$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/4f5d9525-0193-4993-b222-48d2585ae7fa.roa File: 4f5d9525-0193-4993-b222-48d2585ae7fa.roa (raw, json) Hash identifier: EMGYcT7T12LS9odw2iK2NYLHV67BH3W5ppbqiKIkduY= Subject key identifier: 79:83:D0:0D:1D:81:7A:D9:05:84:4D:F8:37:19:D9:78:6A:29:89:C3 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 5AB136A6680186EFF377365E2C464DEF2B3FE718 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/4f5d9525-0193-4993-b222-48d2585ae7fa.roa Signing time: Sat 05 Apr 2025 00:10:12 +0000 ROA not before: Sat 05 Apr 2025 00:10:12 +0000 ROA not after: Sat 10 May 2025 23:59:59 +0000 asID: 8987 IP address blocks: 2600:f0fb:f000::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 27 Apr 2025 22:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:b1:36:a6:68:01:86:ef:f3:77:36:5e:2c:46:4d:ef:2b:3f:e7:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Apr 5 00:10:12 2025 GMT Not After : May 10 23:59:59 2025 GMT Subject: serialNumber=319210027e3eef5afd90df7d8390cf1c57c06b06bc446bd88a7b2b01eb4abf91, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:21:48:66:c0:ad:67:4a:bc:8a:69:26:82:28: 37:24:90:fb:7a:6f:a1:3d:6f:b8:b3:67:a4:3a:17: f8:58:96:11:32:7a:d5:2d:72:8d:7e:53:44:25:f0: f6:e2:60:67:89:02:37:41:31:c4:f4:b0:73:c1:6b: fe:45:4c:e2:f0:82:05:af:18:e1:48:b7:a6:ec:76: 3c:f5:43:e0:0c:ed:6d:59:24:c9:2f:36:f3:25:7a: dc:36:b1:f0:7a:92:a2:eb:15:2d:b5:79:b7:fa:8a: d1:16:94:d6:bb:20:ff:c7:bc:0c:c8:db:bc:3c:37: b5:9a:4b:43:8d:65:1e:f2:df:71:e5:e9:c6:87:d4: 04:f5:79:dd:c8:5e:74:aa:5c:67:ae:20:a6:b6:dd: 68:41:b1:cc:3a:e8:d5:2d:be:7c:cf:0e:8c:5a:dc: 55:ad:3a:13:50:36:e3:fd:cc:c5:75:a5:14:1f:ee: 25:4b:b6:f4:8d:60:5d:a3:94:7a:b8:7d:91:03:fa: 17:6b:3b:99:b8:f1:e0:be:b7:a2:01:64:50:b6:a0: 03:2f:02:eb:ff:18:94:09:3f:ad:8c:10:dd:91:c7: 2c:6a:ae:cf:6e:55:73:85:2e:a0:60:8d:18:98:91: d3:fa:52:63:18:9f:9a:da:e9:c8:29:41:81:ae:5a: 32:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:83:D0:0D:1D:81:7A:D9:05:84:4D:F8:37:19:D9:78:6A:29:89:C3 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/4f5d9525-0193-4993-b222-48d2585ae7fa.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0fb:f000::/44 Signature Algorithm: sha256WithRSAEncryption 59:ac:84:28:f4:f3:13:4b:a3:e4:7f:7b:d8:21:e7:fa:f4:db: 27:f9:15:f6:7f:64:3f:97:b6:32:c8:b9:73:f6:50:6e:ee:25: 26:8a:7d:cc:db:8a:a3:c8:40:88:4f:1b:30:2f:01:98:97:a1: 4f:4f:04:25:b0:da:1c:f4:7e:de:dc:ce:d8:cb:26:1b:69:c0: 45:6b:90:59:ec:68:d4:66:ac:3f:ec:8e:0e:77:26:b9:e7:15: 2f:ca:a6:de:35:84:3f:bc:7d:f9:7d:d2:ef:57:e3:a4:a9:4e: 6f:b1:da:f1:23:a4:3c:0c:3e:37:09:f1:5e:1f:11:18:b4:84: 7d:a9:6c:e9:6b:f1:22:dd:63:6e:c1:43:7b:14:cb:82:45:b2: 48:ee:60:83:93:f7:7d:3e:c3:28:b1:60:5f:ab:fe:57:7a:e9: 4c:c1:b7:eb:4e:40:63:e5:8b:5f:b7:ee:8b:13:bf:bf:c6:99: 1c:10:86:18:9d:36:ae:e1:45:9a:47:13:0b:4d:59:88:39:b4: 80:21:5e:58:c1:c9:a2:c4:c2:f4:07:49:c8:3f:98:1f:67:41: 42:6b:7f:5c:eb:60:aa:06:06:8e:a0:d8:15:c6:d2:b7:03:23: 16:a8:26:89:c7:da:ff:78:f8:e3:f6:47:8b:9a:23:0d:80:4a: 84:c1:9a:53 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUWrE2pmgBhu/zdzZeLEZN7ys/5xgwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNDA1MDAxMDEyWhcNMjUwNTEwMjM1OTU5 WjB6MUkwRwYDVQQFE0AzMTkyMTAwMjdlM2VlZjVhZmQ5MGRmN2Q4MzkwY2YxYzU3 YzA2YjA2YmM0NDZiZDg4YTdiMmIwMWViNGFiZjkxMS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQC5IUhmwK1nSryKaSaCKDckkPt6b6E9b7izZ6Q6F/hYlhEy etUtco1+U0Ql8PbiYGeJAjdBMcT0sHPBa/5FTOLwggWvGOFIt6bsdjz1Q+AM7W1Z JMkvNvMletw2sfB6kqLrFS21ebf6itEWlNa7IP/HvAzI27w8N7WaS0ONZR7y33Hl 6caH1AT1ed3IXnSqXGeuIKa23WhBscw66NUtvnzPDoxa3FWtOhNQNuP9zMV1pRQf 7iVLtvSNYF2jlHq4fZED+hdrO5m48eC+t6IBZFC2oAMvAuv/GJQJP62MEN2Rxyxq rs9uVXOFLqBgjRiYkdP6UmMYn5ra6cgpQYGuWjLFAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUeYPQDR2BetkFhE34NxnZeGopicMwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2LzRmNWQ5NTI1LTAxOTMtNDk5My1iMjIyLTQ4ZDI1ODVhZTdmYS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwQmAPD78AAwDQYJKoZIhvcNAQELBQADggEBAFmshCj08xNLo+R/e9gh5/r0 2yf5FfZ/ZD+XtjLIuXP2UG7uJSaKfczbiqPIQIhPGzAvAZiXoU9PBCWw2hz0ft7c ztjLJhtpwEVrkFnsaNRmrD/sjg53JrnnFS/Kpt41hD+8ffl90u9X46SpTm+x2vEj pDwMPjcJ8V4fERi0hH2pbOlr8SLdY27BQ3sUy4JFskjuYIOT930+wyixYF+r/ld6 6UzBt+tOQGPli1+37osTv7/GmRwQhhidNq7hRZpHEwtNWYg5tIAhXljByaLEwvQH Scg/mB9nQUJrf1zrYKoGBo6g2BXG0rcDIxaoJonH2v94+OP2R4uaIw2ASoTBmlM= -----END CERTIFICATE-----Generated at Sat Apr 26 17:07:07 2025 by rpki-client