$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/7200dfa9-d36f-44de-852a-1adda1bbb99c.roa File: 7200dfa9-d36f-44de-852a-1adda1bbb99c.roa (raw, json) Hash identifier: nsoU7Ks3c8H2k8vcspU9aHzJaw7acEwaUfParLLA2Kc= Subject key identifier: D8:67:38:F6:7C:82:11:19:3E:C9:0E:81:CB:9E:00:BB:44:A3:C8:8B Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 4CF535CC5EF433FC39136E206419185C7A098888 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/7200dfa9-d36f-44de-852a-1adda1bbb99c.roa Signing time: Fri 25 Apr 2025 17:51:06 +0000 ROA not before: Fri 25 Apr 2025 17:51:06 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2600:f0f0:1000::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 27 Apr 2025 22:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:f5:35:cc:5e:f4:33:fc:39:13:6e:20:64:19:18:5c:7a:09:88:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Apr 25 17:51:06 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=43d903a1b77da95aea57581f7e17d36eca02d084584763a538730c9ec15f4e64, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:8d:7e:9a:2d:63:60:ba:02:5d:99:19:de:d2: a9:68:7e:16:12:c4:06:12:6b:27:cd:5f:8f:b7:b7: 3e:f8:68:e5:2b:40:b0:f4:04:85:1a:b9:65:e2:f4: 4c:5f:50:f2:ff:78:8d:50:76:25:3d:17:05:69:cf: b8:da:16:8d:4b:3d:7a:68:b1:0e:ed:d3:76:39:03: 32:7a:95:f7:81:b4:25:14:59:80:23:e2:0a:c0:d0: 69:ae:4d:15:d1:a2:42:f0:70:ee:ab:4a:49:f6:fe: 04:14:9c:a7:6a:a0:69:6d:84:89:46:91:41:41:49: b7:28:54:74:14:e1:94:ce:58:63:4a:03:6d:9d:e6: e9:d5:69:46:b6:0e:57:bb:11:59:b6:47:ff:f1:c4: a5:9e:c7:c6:4c:54:da:78:6c:91:a8:0a:b9:cc:7f: 8a:87:f1:8a:5e:85:f5:85:bb:10:23:90:20:1e:a7: ba:59:dd:a5:af:f1:b9:78:14:2d:42:8f:b3:ff:8c: 32:95:87:56:07:93:30:69:84:cb:ea:58:05:3d:eb: 4a:c8:36:f4:f6:ae:94:0e:a8:1c:3d:5f:0c:92:d0: df:b6:f5:8c:66:4c:64:af:ea:37:d0:46:f7:2e:8b: d0:db:e1:40:f7:e5:1b:f0:7b:47:3a:9c:b9:f9:39: cc:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:67:38:F6:7C:82:11:19:3E:C9:0E:81:CB:9E:00:BB:44:A3:C8:8B X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/7200dfa9-d36f-44de-852a-1adda1bbb99c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0f0:1000::/44 Signature Algorithm: sha256WithRSAEncryption 96:d5:b6:13:61:01:a7:a0:de:18:b7:60:52:95:38:6c:18:f2: b0:d1:82:b3:5b:42:5b:35:35:62:c5:16:ae:a8:34:42:e1:9d: f3:63:4c:fc:74:72:3d:ba:7a:cf:03:66:1c:9b:66:74:bf:25: 9d:3d:a4:05:a3:c9:ee:bb:f4:97:84:68:57:7c:3e:cc:46:71: a8:08:94:1a:78:0d:7f:91:0f:2a:66:60:9d:4b:5d:0a:44:49: 4a:46:1e:62:77:07:a4:21:18:63:d5:c1:3e:01:a0:89:d7:fd: 58:1c:e7:07:57:cc:53:25:12:5a:de:a8:b8:34:63:97:a2:e8: 90:c7:89:46:98:d3:58:f7:13:18:3d:fb:f7:67:1b:48:05:24: b3:f9:50:06:42:f9:5e:5c:c6:0f:1c:db:47:3e:d5:bd:b8:95: 37:77:91:4a:b3:d1:b0:57:21:54:41:6c:e0:63:b0:04:85:a9: 55:ad:67:3e:5b:b1:7d:10:d0:ae:fa:ca:7a:db:1a:a8:8b:84: d2:91:ec:39:9e:ee:4b:87:94:5c:6d:65:55:b1:a5:d8:29:0a: 03:96:76:87:37:e3:57:34:83:22:4a:0a:c8:a4:69:25:06:2d: 94:8c:bf:28:e7:15:4b:c5:6e:6c:99:da:79:a3:e8:f9:c9:74: 3b:f9:94:b9 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUTPU1zF70M/w5E24gZBkYXHoJiIgwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNDI1MTc1MTA2WhcNMjUwNTMwMjM1OTU5 WjB6MUkwRwYDVQQFE0A0M2Q5MDNhMWI3N2RhOTVhZWE1NzU4MWY3ZTE3ZDM2ZWNh MDJkMDg0NTg0NzYzYTUzODczMGM5ZWMxNWY0ZTY0MS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQC1jX6aLWNgugJdmRne0qlofhYSxAYSayfNX4+3tz74aOUr QLD0BIUauWXi9ExfUPL/eI1QdiU9FwVpz7jaFo1LPXposQ7t03Y5AzJ6lfeBtCUU WYAj4grA0GmuTRXRokLwcO6rSkn2/gQUnKdqoGlthIlGkUFBSbcoVHQU4ZTOWGNK A22d5unVaUa2Dle7EVm2R//xxKWex8ZMVNp4bJGoCrnMf4qH8YpehfWFuxAjkCAe p7pZ3aWv8bl4FC1Cj7P/jDKVh1YHkzBphMvqWAU960rINvT2rpQOqBw9XwyS0N+2 9YxmTGSv6jfQRvcui9Db4UD35Rvwe0c6nLn5OczNAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQU2Gc49nyCERk+yQ6By54Au0SjyIswHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2LzcyMDBkZmE5LWQzNmYtNDRkZS04NTJhLTFhZGRhMWJiYjk5Yy5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwQmAPDwEAAwDQYJKoZIhvcNAQELBQADggEBAJbVthNhAaeg3hi3YFKVOGwY 8rDRgrNbQls1NWLFFq6oNELhnfNjTPx0cj26es8DZhybZnS/JZ09pAWjye679JeE aFd8PsxGcagIlBp4DX+RDypmYJ1LXQpESUpGHmJ3B6QhGGPVwT4BoInX/Vgc5wdX zFMlElreqLg0Y5ei6JDHiUaY01j3Exg9+/dnG0gFJLP5UAZC+V5cxg8c20c+1b24 lTd3kUqz0bBXIVRBbOBjsASFqVWtZz5bsX0Q0K76ynrbGqiLhNKR7Dme7kuHlFxt ZVWxpdgpCgOWdoc341c0gyJKCsikaSUGLZSMvyjnFUvFbmyZ2nmj6PnJdDv5lLk= -----END CERTIFICATE-----Generated at Sat Apr 26 13:20:34 2025 by rpki-client