$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/cd3025ff-3653-4276-a530-1fa2eed87e53.roa File: cd3025ff-3653-4276-a530-1fa2eed87e53.roa (raw, json) Hash identifier: nY9wGyT1DLbB8jbeV26D3XMfv5umyVruMQQE1E63G4Y= Subject key identifier: D4:ED:B0:AC:9A:D7:E4:0B:40:75:53:93:7A:A4:D3:07:A8:1B:A7:91 Certificate issuer: /CN=5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64 Certificate serial: 4951E8350918D63B551235B1106F8493EAD0C857 Authority key identifier: FE:22:E0:F7:22:CC:4F:06:0C:58:5A:12:6F:E6:A2:65:00:36:5E:48 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/cd3025ff-3653-4276-a530-1fa2eed87e53.roa Signing time: Fri 25 Apr 2025 15:20:05 +0000 ROA not before: Fri 25 Apr 2025 15:20:05 +0000 ROA not after: Fri 30 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2620:107:3000::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/GCPJMZh-nJw38EAgqrq_m03_m2Q.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/GCPJMZh-nJw38EAgqrq_m03_m2Q.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/42b2991f-22c7-42f7-8cf5-4f3138859732.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/42b2991f-22c7-42f7-8cf5-4f3138859732.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 27 Apr 2025 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:51:e8:35:09:18:d6:3b:55:12:35:b1:10:6f:84:93:ea:d0:c8:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64 Validity Not Before: Apr 25 15:20:05 2025 GMT Not After : May 30 23:59:59 2025 GMT Subject: serialNumber=ebe18e9109f46b39525c01b61e3342d529466b11194eca2d88194ada49dd8003, CN=71c3876e-b944-4600-92c7-cec33d89523f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:58:49:d9:35:c3:8a:87:5d:d6:c0:26:4e:89: 80:c6:cb:1d:1c:57:11:af:fe:70:8d:4f:f9:3c:7b: f3:3e:e0:88:17:04:ce:1f:08:dc:3f:5c:68:48:f5: 60:8d:e2:9e:af:95:66:e5:99:95:4d:bc:95:43:74: 40:68:8d:24:63:b0:0e:0d:fb:f4:18:42:0e:fc:ee: fa:a9:06:33:de:dd:9a:67:e9:da:1b:a2:5b:e6:06: 9b:98:6a:03:14:c9:8a:26:6e:f7:26:34:05:fd:73: 08:d6:df:b9:af:3a:e4:7d:6a:29:ed:5f:df:ca:4f: 7c:da:71:2e:f1:80:7d:f1:23:ff:f4:ad:2b:e7:b8: a8:1d:6c:c7:8a:f2:c9:d9:55:86:d6:61:05:5b:7b: 26:21:03:45:73:ba:34:60:4c:eb:00:d3:bc:6e:64: 27:f0:2c:20:26:1e:bb:65:7a:d3:55:08:2c:8e:70: 43:79:5e:1c:5e:30:35:0d:a7:96:6a:5e:8f:cd:0c: 26:e9:3a:06:38:17:3a:2a:3f:d7:69:ce:d6:04:a9: cd:4b:77:d3:26:da:d1:ef:9d:46:76:54:70:3c:40: ee:80:cf:ec:91:38:32:75:41:76:9b:f4:b6:22:c2: e2:fd:67:36:64:98:09:42:99:f6:4f:92:43:44:6e: e4:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:ED:B0:AC:9A:D7:E4:0B:40:75:53:93:7A:A4:D3:07:A8:1B:A7:91 X509v3 Authority Key Identifier: keyid:FE:22:E0:F7:22:CC:4F:06:0C:58:5A:12:6F:E6:A2:65:00:36:5E:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/cd3025ff-3653-4276-a530-1fa2eed87e53.