$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/bf27fdb7-84bf-40d2-906a-7b4c1ff405b2.roa File: bf27fdb7-84bf-40d2-906a-7b4c1ff405b2.roa (raw, json) Hash identifier: uBZyMeX+X+B7aNdVic4qFe5v0wlt9adozqrdCysmWGk= Subject key identifier: CA:5A:6A:51:B5:74:1E:36:DF:16:7A:D3:62:FD:F4:48:D7:10:0F:4F Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 70173C1AF094586595024657A0FA284021431C46 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/bf27fdb7-84bf-40d2-906a-7b4c1ff405b2.roa Signing time: Tue 05 Aug 2025 18:30:13 +0000 ROA not before: Tue 05 Aug 2025 18:30:13 +0000 ROA not after: Tue 09 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:f0fb:e400::/42 maxlen: 42 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Fri 08 Aug 2025 13:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:17:3c:1a:f0:94:58:65:95:02:46:57:a0:fa:28:40:21:43:1c:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Aug 5 18:30:13 2025 GMT Not After : Sep 9 23:59:59 2025 GMT Subject: serialNumber=edaa5842c8c04fa35566b9ad30a1d6655eb1e64f59dacb20bfa8bb4694745694, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:c2:99:05:be:21:3e:e8:15:67:15:a2:a8:e6: 74:50:68:93:02:88:e5:c1:04:2e:fb:f0:73:25:ec: 45:48:a5:4a:35:fb:c8:67:ba:a5:d7:5d:29:00:25: fd:62:18:4d:3e:e5:8f:e2:c2:28:7d:e2:39:4b:49: e1:b2:cf:67:a6:50:4a:98:4b:18:94:f0:9f:ee:1d: a7:4f:ba:d5:c5:f8:3f:dc:c3:63:fe:8f:09:f7:73: 01:14:50:5a:f1:34:c4:4c:50:c0:c1:59:cd:db:ab: e3:99:97:f2:d0:0c:5a:ca:6c:28:d1:e3:84:33:98: 28:8f:d7:dd:92:1f:73:44:65:51:16:64:53:a3:9e: 64:30:5d:4f:b5:87:b0:f7:41:43:00:70:fa:e9:73: 4b:d9:40:ba:38:6b:5e:33:1f:b6:ee:59:b2:ca:61: 1f:e9:35:f0:7e:c4:dd:73:3a:57:0d:e1:cf:d4:33: 90:5f:ca:99:58:ca:64:db:76:02:70:7e:02:cd:67: 2b:37:ba:25:11:50:9a:1d:97:b3:2c:d1:89:69:94: 29:b1:d3:82:41:9f:50:3d:2a:55:8d:04:23:5d:cb: 0a:de:1a:7e:81:46:ef:77:b9:e1:eb:f5:3d:2f:49: 75:64:44:43:d4:f4:8b:81:5e:2b:ac:c4:2a:2b:94: d2:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:5A:6A:51:B5:74:1E:36:DF:16:7A:D3:62:FD:F4:48:D7:10:0F:4F X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/bf27fdb7-84bf-40d2-906a-7b4c1ff405b2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0fb:e400::/42 Signature Algorithm: sha256WithRSAEncryption a8:27:e6:5a:25:6f:e9:c7:16:c0:b2:87:8b:65:00:76:ec:4f: ef:44:18:3a:e0:c7:9e:7c:1f:dd:8a:b4:b7:0e:1f:cb:6f:06: 84:da:c8:fc:e0:a8:d5:2b:19:2c:96:69:e2:1c:2c:8c:86:9c: a7:38:16:ec:a2:4c:a4:1b:72:bb:f6:fb:a9:16:14:b6:39:9d: 75:ca:44:9b:36:35:0e:d0:3b:5e:30:3b:22:2a:b0:8a:9c:58: d2:57:78:44:89:f3:80:9d:37:fb:65:dc:24:62:11:29:e5:31: 19:a2:9d:18:61:c7:22:c7:1e:3a:82:0b:05:cc:94:80:c0:e8: 0d:f5:c3:f7:40:64:0c:d2:a6:7b:ce:20:a0:42:d5:a5:d1:0e: eb:b5:0c:9b:89:d9:d9:03:74:c8:a6:a8:dd:4e:2e:7c:90:69: 17:65:49:f2:fc:68:2a:ec:93:38:5f:31:26:33:a3:98:61:0e: 50:f9:33:43:b5:a6:b0:65:50:3e:df:ee:11:f9:9e:0b:c8:03: d4:e2:7f:ed:9b:9a:ed:18:61:ef:21:da:2d:e6:42:db:55:c1: 8e:81:d6:20:3d:30:c0:d9:cf:b2:d3:3e:f1:97:15:ee:a9:85: e3:5f:df:8d:85:90:16:b9:3d:ef:88:07:bb:43:bd:37:cb:aa: 18:6e:07:03 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUcBc8GvCUWGWVAkZXoPooQCFDHEYwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwODA1MTgzMDEzWhcNMjUwOTA5MjM1OTU5 WjB6MUkwRwYDVQQFE0BlZGFhNTg0MmM4YzA0ZmEzNTU2NmI5YWQzMGExZDY2NTVl YjFlNjRmNTlkYWNiMjBiZmE4YmI0Njk0NzQ1Njk0MS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQC+wpkFviE+6BVnFaKo5nRQaJMCiOXBBC778HMl7EVIpUo1 +8hnuqXXXSkAJf1iGE0+5Y/iwih94jlLSeGyz2emUEqYSxiU8J/uHadPutXF+D/c w2P+jwn3cwEUUFrxNMRMUMDBWc3bq+OZl/LQDFrKbCjR44QzmCiP192SH3NEZVEW ZFOjnmQwXU+1h7D3QUMAcPrpc0vZQLo4a14zH7buWbLKYR/pNfB+xN1zOlcN4c/U M5BfyplYymTbdgJwfgLNZys3uiURUJodl7Ms0YlplCmx04JBn1A9KlWNBCNdywre Gn6BRu93ueHr9T0vSXVkREPU9IuBXiusxCorlNKjAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUylpqUbV0HjbfFnrTYv30SNcQD08wHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2L2JmMjdmZGI3LTg0YmYtNDBkMi05MDZhLTdiNGMxZmY0MDViMi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwYmAPD75AAwDQYJKoZIhvcNAQELBQADggEBAKgn5lolb+nHFsCyh4tlAHbs T+9EGDrgx558H92KtLcOH8tvBoTayPzgqNUrGSyWaeIcLIyGnKc4FuyiTKQbcrv2 +6kWFLY5nXXKRJs2NQ7QO14wOyIqsIqcWNJXeESJ84CdN/tl3CRiESnlMRminRhh xyLHHjqCCwXMlIDA6A31w/dAZAzSpnvOIKBC1aXRDuu1DJuJ2dkDdMimqN1OLnyQ aRdlSfL8aCrskzhfMSYzo5hhDlD5M0O1prBlUD7f7hH5ngvIA9Tif+2bmu0YYe8h 2i3mQttVwY6B1iA9MMDZz7LTPvGXFe6pheNf342FkBa5Pe+IB7tDvTfLqhhuBwM= -----END CERTIFICATE-----Generated at Thu Aug 7 04:44:52 2025 by rpki-client