$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/20df74ce-1a64-4df1-b616-115d4493a969.roa File: 20df74ce-1a64-4df1-b616-115d4493a969.roa (raw, json) Hash identifier: 1DpolQmYZr6PdCk7uxrLACSSPXQYFfN1H2+T7kFxkgY= Subject key identifier: 9C:36:B5:9F:FB:A9:A9:D6:B6:08:0F:99:4A:0A:2E:43:95:66:4B:F0 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 574607DBBBCFD930EB1E83AECDF9FE0F7DD1FC26 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/20df74ce-1a64-4df1-b616-115d4493a969.roa Signing time: Fri 25 Apr 2025 18:10:01 +0000 ROA not before: Fri 25 Apr 2025 18:10:01 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:f0f0:200::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 27 Apr 2025 22:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:46:07:db:bb:cf:d9:30:eb:1e:83:ae:cd:f9:fe:0f:7d:d1:fc:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Apr 25 18:10:01 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=033d4b370e5d2fcb7c90916f93faa0fd01997a70309952d98c315f3d22298427, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fb:91:1a:36:5a:e6:af:4a:d0:9b:e2:90:fa:8e: c6:d8:fa:13:e2:04:08:8f:27:35:50:88:cb:5f:0f: 04:a1:03:76:63:28:4f:a1:f5:ca:9b:d8:82:6b:79: b0:11:4b:07:3b:cd:a2:b4:0d:60:d4:40:74:49:f3: d7:c2:23:5a:de:19:d7:fb:a7:d5:50:d5:58:73:a4: 83:85:75:19:2f:b8:16:d8:4a:78:63:72:e2:8a:6b: ae:ed:a1:30:ac:da:c1:91:19:37:b3:04:0c:f4:ad: 52:65:2c:ce:1f:97:d1:1d:a7:fc:51:4d:8b:78:64: 5d:aa:3e:23:c9:d8:c5:e1:53:90:e5:7e:8b:af:ca: e9:85:c1:fb:63:73:08:29:7a:69:49:6a:7c:0d:69: 15:5f:7e:60:7c:6b:7c:46:53:e3:23:4d:fe:b1:1e: ff:8e:6e:f8:81:2a:ca:c2:87:57:c8:fa:a7:7f:b2: 32:b9:89:54:69:d8:93:0b:b3:e9:4c:48:66:08:a7: 6a:a1:88:37:fe:dc:e3:c8:00:46:6b:ff:93:64:4f: 5c:48:ad:9d:26:00:3c:23:79:ce:32:28:1b:da:cf: 0c:75:0c:e2:9a:bb:a1:07:97:da:df:b1:70:15:93: 61:be:ee:59:ed:6c:c9:bc:de:7f:13:53:bb:41:32: 59:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:36:B5:9F:FB:A9:A9:D6:B6:08:0F:99:4A:0A:2E:43:95:66:4B:F0 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/20df74ce-1a64-4df1-b616-115d4493a969.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0f0:200::/40 Signature Algorithm: sha256WithRSAEncryption 80:0d:c4:a8:60:f4:05:41:cf:85:20:bf:51:c3:58:b5:f1:48: ba:f7:b6:90:f0:6f:e7:e9:93:1b:34:c5:e3:ba:3f:d5:41:ab: c2:61:ad:28:7a:53:94:d8:fc:e0:2f:1c:bd:c3:e3:6f:ab:96: b5:d2:07:b4:92:97:24:a2:6a:91:c5:2d:bb:2f:d1:5d:c4:59: 8b:98:0e:1c:d9:34:9f:f9:3f:ac:52:10:d3:c3:ac:bd:8d:5f: 13:f7:d7:28:47:22:e7:da:95:d0:6c:bd:8a:7f:1c:1f:5b:2e: 24:73:59:44:a4:2a:f8:7c:43:c5:f9:0d:08:b7:35:78:46:41: d9:1f:d2:42:53:ad:d5:9f:7d:eb:9d:94:4c:6c:1f:ef:6e:cd: 70:42:00:68:4c:cf:80:67:db:2e:41:e8:80:87:0f:a8:6d:c4: d8:2d:a3:0f:25:b3:1c:c5:ea:02:46:24:de:87:8e:b9:21:e6: 0d:9f:7b:38:23:ec:2c:64:46:4b:54:c6:b9:e3:d0:b4:2a:c9: fe:93:a9:71:e7:37:c0:8a:9c:42:d2:ff:1e:21:92:9f:aa:1f: eb:ad:88:a7:cf:44:d8:b2:ac:5a:9f:25:2e:41:18:b8:52:f2: 3b:a9:f1:19:4d:d0:12:98:31:37:77:db:3c:78:09:93:7b:50: 99:5b:13:6d -----BEGIN CERTIFICATE----- MIIF+jCCBOKgAwIBAgIUV0YH27vP2TDrHoOuzfn+D33R/CYwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNDI1MTgxMDAxWhcNMjUwNTMwMjM1OTU5 WjB6MUkwRwYDVQQFE0AwMzNkNGIzNzBlNWQyZmNiN2M5MDkxNmY5M2ZhYTBmZDAx OTk3YTcwMzA5OTUyZDk4YzMxNWYzZDIyMjk4NDI3MS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQD7kRo2WuavStCb4pD6jsbY+hPiBAiPJzVQiMtfDwShA3Zj KE+h9cqb2IJrebARSwc7zaK0DWDUQHRJ89fCI1reGdf7p9VQ1VhzpIOFdRkvuBbY SnhjcuKKa67toTCs2sGRGTezBAz0rVJlLM4fl9Edp/xRTYt4ZF2qPiPJ2MXhU5Dl fouvyumFwftjcwgpemlJanwNaRVffmB8a3xGU+MjTf6xHv+ObviBKsrCh1fI+qd/ sjK5iVRp2JMLs+lMSGYIp2qhiDf+3OPIAEZr/5NkT1xIrZ0mADwjec4yKBvazwx1 DOKau6EHl9rfsXAVk2G+7lntbMm83n8TU7tBMlmLAgMBAAGjggKzMIICrzAdBgNV HQ4EFgQUnDa1n/upqda2CA+ZSgouQ5VmS/AwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2LzIwZGY3NGNlLTFhNjQtNGRmMS1iNjE2LTExNWQ0NDkzYTk2OS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAmAPDwAjANBgkqhkiG9w0BAQsFAAOCAQEAgA3EqGD0BUHPhSC/UcNYtfFI uve2kPBv5+mTGzTF47o/1UGrwmGtKHpTlNj84C8cvcPjb6uWtdIHtJKXJKJqkcUt uy/RXcRZi5gOHNk0n/k/rFIQ08OsvY1fE/fXKEci59qV0Gy9in8cH1suJHNZRKQq +HxDxfkNCLc1eEZB2R/SQlOt1Z99652UTGwf727NcEIAaEzPgGfbLkHogIcPqG3E 2C2jDyWzHMXqAkYk3oeOuSHmDZ97OCPsLGRGS1TGuePQtCrJ/pOpcec3wIqcQtL/ HiGSn6of662Ip89E2LKsWp8lLkEYuFLyO6nxGU3QEpgxN3fbPHgJk3tQmVsTbQ== -----END CERTIFICATE-----Generated at Sat Apr 26 19:20:10 2025 by rpki-client