$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a4c99211-8489-4968-bb5b-fa10b298aaaf.roa File: a4c99211-8489-4968-bb5b-fa10b298aaaf.roa (raw, json) Hash identifier: 34W3Y7b24Jtxndv3qUf0VO/L0s7Ex14OPtfKbNmRwp4= Subject key identifier: A8:9D:CA:5D:5B:6D:98:1C:5D:DC:AA:85:30:41:C2:E0:9C:68:02:6A Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 2F1F858BA1DEB553FE59A3258F49CA2C7CA31C9D Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a4c99211-8489-4968-bb5b-fa10b298aaaf.roa Signing time: Sat 05 Apr 2025 00:10:11 +0000 ROA not before: Sat 05 Apr 2025 00:10:11 +0000 ROA not after: Sat 10 May 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2600:f0fb:f000::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 27 Apr 2025 22:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:1f:85:8b:a1:de:b5:53:fe:59:a3:25:8f:49:ca:2c:7c:a3:1c:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Apr 5 00:10:11 2025 GMT Not After : May 10 23:59:59 2025 GMT Subject: serialNumber=f9a6a456adbce50f5750549ee6d731312c59f895da77e6a57af21e3218cd9ab0, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:ec:b9:0f:af:fc:be:36:0a:1a:60:a5:4f:cd: 49:8d:c4:22:8c:74:f7:e1:2d:da:3e:45:dd:f4:04: 83:8f:0a:3f:53:93:e7:f2:cd:2d:e7:47:45:b2:76: af:7a:f5:27:2e:a9:70:7a:24:4f:50:2d:50:7d:58: 3e:3e:7a:39:99:b4:35:18:82:25:09:08:70:b0:69: 60:0c:68:bb:6a:ef:34:ba:b0:25:b7:bb:9d:30:56: 1d:4c:97:3e:76:81:05:c5:09:16:03:2f:db:c1:f1: 7d:5e:f3:eb:05:9e:38:70:18:ff:da:e8:2d:66:f6: 67:fa:7e:af:ff:b6:34:49:47:5f:25:89:6b:58:f5: e7:07:d6:7e:23:1b:47:4c:a1:f2:2d:a5:10:e1:9f: ee:f6:2e:23:e5:7f:73:fc:9c:53:c1:5c:1a:72:39: bb:0e:10:e3:16:69:0d:5c:bd:cf:fb:e4:d1:8b:e4: 73:50:f8:33:5d:f6:6b:70:f5:de:59:72:4a:8a:17: 6f:40:25:f1:be:24:81:f9:86:a1:73:49:74:9e:bd: 52:17:e9:84:5d:9a:d7:63:84:a8:79:9b:c0:37:47: 00:88:a7:a0:34:02:f3:74:9a:ea:5c:7d:b7:43:a9: 21:06:8c:0e:95:93:85:57:cf:d7:0a:b9:b1:0b:9b: 5e:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:9D:CA:5D:5B:6D:98:1C:5D:DC:AA:85:30:41:C2:E0:9C:68:02:6A X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a4c99211-8489-4968-bb5b-fa10b298aaaf.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0fb:f000::/44 Signature Algorithm: sha256WithRSAEncryption 87:a2:83:05:0b:91:cc:70:20:f7:f6:05:a6:07:cd:f2:a6:6e: 44:d9:e1:eb:75:ad:94:c8:46:73:ee:c2:41:83:05:02:4d:4d: f6:c8:7b:b9:71:77:ac:d2:a1:bd:f5:df:08:64:b0:3f:36:2f: ea:37:5e:c9:74:34:92:5a:93:64:f3:c2:35:d1:23:ba:ba:b0: 89:da:28:7e:29:18:02:0f:c7:fc:5e:a4:27:e6:a9:34:f1:f9: cc:c0:33:a6:4e:46:6e:0c:b2:0b:bb:be:cb:a1:e3:f9:15:9e: f7:1d:8b:d9:35:d0:28:90:d4:66:7c:09:52:6a:0e:57:14:be: f0:bb:2f:c1:12:60:68:09:30:47:ca:bc:0e:23:68:f9:9a:c4: c8:c7:2d:60:4c:57:d3:d5:30:89:b4:d2:c9:94:34:3c:c3:1c: 1a:75:2f:d8:7f:aa:90:63:61:8a:a1:ec:b2:c6:a1:be:69:f9: 3b:32:78:bb:f4:4c:90:bc:08:e0:b3:ac:e0:cc:64:4c:c8:d8: 31:8c:c1:f6:ee:8b:7b:f1:9b:aa:6c:f7:9f:e7:e7:37:da:30: 41:da:66:aa:1b:0c:d2:21:80:d3:44:4f:23:0f:4c:17:79:91: 0a:3a:67:62:c8:c4:2e:7a:df:01:8b:e5:6e:18:79:bd:d1:84: 6a:4d:9d:69 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIULx+Fi6HetVP+WaMlj0nKLHyjHJ0wDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNDA1MDAxMDExWhcNMjUwNTEwMjM1OTU5 WjB6MUkwRwYDVQQFE0BmOWE2YTQ1NmFkYmNlNTBmNTc1MDU0OWVlNmQ3MzEzMTJj NTlmODk1ZGE3N2U2YTU3YWYyMWUzMjE4Y2Q5YWIwMS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCO7LkPr/y+NgoaYKVPzUmNxCKMdPfhLdo+Rd30BIOPCj9T k+fyzS3nR0Wydq969ScuqXB6JE9QLVB9WD4+ejmZtDUYgiUJCHCwaWAMaLtq7zS6 sCW3u50wVh1Mlz52gQXFCRYDL9vB8X1e8+sFnjhwGP/a6C1m9mf6fq//tjRJR18l iWtY9ecH1n4jG0dMofItpRDhn+72LiPlf3P8nFPBXBpyObsOEOMWaQ1cvc/75NGL 5HNQ+DNd9mtw9d5ZckqKF29AJfG+JIH5hqFzSXSevVIX6YRdmtdjhKh5m8A3RwCI p6A0AvN0mupcfbdDqSEGjA6Vk4VXz9cKubELm14PAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUqJ3KXVttmBxd3KqFMEHC4JxoAmowHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2L2E0Yzk5MjExLTg0ODktNDk2OC1iYjViLWZhMTBiMjk4YWFhZi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwQmAPD78AAwDQYJKoZIhvcNAQELBQADggEBAIeigwULkcxwIPf2BaYHzfKm bkTZ4et1rZTIRnPuwkGDBQJNTfbIe7lxd6zSob313whksD82L+o3Xsl0NJJak2Tz wjXRI7q6sInaKH4pGAIPx/xepCfmqTTx+czAM6ZORm4Msgu7vsuh4/kVnvcdi9k1 0CiQ1GZ8CVJqDlcUvvC7L8ESYGgJMEfKvA4jaPmaxMjHLWBMV9PVMIm00smUNDzD HBp1L9h/qpBjYYqh7LLGob5p+TsyeLv0TJC8COCzrODMZEzI2DGMwfbui3vxm6ps 95/n5zfaMEHaZqobDNIhgNNETyMPTBd5kQo6Z2LIxC563wGL5W4Yeb3RhGpNnWk= -----END CERTIFICATE-----Generated at Sat Apr 26 13:34:16 2025 by rpki-client