$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c98041a2-3ce3-4ab6-8d66-948896bb00b0.roa File: c98041a2-3ce3-4ab6-8d66-948896bb00b0.roa (raw, json) Hash identifier: XR12ZEu52FIcPNJ70sw5mhDXhrcwC+aPV9Ty/qs2stY= Subject key identifier: 1C:98:85:89:CE:C4:9D:85:4A:EA:23:3C:34:61:D4:04:7B:8B:CD:83 Certificate issuer: /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476 Certificate serial: 247EB8D1B8F60755507739AF822BA4FD19177797 Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c98041a2-3ce3-4ab6-8d66-948896bb00b0.roa Signing time: Mon 14 Apr 2025 16:30:25 +0000 ROA not before: Mon 14 Apr 2025 16:30:25 +0000 ROA not after: Mon 19 May 2025 23:59:59 +0000 asID: 16509 IP address blocks: 52.20.0.0/14 maxlen: 14 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Mon 28 Apr 2025 00:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:7e:b8:d1:b8:f6:07:55:50:77:39:af:82:2b:a4:fd:19:17:77:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476 Validity Not Before: Apr 14 16:30:25 2025 GMT Not After : May 19 23:59:59 2025 GMT Subject: serialNumber=6af909eb5bfec32ad2c04d198504f20480732dc7bcb7d6dbe3f5d787b8f1e5b5, CN=5f276045-5b9f-45ef-923d-f3fce24a6225 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:db:52:57:78:d7:33:5b:fa:7b:b3:8d:13:10: 75:b2:a8:7b:55:fb:41:86:6e:c8:6e:eb:7f:df:80: be:1b:09:c9:d5:55:44:22:35:92:78:c7:70:3a:26: 07:0a:85:00:b3:cd:0a:15:50:2c:d7:91:7a:81:f8: 7c:12:8f:1b:47:8e:5b:1b:03:a5:4f:b2:e6:25:8f: 75:c1:32:a6:15:5f:64:c8:b9:02:f3:29:f6:65:bf: f0:1d:a8:f5:08:56:79:3d:39:75:3f:bc:60:85:2e: 55:af:82:33:96:44:99:ed:f6:8c:57:fe:e9:f8:6d: d7:f5:cf:f1:36:d5:33:c4:32:2b:a6:1c:4d:d8:44: ad:b3:02:b0:44:79:9e:9c:aa:91:74:07:59:e9:6b: 32:f6:e3:da:dc:5a:47:47:1e:34:be:a4:d5:ab:45: 5b:a9:b3:26:c5:4c:24:f2:2a:3b:26:ae:81:dd:b2: 85:24:d3:fe:e4:9f:65:94:32:18:99:39:96:c0:b6: bf:84:f5:1d:57:2a:95:5d:d4:d0:49:1c:37:2f:42: 83:6e:dc:d2:26:fb:99:d8:a1:f4:bd:e5:45:e8:29: b6:8a:9a:57:81:43:70:cb:08:d0:df:b8:a7:68:c7: f5:c9:28:de:e1:71:a0:df:7c:c7:12:97:1f:fb:27: 8e:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:98:85:89:CE:C4:9D:85:4A:EA:23:3C:34:61:D4:04:7B:8B:CD:83 X509v3 Authority Key Identifier: keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/c98041a2-3ce3-4ab6-8d66-948896bb00b0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 