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/GCPJMZh-nJw38EAgqrq_m03_m2Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2620:107:3000::/44 Signature Algorithm: sha256WithRSAEncryption 44:64:b0:1a:27:94:9d:ac:4c:0d:7d:5e:ca:08:53:7a:fb:71: 35:65:51:01:d4:c1:23:ff:6d:06:ef:b1:f1:46:7f:c2:82:eb: 01:b5:d0:12:07:71:be:33:3b:c4:ef:46:aa:e7:31:6a:bb:19: 88:c3:83:91:d6:4a:20:93:29:6a:1a:17:c8:66:73:c0:54:8b: d8:99:eb:20:68:2c:b5:e7:72:2e:e2:3b:3a:6a:23:79:33:ba: 0e:64:af:08:89:96:6d:49:a2:05:a6:13:25:9a:8c:a2:93:5a: c5:59:be:fe:bc:eb:61:c6:52:c4:bc:d8:28:f1:12:1f:26:36: 5a:57:36:c5:a4:47:c4:26:e2:70:8c:13:82:3b:6a:8e:09:e2: fb:df:c0:b4:c6:11:0b:ae:2b:4c:c4:20:e4:cb:82:d6:1b:71: 28:aa:15:4e:41:c0:82:51:ca:a1:35:a5:3b:a0:4f:d1:96:20: 8c:34:69:6c:9d:29:7c:7a:bd:18:e1:06:b6:0d:3f:71:cb:5b: c7:b0:b5:e9:f5:57:2e:9f:d5:b5:2f:b5:ec:18:b2:3e:94:34: 64:46:79:78:d9:ed:b9:66:0f:11:31:a6:a8:bb:b5:75:77:12: 69:62:f6:b6:2f:b5:70:e9:01:d3:0b:73:43:ee:ff:d3:ce:9e: ba:9f:e1:01 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUSVHoNQkY1jtVEjWxEG+Ek+rQyFcwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNWQ4MDM4MDVlMjE4MjNjOTMxOTg3ZTljOWMzN2YwNDAy MGFhYmFiZjliNGRmZjliNjQwHhcNMjUwNDI1MTUyMDA1WhcNMjUwNTMwMjM1OTU5 WjB6MUkwRwYDVQQFE0BlYmUxOGU5MTA5ZjQ2YjM5NTI1YzAxYjYxZTMzNDJkNTI5 NDY2YjExMTk0ZWNhMmQ4ODE5NGFkYTQ5ZGQ4MDAzMS0wKwYDVQQDEyQ3MWMzODc2 ZS1iOTQ0LTQ2MDAtOTJjNy1jZWMzM2Q4OTUyM2YwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQClWEnZNcOKh13WwCZOiYDGyx0cVxGv/nCNT/k8e/M+4IgX BM4fCNw/XGhI9WCN4p6vlWblmZVNvJVDdEBojSRjsA4N+/QYQg787vqpBjPe3Zpn 6dobolvmBpuYagMUyYombvcmNAX9cwjW37mvOuR9aintX9/KT3zacS7xgH3xI//0 rSvnuKgdbMeK8snZVYbWYQVbeyYhA0VzujRgTOsA07xuZCfwLCAmHrtletNVCCyO cEN5XhxeMDUNp5ZqXo/NDCbpOgY4FzoqP9dpztYEqc1Ld9Mm2tHvnUZ2VHA8QO6A z+yRODJ1QXab9LYiwuL9ZzZkmAlCmfZPkkNEbuRhAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQU1O2wrJrX5AtAdVOTeqTTB6gbp5EwHwYDVR0jBBgwFoAU/iLg9yLMTwYM WFoSb+aiZQA2XkgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi80MmIyOTkxZi0y MmM3LTQyZjctOGNmNS00ZjMxMzg4NTk3MzIvNWQ4MDM4MDVlMjE4MjNjOTMxOTg3 ZTljOWMzN2YwNDAyMGFhYmFiZjliNGRmZjliNjQuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvYTg0MTgyM2MtYTEwZC00NzdjLWJmZGYtNDA4 NmYwYjE1OTRjL2NkMzAyNWZmLTM2NTMtNDI3Ni1hNTMwLTFmYTJlZWQ4N2U1My5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2E4NDE4MjNjLWExMGQtNDc3Yy1iZmRm LTQwODZmMGIxNTk0Yy9HQ1BKTVpoLW5KdzM4RUFncXJxX20wM19tMlEuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwQmIAEHMAAwDQYJKoZIhvcNAQELBQADggEBAERksBonlJ2sTA19XsoIU3r7 cTVlUQHUwSP/bQbvsfFGf8KC6wG10BIHcb4zO8TvRqrnMWq7GYjDg5HWSiCTKWoa F8hmc8BUi9iZ6yBoLLXnci7iOzpqI3kzug5krwiJlm1JogWmEyWajKKTWsVZvv68 62HGUsS82CjxEh8mNlpXNsWkR8Qm4nCME4I7ao4J4vvfwLTGEQuuK0zEIOTLgtYb cSiqFU5BwIJRyqE1pTugT9GWIIw0aWydKXx6vRjhBrYNP3HLW8ewten1Vy6f1bUv tewYsj6UNGRGeXjZ7blmDxExpqi7tXV3Emli9rYvtXDpAdMLc0Pu/9POnrqf4QE= -----END CERTIFICATE-----Generated at Sat Apr 26 17:37:46 2025 by rpki-client