$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d171a8a1-9f08-410d-8286-615fcfbb13fc.roa File: d171a8a1-9f08-410d-8286-615fcfbb13fc.roa (raw, json) Hash identifier: upJOuc66o88R9tToXZGksX1u1XobSAQ+l/ZQrqlKdfk= Subject key identifier: 8F:13:4E:3D:3D:34:1B:0F:38:A9:44:45:17:73:03:B1:89:EC:C9:AA Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 11DC42BE0670FC2F206FA9C60935CD5F2113BB54 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d171a8a1-9f08-410d-8286-615fcfbb13fc.roa Signing time: Mon 14 Apr 2025 15:11:19 +0000 ROA not before: Mon 14 Apr 2025 15:11:19 +0000 ROA not after: Mon 19 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 16.15.176.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 27 Apr 2025 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:dc:42:be:06:70:fc:2f:20:6f:a9:c6:09:35:cd:5f:21:13:bb:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Apr 14 15:11:19 2025 GMT Not After : May 19 23:59:59 2025 GMT Subject: serialNumber=8a1116bd9ff6a554052e8754918a5b4e061106efdae631e408a2f95efb4f5f0d, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:97:f4:e7:0c:d5:aa:c9:20:6d:20:00:e2:6a: 45:80:b4:d7:99:cf:ab:58:cf:f5:0c:ea:9b:98:4a: bf:3d:7a:ef:0c:77:e0:85:cd:f7:da:05:e0:b5:56: 73:b5:7d:19:8b:48:ad:e5:a9:90:ef:e6:35:b2:3c: 00:29:71:1b:c7:58:df:20:a4:d9:69:63:bc:36:0b: 92:a4:c2:36:1d:16:c1:ea:10:ff:be:4e:f1:a5:66: 9c:d3:e1:0a:cd:e1:e5:07:47:df:de:ff:5c:4f:3a: ad:0b:1c:02:b8:4b:f8:b4:fd:ca:05:1e:a9:11:a0: 84:c2:63:42:40:21:06:8e:f6:aa:5c:80:1a:b0:73: 64:c6:58:ee:cf:70:c7:31:44:c8:60:26:ec:91:60: 88:e8:87:8f:2b:9e:cb:0c:66:70:4d:75:eb:e5:1d: 18:b2:0a:a7:0c:df:d8:17:50:95:b2:6e:ad:ac:fd: 4b:e3:c4:22:d6:b0:0a:81:49:0f:65:0c:a8:a2:d6: 5b:8e:02:54:6f:ce:29:6d:01:52:ca:8c:98:ad:11: da:1c:ee:97:2c:e1:c2:f5:91:fe:13:6b:98:fb:b3: fb:16:6a:36:1c:dd:e3:dc:31:05:12:55:4b:48:96: 54:f4:87:15:9a:a9:56:dd:15:c6:25:8b:f0:67:ce: d9:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:13:4E:3D:3D:34:1B:0F:38:A9:44:45:17:73:03:B1:89:EC:C9:AA X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d171a8a1-9f08-410d-8286-615fcfbb13fc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 16.15.176.0/20 Signature Algorithm: sha256WithRSAEncryption 53:db:a4:22:a0:48:e2:82:52:8b:23:d2:a9:94:e4:2e:62:00: c1:cf:77:ce:cf:99:17:a8:27:30:72:60:61:e6:78:a0:f9:52: 13:71:2b:0e:a5:26:f5:76:b8:4b:22:3b:57:15:27:61:58:e4: ed:1e:d4:60:e0:2a:6a:37:9b:18:d5:45:68:2d:6c:dc:02:03: e7:c7:eb:6d:03:f1:51:af:a5:ce:da:be:1b:0c:06:36:6e:9d: 70:c2:4f:b5:e1:36:63:f7:e1:6f:bf:4e:ad:95:34:51:f9:17: 41:1d:7e:ba:cc:76:ec:11:40:37:2f:09:0a:35:69:5a:b8:34: 15:c4:c4:63:34:60:63:d7:88:95:ec:be:b5:ff:ca:d9:78:7a: 13:3b:75:f6:c7:e0:35:db:a3:61:54:c9:e4:16:47:66:e2:93: e8:d5:11:5a:f1:ff:83:14:10:3f:e9:e5:6f:d9:61:60:af:e6: db:01:3c:a8:65:50:fa:28:24:c6:3c:a5:3f:3a:a3:fe:78:b4: 53:2b:b3:d7:77:6b:25:cc:6d:b5:75:f7:18:96:9b:87:f1:f8: 20:84:b8:8b:05:8a:a3:5e:4c:44:de:9c:5c:09:d9:19:7b:bf: 8d:11:67:d7:b2:aa:18:58:49:83:f5:cc:f7:5b:3b:35:6d:c7: 2a:5a:56:01 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUEdxCvgZw/C8gb6nGCTXNXyETu1QwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNDE0MTUxMTE5WhcNMjUwNTE5MjM1OTU5 WjB6MUkwRwYDVQQFE0A4YTExMTZiZDlmZjZhNTU0MDUyZTg3NTQ5MThhNWI0ZTA2 MTEwNmVmZGFlNjMxZTQwOGEyZjk1ZWZiNGY1ZjBkMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDEl/TnDNWqySBtIADiakWAtNeZz6tYz/UM6puYSr89eu8M d+CFzffaBeC1VnO1fRmLSK3lqZDv5jWyPAApcRvHWN8gpNlpY7w2C5KkwjYdFsHq EP++TvGlZpzT4QrN4eUHR9/e/1xPOq0LHAK4S/i0/coFHqkRoITCY0JAIQaO9qpc gBqwc2TGWO7PcMcxRMhgJuyRYIjoh48rnssMZnBNdevlHRiyCqcM39gXUJWybq2s /UvjxCLWsAqBSQ9lDKii1luOAlRvziltAVLKjJitEdoc7pcs4cL1kf4Ta5j7s/sW ajYc3ePcMQUSVUtIllT0hxWaqVbdFcYli/BnztkjAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUjxNOPT00Gw84qURFF3MDsYnsyaowHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyL2QxNzFhOGExLTlmMDgtNDEwZC04Mjg2LTYxNWZjZmJiMTNmYy5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAQQD7AwDQYJKoZIhvcNAQELBQADggEBAFPbpCKgSOKCUosj0qmU5C5iAMHP d87PmReoJzByYGHmeKD5UhNxKw6lJvV2uEsiO1cVJ2FY5O0e1GDgKmo3mxjVRWgt bNwCA+fH620D8VGvpc7avhsMBjZunXDCT7XhNmP34W+/Tq2VNFH5F0EdfrrMduwR QDcvCQo1aVq4NBXExGM0YGPXiJXsvrX/ytl4ehM7dfbH4DXbo2FUyeQWR2bik+jV EVrx/4MUED/p5W/ZYWCv5tsBPKhlUPooJMY8pT86o/54tFMrs9d3ayXMbbV19xiW m4fx+CCEuIsFiqNeTETenFwJ2Rl7v40RZ9eyqhhYSYP1zPdbOzVtxypaVgE= -----END CERTIFICATE-----Generated at Sat Apr 26 15:01:55 2025 by rpki-client