$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cd040691-6f04-4613-a81f-f5417500cc0b.roa File: cd040691-6f04-4613-a81f-f5417500cc0b.roa (raw, json) Hash identifier: obvRbbJE6sxGRujzX/wruPrsizASZUT4Kxvmm6PuUAY= Subject key identifier: CA:16:B2:31:4E:2C:93:61:67:F7:5D:4D:0D:60:9E:59:FD:33:3D:72 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 7C53510632B2B665B8CFF9C0600C0A1823F1F81F Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cd040691-6f04-4613-a81f-f5417500cc0b.roa Signing time: Fri 25 Apr 2025 00:52:12 +0000 ROA not before: Fri 25 Apr 2025 00:52:12 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 56.128.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 27 Apr 2025 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:53:51:06:32:b2:b6:65:b8:cf:f9:c0:60:0c:0a:18:23:f1:f8:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Apr 25 00:52:12 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=0e1566ec2a573bc73273963f757453cbfb3570a876f520fe80adeefb2e6aab0d, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:8d:21:41:6d:0c:cb:70:08:81:0d:02:cc:0d: 1d:76:2d:30:29:48:c1:92:b0:25:24:7c:c8:25:e7: db:62:07:57:0a:94:8b:ed:de:af:bf:bb:3f:f9:d1: ee:9c:f3:97:84:6b:01:5b:ee:3e:92:d1:f3:5d:2f: 6d:08:cd:41:24:e0:8c:c7:8a:78:0d:97:41:7e:d9: 5d:b9:9c:fd:d3:70:a0:18:c8:da:56:c2:84:61:3d: 22:58:ed:30:3a:26:d2:f0:e1:b6:92:c5:85:68:31: ad:9b:70:c5:89:71:c7:f0:ef:ae:be:13:f6:4e:bb: de:7b:c1:79:35:a7:3b:e3:3f:41:2d:3e:5c:81:b9: af:d0:46:5c:a5:70:a9:cb:c3:9a:d8:c1:b8:f1:51: 08:36:8d:80:b0:66:4e:f9:48:fb:31:33:c9:cd:82: 47:e5:22:a3:34:ee:31:7b:c3:f1:0f:30:28:7e:b3: a8:e1:db:99:59:78:f3:db:26:72:80:3a:90:b0:bd: c6:bf:79:ba:fc:27:d5:b6:0d:e1:93:43:9e:0b:73: 86:7e:26:cb:a0:c5:2e:cb:dd:0f:16:4a:a4:12:88: bb:09:9e:47:8d:c7:cb:e6:14:3a:f8:17:66:bf:4f: d9:c4:af:fd:44:ae:fb:06:41:ea:a3:75:42:a4:53: 93:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:16:B2:31:4E:2C:93:61:67:F7:5D:4D:0D:60:9E:59:FD:33:3D:72 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cd040691-6f04-4613-a81f-f5417500cc0b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 56.128.0.0/16 Signature Algorithm: sha256WithRSAEncryption 5c:40:e6:4d:3d:f5:be:1f:39:a0:b7:0d:94:bc:aa:94:46:96: ec:9a:92:1b:00:67:63:46:a0:f4:bb:e4:7f:c3:c0:b0:08:08: 87:1c:80:0c:b2:cf:b1:19:39:a6:e7:4f:29:62:f1:f3:30:08: 9a:56:ee:8c:b0:87:b4:9c:1f:90:31:31:cf:f9:70:f6:4b:64: d6:6b:8b:4a:48:1c:4f:72:ac:59:fa:35:aa:14:33:c2:3b:9b: 61:10:59:d8:06:93:2f:50:41:32:3f:67:c1:c0:c4:f2:a7:ca: 37:17:85:65:fb:53:02:34:80:42:77:06:99:e0:2e:dc:61:ae: 6e:d6:e7:7b:51:97:2a:0c:ca:b2:7f:43:17:1e:51:77:c6:40: 91:2b:60:f8:44:12:98:bb:4d:85:a4:2f:c4:11:1d:cc:1b:5d: 0d:fa:30:f4:8e:66:93:a6:21:e7:3a:3c:b6:f9:18:c9:a6:59: a8:5e:67:e1:c1:56:bd:94:08:c6:32:c7:4f:58:cc:10:3d:40: 85:5f:0a:b6:fb:bc:e0:c7:b0:0a:da:3b:42:7e:e8:6e:31:86: e3:0c:8c:95:28:03:09:1a:fb:96:f1:f4:d7:e5:4c:7e:e4:e2: a8:13:1a:b2:50:7e:3b:ef:e4:a4:47:62:0e:e6:60:e6:7a:5f: 3f:19:9a:2e -----BEGIN CERTIFICATE----- MIIF9zCCBN+gAwIBAgIUfFNRBjKytmW4z/nAYAwKGCPx+B8wDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDI1MDA1MjEyWhcNMjUwNTMwMjM1OTU5 WjB6MUkwRwYDVQQFE0AwZTE1NjZlYzJhNTczYmM3MzI3Mzk2M2Y3NTc0NTNjYmZi MzU3MGE4NzZmNTIwZmU4MGFkZWVmYjJlNmFhYjBkMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQC4jSFBbQzLcAiBDQLMDR12LTApSMGSsCUkfMgl59tiB1cK lIvt3q+/uz/50e6c85eEawFb7j6S0fNdL20IzUEk4IzHingNl0F+2V25nP3TcKAY yNpWwoRhPSJY7TA6JtLw4baSxYVoMa2bcMWJccfw766+E/ZOu957wXk1pzvjP0Et PlyBua/QRlylcKnLw5rYwbjxUQg2jYCwZk75SPsxM8nNgkflIqM07jF7w/EPMCh+ s6jh25lZePPbJnKAOpCwvca/ebr8J9W2DeGTQ54Lc4Z+JsugxS7L3Q8WSqQSiLsJ nkeNx8vmFDr4F2a/T9nEr/1ErvsGQeqjdUKkU5MxAgMBAAGjggKwMIICrDAdBgNV HQ4EFgQUyhayMU4sk2Fn911NDWCeWf0zPXIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyL2NkMDQwNjkxLTZmMDQtNDYxMy1hODFmLWY1NDE3NTAwY2MwYi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB MAUDAwA4gDANBgkqhkiG9w0BAQsFAAOCAQEAXEDmTT31vh85oLcNlLyqlEaW7JqS GwBnY0ag9Lvkf8PAsAgIhxyADLLPsRk5pudPKWLx8zAImlbujLCHtJwfkDExz/lw 9ktk1muLSkgcT3KsWfo1qhQzwjubYRBZ2AaTL1BBMj9nwcDE8qfKNxeFZftTAjSA QncGmeAu3GGubtbne1GXKgzKsn9DFx5Rd8ZAkStg+EQSmLtNhaQvxBEdzBtdDfow 9I5mk6Yh5zo8tvkYyaZZqF5n4cFWvZQIxjLHT1jMED1AhV8Ktvu84MewCto7Qn7o bjGG4wyMlSgDCRr7lvH01+VMfuTiqBMaslB+O+/kpEdiDuZg5npfPxmaLg== -----END CERTIFICATE-----Generated at Sat Apr 26 16:44:29 2025 by rpki-client