$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/56527727-111d-4d4a-9da3-1e8d68e15a4c.roa File: 56527727-111d-4d4a-9da3-1e8d68e15a4c.roa (raw, json) Hash identifier: R47OLFhTSZ4r6FGd9HjxyTleloXiZpgZiQOfG/SgKw8= Subject key identifier: CA:26:C4:17:8C:CB:03:3E:C6:B9:2B:B8:C7:80:39:C8:E9:E4:C1:F9 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 4348B8CCA9D49A4000F9FDD1921211507BE091DC Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/56527727-111d-4d4a-9da3-1e8d68e15a4c.roa Signing time: Fri 25 Apr 2025 17:50:47 +0000 ROA not before: Fri 25 Apr 2025 17:50:47 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:f0f0:80::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 27 Apr 2025 22:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:48:b8:cc:a9:d4:9a:40:00:f9:fd:d1:92:12:11:50:7b:e0:91:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Apr 25 17:50:47 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=be4ed20db7c587fa5c76bab53115e8e914d9f0b3c30056734a28b6ab867d6b0b, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:93:83:6f:67:31:4c:4f:b3:97:38:43:2c:29: f7:77:08:94:a3:2b:a7:81:cd:56:aa:20:e4:0a:3d: c9:16:26:6c:04:cf:4b:dc:be:e4:c3:27:45:ac:67: b7:af:54:91:6f:b8:53:3b:a6:00:2d:04:27:8f:ab: ee:31:fb:97:53:92:0c:50:15:f5:a4:05:d1:f9:86: 52:d1:41:e3:53:7a:76:18:b0:15:44:a8:e6:fe:37: 1d:a3:71:15:1a:5b:fe:b1:50:a2:24:fb:34:02:0f: 3d:e0:02:05:d3:1d:5f:11:51:17:11:f5:34:01:1f: f3:03:b1:35:63:a6:6c:e4:65:3e:ed:4f:e9:18:a3: 6c:93:bb:d9:02:01:92:98:2a:f5:1a:fa:4f:2d:77: 5f:dd:5b:f2:5b:65:9a:2f:d1:f0:7e:4d:f5:30:a0: ae:7f:75:d7:17:90:cd:3f:b3:77:6e:14:fe:77:87: 35:a7:6a:c3:95:1b:3b:d9:59:bd:b8:cd:fa:45:c9: d6:d0:85:37:ea:96:bc:e9:40:2c:e8:51:19:3a:ea: ae:a6:02:7d:40:e6:c3:29:f8:95:00:ce:8d:3f:88: 6f:ed:ea:fd:a8:29:14:ef:a1:c4:03:f4:42:ff:8a: ea:7b:07:34:20:2e:53:2d:50:2e:c8:6f:b6:6c:56: 7a:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:26:C4:17:8C:CB:03:3E:C6:B9:2B:B8:C7:80:39:C8:E9:E4:C1:F9 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/56527727-111d-4d4a-9da3-1e8d68e15a4c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0f0:80::/44 Signature Algorithm: sha256WithRSAEncryption 1b:17:f1:f8:d9:54:02:09:6e:9a:8e:d9:2b:49:2e:12:a8:e0: 07:fb:a6:70:65:0a:19:c3:85:5f:3a:fb:9c:00:9d:f3:38:1e: 3e:bd:37:83:ed:75:81:c8:fa:71:57:9b:76:24:c2:56:ac:7f: 56:ef:8c:e6:87:ef:f3:14:de:db:f6:23:c0:96:49:67:72:32: 66:3d:0c:d3:a3:ae:c6:b6:84:32:8e:ee:94:f1:ac:e2:ea:9a: c4:6d:18:51:9f:39:f6:3e:96:c2:a7:16:16:f1:f8:5e:fe:80: ac:38:ac:fc:05:76:42:fa:12:79:5d:7f:b0:d2:8a:94:48:2f: c8:bb:85:13:79:ee:7a:46:72:cd:3e:c6:fc:09:c4:41:b6:89: ad:8d:96:4b:0f:c1:c7:8c:2a:fd:6f:7a:d1:0c:e9:1b:87:06: 36:dc:20:63:d9:d3:81:1a:67:cc:0c:50:1c:8b:57:fa:f5:ae: 89:42:c4:ce:17:25:90:93:50:a8:57:99:f4:41:f7:72:4c:b9: b6:92:dc:b7:ae:bd:29:28:f2:23:a3:7e:db:98:76:f9:8e:cc: 7a:f8:51:11:71:3d:0e:6c:32:bc:fc:01:57:04:29:01:af:ef: 7b:b1:59:58:ea:19:0d:69:83:ac:3d:61:dc:cf:03:ff:18:e8: 98:c6:f1:12 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUQ0i4zKnUmkAA+f3RkhIRUHvgkdwwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNDI1MTc1MDQ3WhcNMjUwNTMwMjM1OTU5 WjB6MUkwRwYDVQQFE0BiZTRlZDIwZGI3YzU4N2ZhNWM3NmJhYjUzMTE1ZThlOTE0 ZDlmMGIzYzMwMDU2NzM0YTI4YjZhYjg2N2Q2YjBiMS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCzk4NvZzFMT7OXOEMsKfd3CJSjK6eBzVaqIOQKPckWJmwE z0vcvuTDJ0WsZ7evVJFvuFM7pgAtBCePq+4x+5dTkgxQFfWkBdH5hlLRQeNTenYY sBVEqOb+Nx2jcRUaW/6xUKIk+zQCDz3gAgXTHV8RURcR9TQBH/MDsTVjpmzkZT7t T+kYo2yTu9kCAZKYKvUa+k8td1/dW/JbZZov0fB+TfUwoK5/ddcXkM0/s3duFP53 hzWnasOVGzvZWb24zfpFydbQhTfqlrzpQCzoURk66q6mAn1A5sMp+JUAzo0/iG/t 6v2oKRTvocQD9EL/iup7BzQgLlMtUC7Ib7ZsVnrNAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUyibEF4zLAz7GuSu4x4A5yOnkwfkwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2LzU2NTI3NzI3LTExMWQtNGQ0YS05ZGEzLTFlOGQ2OGUxNWE0Yy5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwQmAPDwAIAwDQYJKoZIhvcNAQELBQADggEBABsX8fjZVAIJbpqO2StJLhKo 4Af7pnBlChnDhV86+5wAnfM4Hj69N4PtdYHI+nFXm3Ykwlasf1bvjOaH7/MU3tv2 I8CWSWdyMmY9DNOjrsa2hDKO7pTxrOLqmsRtGFGfOfY+lsKnFhbx+F7+gKw4rPwF dkL6Enldf7DSipRIL8i7hRN57npGcs0+xvwJxEG2ia2NlksPwceMKv1vetEM6RuH BjbcIGPZ04EaZ8wMUByLV/r1rolCxM4XJZCTUKhXmfRB93JMubaS3LeuvSko8iOj ftuYdvmOzHr4URFxPQ5sMrz8AVcEKQGv73uxWVjqGQ1pg6w9YdzPA/8Y6JjG8RI= -----END CERTIFICATE-----Generated at Sat Apr 26 14:52:37 2025 by rpki-client