$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/528b6591-3aae-49d5-aecd-8320249f6d0e.roa File: 528b6591-3aae-49d5-aecd-8320249f6d0e.roa (raw, json) Hash identifier: tP5D4P3CKxuuSuThxREPKCgsrOfQqFl5udrZ2cMpbTU= Subject key identifier: 31:27:71:48:38:EB:56:61:BF:F6:CE:3D:0F:92:B2:F3:95:1D:45:55 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: A5C1BD23FAE0E2D4C703D708EA7575334130 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/528b6591-3aae-49d5-aecd-8320249f6d0e.roa Signing time: Fri 02 May 2025 00:11:52 +0000 ROA not before: Fri 02 May 2025 00:11:52 +0000 ROA not after: Fri 06 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 16.17.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Mon 12 May 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: a5:c1:bd:23:fa:e0:e2:d4:c7:03:d7:08:ea:75:75:33:41:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: May 2 00:11:52 2025 GMT Not After : Jun 6 23:59:59 2025 GMT Subject: serialNumber=69305f2b0d08febbfff29a0d08180a1d83cdc7d6d7027a8aaaef50713d34cca1, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:2e:22:dc:83:f1:06:d6:81:dc:6d:3b:64:e4: 73:af:82:70:1d:8f:2a:07:32:7e:e3:28:d5:f9:cc: e4:2c:e8:0f:a5:95:08:0c:8a:d3:3a:03:b6:ee:14: 9c:4b:78:df:ad:a2:af:3c:06:8d:8f:e3:0d:04:7c: 1c:37:c1:91:17:f0:df:29:b5:72:e4:33:00:ce:68: 24:45:c1:94:53:8e:c9:5f:8a:37:63:dc:2e:7e:6f: 2b:16:ae:59:af:68:ae:c7:1b:0f:21:41:29:9d:19: bc:f1:ad:02:b1:75:0e:44:b4:fd:65:7a:be:39:89: 18:18:be:af:1e:61:14:c8:7a:c6:6f:73:eb:1a:ff: 83:98:c1:72:7e:83:b8:6e:07:bd:c0:e8:cb:89:b6: 23:e2:ff:44:f0:3c:65:99:9b:8c:d4:9c:20:c9:65: de:04:bd:a1:5d:2b:58:9a:33:5a:18:81:18:b0:ec: e5:28:f2:a2:cd:2c:01:27:35:6f:a1:74:57:ed:ac: d8:6b:15:f1:21:31:ef:b2:27:6e:0f:f4:b6:e2:b5: 7d:4e:de:85:df:ea:97:be:5f:fa:e7:02:ab:c8:00: 58:0b:e0:0b:4d:73:7f:63:94:df:65:cd:1c:6e:59: 14:2f:54:da:54:e3:40:f4:69:09:78:66:51:12:c9: 88:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:27:71:48:38:EB:56:61:BF:F6:CE:3D:0F:92:B2:F3:95:1D:45:55 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/528b6591-3aae-49d5-aecd-8320249f6d0e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 16.17.0.0/16 Signature Algorithm: sha256WithRSAEncryption cc:c0:0b:79:75:48:f1:d0:1f:5b:48:36:67:cc:d1:95:b0:d3: 3a:94:84:c5:14:f7:d5:de:dc:5f:93:b0:f6:54:f0:58:c4:7d: 76:b2:cd:b9:c1:4f:f1:38:49:68:0a:3a:6c:43:21:01:70:0b: 03:61:a9:46:74:a2:f8:9b:5c:d5:11:02:48:c3:33:2a:ac:0c: 5a:1b:e5:72:8c:5a:c9:98:aa:0e:d3:79:7e:06:ee:fd:57:bc: b5:4f:0a:c7:d4:df:61:00:d6:bb:29:59:9a:27:15:0b:fd:82: 44:49:b8:32:50:a9:42:8c:1d:ed:72:95:eb:1a:27:da:19:cf: a8:0c:3a:ea:55:bc:ef:d5:c8:54:83:f9:4c:b4:3e:7b:ba:88: 81:0c:03:75:f5:47:18:57:ed:23:1c:e4:b5:4e:f9:c2:25:f8: b0:3d:f6:d7:b0:9f:73:e2:69:9c:a4:fa:19:26:cf:70:d1:c4: 70:55:10:d9:c3:c9:a3:5c:69:7e:f8:82:07:7b:98:09:c3:2f: b1:4c:30:32:93:9e:8d:17:47:fa:1c:74:48:fb:21:99:23:a1: b4:86:f8:79:ce:28:bf:88:d8:40:84:dc:08:6b:0c:41:ef:39: f5:6a:80:8a:60:59:56:08:4f:53:aa:16:49:69:64:e3:55:46: bc:cb:a4:13 -----BEGIN CERTIFICATE----- MIIF9jCCBN6gAwIBAgITAKXBvSP64OLUxwPXCOp1dTNBMDANBgkqhkiG9w0BAQsF ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz NzEwN2RiZThjYjcxZDBhNzAeFw0yNTA1MDIwMDExNTJaFw0yNTA2MDYyMzU5NTla MHoxSTBHBgNVBAUTQDY5MzA1ZjJiMGQwOGZlYmJmZmYyOWEwZDA4MTgwYTFkODNj ZGM3ZDZkNzAyN2E4YWFhZWY1MDcxM2QzNGNjYTExLTArBgNVBAMTJGIyNWM5NzBm LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBALguItyD8QbWgdxtO2Tkc6+CcB2PKgcyfuMo1fnM5CzoD6WV CAyK0zoDtu4UnEt4362irzwGjY/jDQR8HDfBkRfw3ym1cuQzAM5oJEXBlFOOyV+K N2PcLn5vKxauWa9orscbDyFBKZ0ZvPGtArF1DkS0/WV6vjmJGBi+rx5hFMh6xm9z 6xr/g5jBcn6DuG4HvcDoy4m2I+L/RPA8ZZmbjNScIMll3gS9oV0rWJozWhiBGLDs 5Sjyos0sASc1b6F0V+2s2GsV8SEx77Inbg/0tuK1fU7ehd/ql75f+ucCq8gAWAvg C01zf2OU32XNHG5ZFC9U2lTjQPRpCXhmURLJiFECAwEAAaOCArAwggKsMB0GA1Ud DgQWBBQxJ3FIOOtWYb/2zj0PkrLzlR1FVTAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy NWMwNDI5NDIvNTI4YjY1OTEtM2FhZS00OWQ1LWFlY2QtODMyMDI0OWY2ZDBlLnJv YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0 LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw BQMDABARMA0GCSqGSIb3DQEBCwUAA4IBAQDMwAt5dUjx0B9bSDZnzNGVsNM6lITF FPfV3txfk7D2VPBYxH12ss25wU/xOEloCjpsQyEBcAsDYalGdKL4m1zVEQJIwzMq rAxaG+VyjFrJmKoO03l+Bu79V7y1TwrH1N9hANa7KVmaJxUL/YJESbgyUKlCjB3t cpXrGifaGc+oDDrqVbzv1chUg/lMtD57uoiBDAN19UcYV+0jHOS1TvnCJfiwPfbX sJ9z4mmcpPoZJs9w0cRwVRDZw8mjXGl++IIHe5gJwy+xTDAyk56NF0f6HHRI+yGZ I6G0hvh5zii/iNhAhNwIawxB7zn1aoCKYFlWCE9TqhZJaWTjVUa8y6QT -----END CERTIFICATE-----Generated at Sun May 11 11:50:45 2025 by rpki-client