$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/8d914165-a3e7-48af-b624-8691c64e5360.roa File: 8d914165-a3e7-48af-b624-8691c64e5360.roa (raw, json) Hash identifier: ig8+rRnHviLEA8c3hOfVaX7lMO3Qz9oAWEKB6YaT/IA= Subject key identifier: AA:AA:4E:15:47:80:3D:64:B4:17:19:B5:6C:B6:35:86:6F:6A:AB:6C Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 7B8E993AD0D3FF83D242E6DC1FE7042974C15410 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/8d914165-a3e7-48af-b624-8691c64e5360.roa Signing time: Fri 25 Apr 2025 18:10:08 +0000 ROA not before: Fri 25 Apr 2025 18:10:08 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:f000::/28 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 27 Apr 2025 22:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:8e:99:3a:d0:d3:ff:83:d2:42:e6:dc:1f:e7:04:29:74:c1:54:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Apr 25 18:10:08 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=d5063f23f032680725d8371693b39d2cd3a4c3c727c9a13d25a56d58f969cd23, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:2a:c8:58:78:1d:01:18:b1:ea:d1:fb:aa:5d: 26:7e:ed:62:c1:51:08:81:db:cb:28:59:a6:41:17: 26:f8:8d:3d:2f:99:eb:de:1a:69:49:dd:86:e1:28: 26:4c:1a:5a:62:30:f3:2b:30:ae:71:e0:67:3c:1a: 56:29:ad:66:ce:95:0b:10:9d:7c:16:33:3c:be:ed: b1:c3:5a:d3:2a:bc:22:18:7d:70:92:07:f3:4e:d5: a4:ac:bf:f4:a1:0f:2b:f3:8c:f1:04:f0:95:a6:58: b2:15:f1:6c:20:92:87:34:80:7b:00:dd:b3:f8:44: e4:f5:d9:62:3d:b5:5d:6f:f5:33:a2:12:c3:5f:a4: 06:9d:fc:5b:b7:00:8c:57:b7:93:2a:63:12:4a:84: 99:41:7d:03:be:a5:1d:06:96:c0:a4:46:e3:c3:4b: 01:75:d7:01:7f:1d:d5:7c:b7:b3:51:f7:1e:c3:d3: 26:4f:4c:1c:99:2d:83:d3:08:1b:24:1e:b9:3e:2d: 1b:40:4c:1f:cf:7f:3a:57:0d:56:ed:2e:31:09:05: 2d:96:8e:3c:82:0d:c3:76:2c:12:1f:69:9d:79:99: c8:d5:35:81:64:0b:d5:58:30:9f:4b:3a:29:8f:b3: 81:71:0a:d0:19:ce:9e:cb:f7:86:54:9b:d8:55:f5: 05:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:AA:4E:15:47:80:3D:64:B4:17:19:B5:6C:B6:35:86:6F:6A:AB:6C X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/8d914165-a3e7-48af-b624-8691c64e5360.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f000::/28 Signature Algorithm: sha256WithRSAEncryption 2c:01:10:3d:ba:2c:ba:b7:9e:0a:eb:bb:ef:ab:49:71:47:4e: 07:47:58:51:f8:6a:88:23:a4:69:3f:e3:0c:62:8f:07:a2:3b: c5:9b:44:b8:9c:ca:a6:9e:96:03:2f:21:bd:64:83:d7:d3:d4: 96:e4:4f:99:c6:cc:b7:61:6d:7f:1f:11:4e:e6:1e:9c:76:fc: ab:d3:7e:2f:87:62:eb:a3:63:22:c4:cf:53:d4:df:6e:8f:df: 2c:5d:73:6b:e8:ed:b9:d4:72:d9:ae:6d:14:71:1f:34:23:a6: ea:54:a8:fa:91:ea:93:ae:e4:ca:29:d7:07:19:6d:c8:8f:89: d7:6e:bd:92:98:79:32:75:a2:30:b7:e8:ed:18:75:ee:ff:0b: 87:88:fd:f8:e7:a0:5c:cc:6e:2a:f8:bf:7b:3f:93:1a:94:74: 6a:21:1e:80:7c:fc:57:b5:70:69:08:d5:66:ed:ed:c7:47:2a: 3e:6a:4d:21:8e:e3:be:a8:dd:ee:d7:56:3e:8d:70:c5:64:9a: 90:70:c4:79:70:89:43:cf:85:48:85:8d:07:a4:0e:28:49:ad: 5e:71:9a:ec:74:44:02:36:77:52:d0:d7:06:d9:e9:b7:fd:af: a9:83:3d:df:62:d4:5f:f5:2b:0e:fc:f1:b5:e6:74:3a:3e:a1: 11:8e:b1:21 -----BEGIN CERTIFICATE----- MIIF+TCCBOGgAwIBAgIUe46ZOtDT/4PSQubcH+cEKXTBVBAwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNDI1MTgxMDA4WhcNMjUwNTMwMjM1OTU5 WjB6MUkwRwYDVQQFE0BkNTA2M2YyM2YwMzI2ODA3MjVkODM3MTY5M2IzOWQyY2Qz YTRjM2M3MjdjOWExM2QyNWE1NmQ1OGY5NjljZDIzMS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCtKshYeB0BGLHq0fuqXSZ+7WLBUQiB28soWaZBFyb4jT0v meveGmlJ3YbhKCZMGlpiMPMrMK5x4Gc8GlYprWbOlQsQnXwWMzy+7bHDWtMqvCIY fXCSB/NO1aSsv/ShDyvzjPEE8JWmWLIV8Wwgkoc0gHsA3bP4ROT12WI9tV1v9TOi EsNfpAad/Fu3AIxXt5MqYxJKhJlBfQO+pR0GlsCkRuPDSwF11wF/HdV8t7NR9x7D 0yZPTByZLYPTCBskHrk+LRtATB/PfzpXDVbtLjEJBS2WjjyCDcN2LBIfaZ15mcjV NYFkC9VYMJ9LOimPs4FxCtAZzp7L94ZUm9hV9QXpAgMBAAGjggKyMIICrjAdBgNV HQ4EFgQUqqpOFUeAPWS0Fxm1bLY1hm9qq2wwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2LzhkOTE0MTY1LWEzZTctNDhhZi1iNjI0LTg2OTFjNjRlNTM2MC5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgAC MAcDBQQmAPAAMA0GCSqGSIb3DQEBCwUAA4IBAQAsARA9uiy6t54K67vvq0lxR04H R1hR+GqII6RpP+MMYo8HojvFm0S4nMqmnpYDLyG9ZIPX09SW5E+Zxsy3YW1/HxFO 5h6cdvyr034vh2Lro2MixM9T1N9uj98sXXNr6O251HLZrm0UcR80I6bqVKj6keqT ruTKKdcHGW3Ij4nXbr2SmHkydaIwt+jtGHXu/wuHiP3456BczG4q+L97P5MalHRq IR6AfPxXtXBpCNVm7e3HRyo+ak0hjuO+qN3u11Y+jXDFZJqQcMR5cIlDz4VIhY0H pA4oSa1ecZrsdEQCNndS0NcG2em3/a+pgz3fYtRf9SsO/PG15nQ6PqERjrEh -----END CERTIFICATE-----Generated at Sat Apr 26 15:01:47 2025 by rpki-client