$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/87fc20f7-0de9-48d8-850e-c430d88860e9.roa File: 87fc20f7-0de9-48d8-850e-c430d88860e9.roa (raw, json) Hash identifier: xdnhIyu97ssgA/tnsiCk/e+kvmED3r5VkH6G67mkd4A= Subject key identifier: 1F:E4:8E:27:A0:2A:06:C7:6B:04:78:88:86:A2:58:B6:E3:27:9B:F3 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 08E831343730A0DED2C0D7DA8F8E35700245C820 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/87fc20f7-0de9-48d8-850e-c430d88860e9.roa Signing time: Fri 25 Apr 2025 17:50:14 +0000 ROA not before: Fri 25 Apr 2025 17:50:14 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2600:f0f0:3::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 27 Apr 2025 22:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:e8:31:34:37:30:a0:de:d2:c0:d7:da:8f:8e:35:70:02:45:c8:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Apr 25 17:50:14 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=92eb4145f8b8458a0708ba291c5a7953a847ca48a2ef93b6a2cf8ad4a8aa9134, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:27:51:9f:0f:08:05:fd:4c:a4:51:be:08:71: 49:f1:56:e6:8d:b0:39:f9:25:f0:2d:f4:ff:33:50: 71:a0:cf:99:b2:d2:0e:96:5c:b4:55:5b:b5:49:d4: f3:bc:aa:a2:ad:a2:c6:81:f4:66:39:89:69:f1:aa: 83:0a:83:24:93:cb:84:0c:56:75:2a:5d:60:c6:87: 0b:4b:7a:d9:36:33:85:dd:fd:96:65:f9:d4:3f:c8: da:53:d4:30:c3:23:5d:47:90:e3:f5:8b:e2:fe:4c: ed:11:43:f7:0f:ec:f1:07:f6:4e:7f:d3:c2:0c:c2: 7f:f8:f7:eb:b7:22:f6:72:ed:4c:64:07:cc:dd:e6: 79:8d:a4:7b:44:d2:fb:d0:2e:29:24:b6:9b:37:35: c5:86:0b:dc:cc:36:40:bc:a5:4c:69:2e:83:f0:c1: a0:cd:5b:ba:26:0d:af:53:a7:97:3f:72:66:cd:33: 98:52:56:45:3f:15:fb:c8:19:f6:58:ab:01:cb:ff: 41:5d:49:d1:d7:de:0a:1e:e6:e8:09:f0:97:5e:27: 41:69:6e:1c:c5:d5:d1:eb:3a:35:51:a6:a7:e0:9d: d3:88:c3:35:d9:8e:d4:c0:84:52:ff:48:02:94:5e: 9b:05:9c:c7:2a:bd:04:1c:bb:75:3c:80:2c:9d:f5: 51:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:E4:8E:27:A0:2A:06:C7:6B:04:78:88:86:A2:58:B6:E3:27:9B:F3 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/87fc20f7-0de9-48d8-850e-c430d88860e9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0f0:3::/48 Signature Algorithm: sha256WithRSAEncryption 9b:37:12:f8:41:97:f2:9f:fb:7d:63:f2:97:a6:1b:68:7d:5e: 5b:fd:23:0a:13:5f:c0:2f:8a:36:84:ce:10:bc:16:db:d4:5e: 52:1e:74:85:40:ea:d7:0a:a5:3a:5f:eb:24:00:88:5b:46:8e: 08:11:5c:b1:a0:aa:77:cc:f5:c1:02:b0:74:e4:27:bd:a8:91: 94:99:c1:be:93:ba:4b:15:db:fe:43:7c:44:1d:7b:a9:54:81: 28:31:9f:ad:6b:22:2b:f6:ab:fb:61:83:ca:b3:5a:29:59:a4: c1:f0:94:1c:81:27:70:66:66:d0:50:3b:a2:37:5a:c7:6b:96: 47:52:98:60:76:86:0a:04:f6:12:db:d0:65:e2:ca:a1:48:ae: 27:c5:f5:35:21:cc:b0:8e:73:c7:bc:bf:b2:18:f5:aa:49:55: 87:40:67:e9:31:03:c5:10:60:93:64:ff:90:e6:8c:28:93:4a: 4c:0e:34:ef:23:ed:24:2b:1d:e5:d0:1e:03:f2:93:ed:ce:7b: 26:97:7c:03:5f:c3:3e:fb:2f:45:80:ba:6d:e5:a4:cf:83:09: e9:ba:31:58:09:79:ea:48:fd:23:d0:d4:ba:73:7b:b3:ab:cb: 35:4c:5b:05:f5:be:6b:41:19:6b:aa:fc:ac:61:38:c9:47:28: b7:d3:e2:18 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUCOgxNDcwoN7SwNfaj441cAJFyCAwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNDI1MTc1MDE0WhcNMjUwNTMwMjM1OTU5 WjB6MUkwRwYDVQQFE0A5MmViNDE0NWY4Yjg0NThhMDcwOGJhMjkxYzVhNzk1M2E4 NDdjYTQ4YTJlZjkzYjZhMmNmOGFkNGE4YWE5MTM0MS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCsJ1GfDwgF/UykUb4IcUnxVuaNsDn5JfAt9P8zUHGgz5my 0g6WXLRVW7VJ1PO8qqKtosaB9GY5iWnxqoMKgySTy4QMVnUqXWDGhwtLetk2M4Xd /ZZl+dQ/yNpT1DDDI11HkOP1i+L+TO0RQ/cP7PEH9k5/08IMwn/49+u3IvZy7Uxk B8zd5nmNpHtE0vvQLikktps3NcWGC9zMNkC8pUxpLoPwwaDNW7omDa9Tp5c/cmbN M5hSVkU/FfvIGfZYqwHL/0FdSdHX3goe5ugJ8JdeJ0FpbhzF1dHrOjVRpqfgndOI wzXZjtTAhFL/SAKUXpsFnMcqvQQcu3U8gCyd9VEpAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUH+SOJ6AqBsdrBHiIhqJYtuMnm/MwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2Lzg3ZmMyMGY3LTBkZTktNDhkOC04NTBlLWM0MzBkODg4NjBlOS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwAmAPDwAAMwDQYJKoZIhvcNAQELBQADggEBAJs3EvhBl/Kf+31j8pemG2h9 Xlv9IwoTX8AvijaEzhC8FtvUXlIedIVA6tcKpTpf6yQAiFtGjggRXLGgqnfM9cEC sHTkJ72okZSZwb6TuksV2/5DfEQde6lUgSgxn61rIiv2q/thg8qzWilZpMHwlByB J3BmZtBQO6I3WsdrlkdSmGB2hgoE9hLb0GXiyqFIrifF9TUhzLCOc8e8v7IY9apJ VYdAZ+kxA8UQYJNk/5DmjCiTSkwONO8j7SQrHeXQHgPyk+3OeyaXfANfwz77L0WA um3lpM+DCem6MVgJeepI/SPQ1Lpze7OryzVMWwX1vmtBGWuq/KxhOMlHKLfT4hg= -----END CERTIFICATE-----Generated at Sat Apr 26 13:20:40 2025 by rpki-client