$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/423ab5d9-486f-4148-a91c-859792458d5c.roa File: 423ab5d9-486f-4148-a91c-859792458d5c.roa (raw, json) Hash identifier: W0aldhiFZHcu0V/LBnHCtiV06ZI4DcJ5FtEmzoltDmg= Subject key identifier: 39:74:36:63:C6:CC:8C:80:F1:C2:D1:BA:69:3F:F0:30:F8:31:03:9B Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 397FF406948D7CC87521E02DAB4D40ABDBE3406B Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/423ab5d9-486f-4148-a91c-859792458d5c.roa Signing time: Fri 02 May 2025 00:20:18 +0000 ROA not before: Fri 02 May 2025 00:20:18 +0000 ROA not after: Fri 06 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 198.99.2.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Tue 06 May 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:7f:f4:06:94:8d:7c:c8:75:21:e0:2d:ab:4d:40:ab:db:e3:40:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: May 2 00:20:18 2025 GMT Not After : Jun 6 23:59:59 2025 GMT Subject: serialNumber=343e316f3d46efbed53124ff8badff8574e8b217b5db972aa9ae829a3aabc697, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:e3:c2:bc:57:5a:38:72:53:1e:ec:59:de:5f: 08:6c:9b:45:83:25:ad:84:ab:5a:37:2e:54:28:ee: 58:62:da:1c:53:2b:f2:5f:af:26:eb:42:79:de:4c: 8e:25:27:ab:69:e2:13:93:a1:42:9f:a3:0a:78:00: 5d:15:3b:06:a9:67:12:fc:57:17:d8:92:4f:5c:0d: 70:db:85:bf:7a:8f:a4:a7:e8:85:b6:f3:53:3a:59: 8d:6b:bb:9b:11:95:d0:b5:4b:14:be:ff:b5:a2:e6: 69:11:28:7c:03:f7:2e:ae:b2:42:e6:8c:d2:84:c5: 4b:4c:92:1f:f8:58:df:24:6a:ba:d5:18:2b:ad:a3: 68:3b:a7:8a:5e:8d:59:48:85:f9:24:53:97:6a:c0: fa:2c:b2:53:a2:de:02:92:1d:84:17:45:f5:ca:63: 37:59:1d:fb:07:85:86:47:fc:89:c7:6f:fe:44:20: 63:53:63:b8:dc:2d:cb:63:0e:62:65:c4:5c:f3:aa: 1a:61:23:1c:87:2f:9c:ff:a8:28:6f:0f:3d:9b:b0: 3f:70:5e:29:58:79:4e:40:19:d9:eb:6f:fb:55:b2: ee:e1:28:69:6d:23:0e:82:c7:51:29:87:21:d5:94: 08:66:7e:d1:51:ce:a9:7b:98:b8:c5:12:d4:13:e7: 0d:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:74:36:63:C6:CC:8C:80:F1:C2:D1:BA:69:3F:F0:30:F8:31:03:9B X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/423ab5d9-486f-4148-a91c-859792458d5c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 198.99.2.0/24 Signature Algorithm: sha256WithRSAEncryption 47:77:2c:c2:63:b1:46:f8:34:08:eb:f5:cf:9a:bc:d4:0e:f5: aa:25:e0:d6:21:45:88:fb:f9:cb:50:10:8b:95:92:6a:3b:d5: 2a:fd:ca:7d:0a:05:6d:84:9e:9d:6e:9c:e4:4f:0c:9b:c2:b8: 67:91:29:1c:23:72:7e:8b:bf:27:cb:13:13:c1:68:92:76:ba: 96:4f:79:01:35:ea:8e:08:39:0c:44:7c:9a:9f:d2:cb:bd:40: 3e:cc:a8:79:74:61:58:f0:05:8a:5c:7b:11:55:aa:9b:e2:22: 09:5a:8d:f3:1e:5c:7d:30:f5:55:81:b0:0a:b3:fa:ad:28:fa: f9:03:f4:be:3d:3b:ac:f0:e8:db:21:c4:17:34:f6:49:fb:89: d8:9a:d9:32:89:9a:1a:46:cf:39:d0:f0:02:f5:77:bf:2a:a3: 55:8a:fc:46:fc:95:20:13:03:06:07:e8:a9:4e:07:2c:84:71: ac:43:6d:bd:68:10:bc:98:dd:d0:a3:6a:18:d5:53:e1:e7:fe: 73:f9:41:c7:a4:13:f3:63:83:d2:5a:f5:6d:6d:32:d4:6a:43: de:b6:66:38:58:df:32:c4:54:27:dd:7e:ab:8c:61:b0:a2:45: 0a:63:13:7c:e6:0f:5d:51:74:8e:22:9b:08:94:45:6d:5c:3e: db:83:8f:83 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUOX/0BpSNfMh1IeAtq01Aq9vjQGswDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTAyMDAyMDE4WhcNMjUwNjA2MjM1OTU5 WjB6MUkwRwYDVQQFE0AzNDNlMzE2ZjNkNDZlZmJlZDUzMTI0ZmY4YmFkZmY4NTc0 ZThiMjE3YjVkYjk3MmFhOWFlODI5YTNhYWJjNjk3MS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCy48K8V1o4clMe7FneXwhsm0WDJa2Eq1o3LlQo7lhi2hxT K/JfrybrQnneTI4lJ6tp4hOToUKfowp4AF0VOwapZxL8VxfYkk9cDXDbhb96j6Sn 6IW281M6WY1ru5sRldC1SxS+/7Wi5mkRKHwD9y6uskLmjNKExUtMkh/4WN8karrV GCuto2g7p4pejVlIhfkkU5dqwPosslOi3gKSHYQXRfXKYzdZHfsHhYZH/InHb/5E IGNTY7jcLctjDmJlxFzzqhphIxyHL5z/qChvDz2bsD9wXilYeU5AGdnrb/tVsu7h KGltIw6Cx1EphyHVlAhmftFRzql7mLjFEtQT5w1LAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUOXQ2Y8bMjIDxwtG6aT/wMPgxA5swHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzQyM2FiNWQ5LTQ4NmYtNDE0OC1hOTFjLTg1OTc5MjQ1OGQ1Yy5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBADGYwIwDQYJKoZIhvcNAQELBQADggEBAEd3LMJjsUb4NAjr9c+avNQO9aol 4NYhRYj7+ctQEIuVkmo71Sr9yn0KBW2Enp1unORPDJvCuGeRKRwjcn6LvyfLExPB aJJ2upZPeQE16o4IOQxEfJqf0su9QD7MqHl0YVjwBYpcexFVqpviIglajfMeXH0w 9VWBsAqz+q0o+vkD9L49O6zw6NshxBc09kn7idia2TKJmhpGzznQ8AL1d78qo1WK /Eb8lSATAwYH6KlOByyEcaxDbb1oELyY3dCjahjVU+Hn/nP5QcekE/Njg9Ja9W1t MtRqQ962ZjhY3zLEVCfdfquMYbCiRQpjE3zmD11RdI4imwiURW1cPtuDj4M= -----END CERTIFICATE-----Generated at Mon May 5 06:59:21 2025 by rpki-client