$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/02705a78-c949-405b-9b73-0ec922410e1e.roa File: 02705a78-c949-405b-9b73-0ec922410e1e.roa (raw, json) Hash identifier: wovPP82uXtx0Vyxu/Gd2E5BFMynNtiSI/LeJJ64/iwk= Subject key identifier: 66:AF:75:B7:5F:15:6A:49:26:5F:7E:17:66:01:C8:91:44:7C:DD:13 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 6B4B616284EDC8F959719DA432021B89BE83FD81 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/02705a78-c949-405b-9b73-0ec922410e1e.roa Signing time: Tue 22 Apr 2025 22:07:04 +0000 ROA not before: Tue 22 Apr 2025 22:07:04 +0000 ROA not after: Tue 27 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:f0f3:f100::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 27 Apr 2025 22:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:4b:61:62:84:ed:c8:f9:59:71:9d:a4:32:02:1b:89:be:83:fd:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Apr 22 22:07:04 2025 GMT Not After : May 27 23:59:59 2025 GMT Subject: serialNumber=87db39ab6f0c134383c422df0392bced1cbba56910d9d682c62f9aef9ad43e29, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:8d:a3:97:96:11:15:d7:a4:4f:f0:e1:b0:6a: eb:08:56:82:d4:3b:75:c4:a3:c4:f3:ce:31:d9:f0: e3:0b:09:c8:ac:d4:62:b3:cf:db:4e:ed:72:22:4c: 1a:e4:93:cd:b5:d2:c4:4e:01:2c:d6:53:b2:b1:4a: 93:a3:bc:b8:17:95:6d:43:4c:1e:70:32:45:c7:73: d8:3d:5f:39:24:29:0f:fb:33:26:8d:9d:d5:28:22: 2b:1e:81:34:fa:c1:47:6a:f7:3c:f6:e0:91:db:5a: 8b:60:8f:c5:8a:a0:49:4b:aa:ed:27:d3:f9:24:a4: a4:a9:8c:7f:b7:f9:0b:fe:96:0a:29:39:5f:ea:ef: 9d:66:d8:06:5b:1e:59:85:3b:c0:4a:e2:8b:3d:d6: b0:fd:e6:d4:9d:ec:fa:d9:95:a7:4c:1b:81:15:fa: c9:9b:f9:b7:7b:dd:0b:1f:bc:20:be:55:66:44:7d: dd:0e:0b:f9:83:68:f2:b5:25:81:5f:79:25:bc:c5: 29:f0:45:61:d7:dc:30:50:7f:74:ba:d5:e5:f8:6e: 80:c3:b3:c1:ab:dd:8f:b4:bb:a9:68:4c:25:d1:6c: e0:82:9b:59:fa:3e:ab:de:7b:c4:86:3c:ce:8d:e4: f1:e3:83:75:ba:6e:95:05:92:a7:64:19:35:ca:4e: a4:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:AF:75:B7:5F:15:6A:49:26:5F:7E:17:66:01:C8:91:44:7C:DD:13 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/02705a78-c949-405b-9b73-0ec922410e1e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0f3:f100::/40 Signature Algorithm: sha256WithRSAEncryption 46:0c:1f:13:08:10:16:9c:b4:8f:bf:e0:86:8f:03:27:82:56: 7f:69:2a:2a:25:2d:76:ed:82:01:2e:d5:bc:c4:ab:7e:a6:14: b3:91:c0:cb:eb:5d:6b:58:b6:ff:77:c2:c1:e0:b9:2c:f0:25: ad:e2:d6:f5:f5:dd:da:a8:a2:81:06:f0:af:b4:d3:2b:4e:1d: 21:53:c8:68:4c:e3:c3:99:6b:a6:93:14:aa:6e:9b:bf:90:ed: fc:c7:5e:34:e4:49:19:c5:5c:0b:26:37:c4:99:00:fd:32:ee: 87:e4:7b:de:54:f5:ac:72:12:e8:19:8b:cb:0a:7f:e8:92:4e: f5:1d:28:de:26:58:d2:c4:ff:d8:ea:43:63:ce:8f:57:16:a9: 79:73:db:f3:34:0f:7e:60:b9:17:aa:e9:be:66:ac:a3:87:a8: 20:75:b0:3e:77:00:9a:8d:47:92:e2:a5:4d:a7:59:11:15:c3: 63:e5:1c:d3:bd:48:39:8e:89:90:b6:3e:3a:71:28:8c:4b:95: c2:48:af:c7:72:87:9d:14:10:df:1d:91:fc:e0:72:55:62:b2: 6d:73:ef:4e:81:e9:12:10:7e:9f:8a:9b:37:52:76:26:28:25: 5e:05:5b:f5:75:b5:fe:d6:3a:c2:df:11:25:57:54:18:bc:f7: 40:20:5e:33 -----BEGIN CERTIFICATE----- MIIF+jCCBOKgAwIBAgIUa0thYoTtyPlZcZ2kMgIbib6D/YEwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNDIyMjIwNzA0WhcNMjUwNTI3MjM1OTU5 WjB6MUkwRwYDVQQFE0A4N2RiMzlhYjZmMGMxMzQzODNjNDIyZGYwMzkyYmNlZDFj YmJhNTY5MTBkOWQ2ODJjNjJmOWFlZjlhZDQzZTI5MS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDajaOXlhEV16RP8OGwausIVoLUO3XEo8TzzjHZ8OMLCcis 1GKzz9tO7XIiTBrkk8210sROASzWU7KxSpOjvLgXlW1DTB5wMkXHc9g9XzkkKQ/7 MyaNndUoIisegTT6wUdq9zz24JHbWotgj8WKoElLqu0n0/kkpKSpjH+3+Qv+lgop OV/q751m2AZbHlmFO8BK4os91rD95tSd7PrZladMG4EV+smb+bd73QsfvCC+VWZE fd0OC/mDaPK1JYFfeSW8xSnwRWHX3DBQf3S61eX4boDDs8Gr3Y+0u6loTCXRbOCC m1n6Pqvee8SGPM6N5PHjg3W6bpUFkqdkGTXKTqTDAgMBAAGjggKzMIICrzAdBgNV HQ4EFgQUZq91t18VakkmX34XZgHIkUR83RMwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2LzAyNzA1YTc4LWM5NDktNDA1Yi05YjczLTBlYzkyMjQxMGUxZS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAmAPDz8TANBgkqhkiG9w0BAQsFAAOCAQEARgwfEwgQFpy0j7/gho8DJ4JW f2kqKiUtdu2CAS7VvMSrfqYUs5HAy+tda1i2/3fCweC5LPAlreLW9fXd2qiigQbw r7TTK04dIVPIaEzjw5lrppMUqm6bv5Dt/MdeNORJGcVcCyY3xJkA/TLuh+R73lT1 rHIS6BmLywp/6JJO9R0o3iZY0sT/2OpDY86PVxapeXPb8zQPfmC5F6rpvmaso4eo IHWwPncAmo1HkuKlTadZERXDY+Uc071IOY6JkLY+OnEojEuVwkivx3KHnRQQ3x2R /OByVWKybXPvToHpEhB+n4qbN1J2JiglXgVb9XW1/tY6wt8RJVdUGLz3QCBeMw== -----END CERTIFICATE-----Generated at Sat Apr 26 16:42:06 2025 by rpki-client