52.20.0.0/14 Signature Algorithm: sha256WithRSAEncryption 1a:93:c0:f9:35:e6:48:0a:17:96:ec:14:e8:42:3f:f1:ce:25: 93:f4:ba:76:14:8e:90:76:40:44:b6:7d:33:31:1b:11:2d:28: dc:f3:c7:f6:63:1c:00:d4:78:62:85:b4:09:fb:57:f0:81:59: 9c:de:43:2d:20:a4:db:79:69:a3:9a:41:11:91:62:14:4c:84: 8d:ed:45:7f:4a:1f:f5:5e:6a:94:19:d4:79:a3:b4:6a:a0:71: 11:33:68:30:1a:f2:f2:ad:1b:20:6a:2e:30:aa:37:f7:8b:df: 76:6e:50:e5:14:e1:1e:e1:6f:68:66:36:9d:bd:9d:4a:c9:6a: 26:9d:73:32:d4:46:37:29:d6:36:af:f6:66:07:07:ac:34:9c: c8:ec:30:28:e9:13:d2:81:6e:9c:0f:38:62:c4:c4:48:e6:8f: ee:09:f4:e1:32:15:eb:98:fd:39:3d:f9:90:98:46:c5:3d:cf: 70:3d:eb:2d:69:c4:1f:a3:33:73:98:e6:68:f8:35:f9:ff:a7: 9b:42:8c:0a:a5:16:bc:3f:0e:2d:bd:f0:e0:b8:ec:ab:01:ee: 67:c3:65:94:75:3c:c0:45:bc:bf:b3:90:33:9f:b3:87:5b:5a: 6e:57:51:82:77:2e:87:0d:4b:96:f7:34:9e:89:fa:c1:ba:31: 6f:2a:f9:ba -----BEGIN CERTIFICATE----- MIIF9zCCBN+gAwIBAgIUJH640bj2B1VQdzmvgiuk/RkXd5cwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUwNDE0MTYzMDI1WhcNMjUwNTE5MjM1OTU5 WjB6MUkwRwYDVQQFE0A2YWY5MDllYjViZmVjMzJhZDJjMDRkMTk4NTA0ZjIwNDgw NzMyZGM3YmNiN2Q2ZGJlM2Y1ZDc4N2I4ZjFlNWI1MS0wKwYDVQQDEyQ1ZjI3NjA0 NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDJ21JXeNczW/p7s40TEHWyqHtV+0GGbshu63/fgL4bCcnV VUQiNZJ4x3A6JgcKhQCzzQoVUCzXkXqB+HwSjxtHjlsbA6VPsuYlj3XBMqYVX2TI uQLzKfZlv/AdqPUIVnk9OXU/vGCFLlWvgjOWRJnt9oxX/un4bdf1z/E21TPEMium HE3YRK2zArBEeZ6cqpF0B1npazL249rcWkdHHjS+pNWrRVupsybFTCTyKjsmroHd soUk0/7kn2WUMhiZOZbAtr+E9R1XKpVd1NBJHDcvQoNu3NIm+5nYofS95UXoKbaK mleBQ3DLCNDfuKdox/XJKN7hcaDffMcSlx/7J46xAgMBAAGjggKwMIICrDAdBgNV HQ4EFgQUHJiFic7EnYVK6iM8NGHUBHuLzYMwHwYDVR0jBBgwFoAUJa3TQrAet6WO rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4 MDkwNGU0MmQyL2M5ODA0MWEyLTNjZTMtNGFiNi04ZDY2LTk0ODg5NmJiMDBiMC5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB MAUDAwI0FDANBgkqhkiG9w0BAQsFAAOCAQEAGpPA+TXmSAoXluwU6EI/8c4lk/S6 dhSOkHZARLZ9MzEbES0o3PPH9mMcANR4YoW0CftX8IFZnN5DLSCk23lpo5pBEZFi FEyEje1Ff0of9V5qlBnUeaO0aqBxETNoMBry8q0bIGouMKo394vfdm5Q5RThHuFv aGY2nb2dSslqJp1zMtRGNynWNq/2ZgcHrDScyOwwKOkT0oFunA84YsTESOaP7gn0 4TIV65j9OT35kJhGxT3PcD3rLWnEH6Mzc5jmaPg1+f+nm0KMCqUWvD8OLb3w4Ljs qwHuZ8NllHU8wEW8v7OQM5+zh1tabldRgncuhw1Llvc0non6wboxbyr5ug== -----END CERTIFICATE-----Generated at Sat Apr 26 17:36:07 2025 by rpki-client