e1:eb:fd:7b:b3:71:6c:ca:f4:a9:ac:ea:99:da:24: 35:bb:f3:8a:ca:ff:7f:95:02:37:d5:6c:e1:6f:6f: bb:fb:61:e1:7c:7f:0a:c2:9d:24:e9:28:b7:43:8c: c2:00:2b:20:be:2a:47:ea:aa:5e:cb:77:8a:e8:40: 9b:3c:d4:90:0c:ae:dc:89:c6:92:07:63:67:6e:a5: 45:27:65:ef:94:6e:e0:07:91:3b:05:8b:2a:26:6a: 31:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:98:D8:18:FF:DF:2D:0D:33:BF:E0:B0:71:8C:E0:68:A5:91:E3:6B X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ba15b0da-3dcf-4a78-bae0-49536265a0a0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 136.18.138.0/24 Signature Algorithm: sha256WithRSAEncryption 63:9c:08:0a:ef:a1:5e:1e:1a:a2:37:0b:d4:f5:bb:30:ee:a3: e9:d4:ca:2d:fb:72:a5:19:25:e9:75:0d:bc:50:9f:9b:ea:a0: 3a:4d:c4:35:31:ab:59:ed:71:2e:ed:74:99:e7:2e:aa:b5:3c: 6b:d1:a8:63:f8:64:a9:5c:8e:8a:ea:17:13:40:8e:e0:31:76: 96:72:13:8b:91:93:5e:71:87:25:4d:24:63:23:19:d3:e5:94: b8:65:9b:28:33:03:ed:18:98:09:9b:76:db:f8:9e:95:9c:c1: db:41:cb:3b:4f:07:2a:c7:77:c7:3f:4b:ef:be:fb:63:36:b4: 41:a0:db:04:46:1f:69:fa:20:32:1d:31:a3:b6:be:ef:ab:9f: d0:34:83:f6:5a:44:38:60:a9:0f:81:a1:6b:17:9d:24:24:75: 6d:b0:9e:23:d4:28:93:ba:0e:a0:38:c0:23:08:f7:28:24:e4: d0:b7:8b:de:35:0d:95:e5:00:dc:02:f1:f9:44:47:1d:ed:25: 46:92:44:1e:c0:14:e2:f7:14:56:cc:6c:c2:98:45:9d:2b:5f: 18:60:c3:06:18:0b:29:04:47:e3:69:e7:13:3c:44:f4:45:e2: ce:37:8a:4c:ee:6b:87:89:a3:c0:4a:b3:c3:f5:71:76:a9:6e: 60:8e:53:78 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUWoHbEhrkTVsz3LeP5lFS379SBHswDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDE0MTUwMDI2WhcNMjUwNTE5MjM1OTU5 WjB6MUkwRwYDVQQFE0A3MjFmYWM2ZWUzZTc2MTlkZjg4Y2VjMmQzMWVhNmEwODY5 MTJjMGI1YmRmZjQ4NDRlZmUyMTc5ODM0YzA2YmU5MS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQC2ZoH6g10PvabY2O3Td5ZZRlbrmHiun0is4cMmodaP1C12 cNkWtYqtskwSYcAbAeVrUKHz4fLziFlkewboHjyjIkeHrMDrTnqjDaDQqvoHiiq+ WAoiyJNMTBppeai5LepMfgeJObY3wDyuEJoVjtYPMzFoqgEtfoCVKLcCaDRI0WYa fN/eXNMOxvy5oIlwyLwVL+R16lxAUKmQwLUiFrqGU/Lq++Hr/XuzcWzK9Kms6pna JDW784rK/3+VAjfVbOFvb7v7YeF8fwrCnSTpKLdDjMIAKyC+Kkfqql7Ld4roQJs8 1JAMrtyJxpIHY2dupUUnZe+UbuAHkTsFiyomajELAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQU65jYGP/fLQ0zv+CwcYzgaKWR42swHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyL2JhMTViMGRhLTNkY2YtNGE3OC1iYWUwLTQ5NTM2MjY1YTBhMC5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBACIEoowDQYJKoZIhvcNAQELBQADggEBAGOcCArvoV4eGqI3C9T1uzDuo+nU yi37cqUZJel1DbxQn5vqoDpNxDUxq1ntcS7tdJnnLqq1PGvRqGP4ZKlcjorqFxNA juAxdpZyE4uRk15xhyVNJGMjGdPllLhlmygzA+0YmAmbdtv4npWcwdtByztPByrH d8c/S++++2M2tEGg2wRGH2n6IDIdMaO2vu+rn9A0g/ZaRDhgqQ+BoWsXnSQkdW2w niPUKJO6DqA4wCMI9ygk5NC3i941DZXlANwC8flERx3tJUaSRB7AFOL3FFbMbMKY RZ0rXxhgwwYYCykER+Np5xM8RPRF4s43ikzua4eJo8BKs8P1cXapbmCOU3g= -----END CERTIFICATE-----Generated at Tue Apr 29 19:56:37 2025 by rpki-client