$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/91ea0496-867b-4435-a47a-de477b4827c7.roa File: 91ea0496-867b-4435-a47a-de477b4827c7.roa (raw, json) Hash identifier: jXxb+uLNMUNb6MMQaLbWK3xPgBiospwN+obDV+uKTT8= Subject key identifier: 1A:1E:4F:77:E3:3D:8E:92:B7:AE:BE:68:95:26:F9:E6:41:6B:C4:F9 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 5EC0CA3489664A5070E829BFC0D855C7919A459E Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/91ea0496-867b-4435-a47a-de477b4827c7.roa Signing time: Wed 07 May 2025 00:11:42 +0000 ROA not before: Wed 07 May 2025 00:11:42 +0000 ROA not after: Wed 11 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 44.233.118.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Wed 14 May 2025 00:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:c0:ca:34:89:66:4a:50:70:e8:29:bf:c0:d8:55:c7:91:9a:45:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: May 7 00:11:42 2025 GMT Not After : Jun 11 23:59:59 2025 GMT Subject: serialNumber=e68b7e8e02787b2e3010abb508fe14030c4ad9e27d24b062781bf1b2b3e4ab25, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:26:a4:55:20:e2:a7:dc:b4:8b:f2:5f:83:40: 0f:ec:3f:e3:ad:c1:3e:0c:65:86:35:97:5f:de:ea: df:2d:1c:3f:39:b3:35:b6:02:0e:73:14:46:3b:df: 26:81:af:19:f7:8d:cb:d3:11:da:f6:77:91:a1:0c: 5f:8f:fb:eb:fa:3f:14:5f:94:ff:c6:96:c8:89:6a: ff:23:62:9b:98:fd:a5:8a:f4:04:b0:00:55:88:cc: aa:32:1c:d8:fe:a4:3a:66:fd:02:ce:4b:de:dd:c0: a3:8f:f1:9b:69:3b:2f:f8:fc:7f:a1:3d:b7:7c:78: 82:30:2b:a7:47:44:33:f5:93:a4:82:a6:a0:dd:c3: 55:d1:a7:e9:8e:4a:cc:d8:c6:a2:f8:98:e2:4f:56: 0c:1a:e8:f1:f5:3a:be:0f:4a:a7:bb:52:30:60:55: ea:46:a6:f4:fd:12:ff:a4:02:01:f8:e8:4f:aa:2c: ef:fa:25:39:93:ee:4b:4e:71:29:5a:8f:96:93:40: 04:20:cb:4b:aa:b5:e3:24:43:f0:19:7f:48:14:55: 18:7e:42:68:96:28:02:8b:61:be:0e:a0:5c:ee:c6: f0:36:26:19:aa:2c:e4:d1:02:66:2f:ce:5f:b2:6c: 50:c1:96:86:02:b2:07:cb:e2:46:cf:67:ea:97:ae: 3c:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:1E:4F:77:E3:3D:8E:92:B7:AE:BE:68:95:26:F9:E6:41:6B:C4:F9 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/91ea0496-867b-4435-a47a-de477b4827c7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 44.233.118.0/24 Signature Algorithm: sha256WithRSAEncryption 0e:cb:0f:1b:fd:a4:4f:74:bd:57:30:45:78:29:c5:8e:4e:30: 2d:83:3f:96:42:61:15:56:4b:92:53:e7:82:21:a1:ca:c8:37: c3:99:c2:11:16:af:a1:b3:59:1f:10:38:77:c0:6d:15:0b:23: 44:27:9a:25:1e:dc:ba:6b:fd:00:52:91:60:ab:79:65:d5:dc: bb:06:ad:5e:24:0e:fa:f9:ef:c8:a0:62:31:bc:90:2f:eb:e5: 2a:4a:44:c3:31:03:88:db:58:72:69:e2:5e:69:4d:cd:e7:8f: 96:70:8a:a2:45:31:f5:73:e2:0a:52:2f:9d:56:01:6b:e1:43: 27:c3:ba:15:96:dc:35:15:10:2a:87:87:b4:07:80:20:e7:e4: f6:fd:d9:14:e7:ba:d0:72:11:df:af:f8:b9:7c:e9:7c:c6:e5: 0a:28:95:45:e4:f0:a5:61:83:41:0f:76:5e:f3:91:99:f4:21: de:3f:68:52:c4:a5:d7:3d:45:59:e2:6f:31:23:78:6c:87:48: 7c:cf:d9:85:a1:c7:9e:33:f8:d9:c1:23:3f:28:a2:ab:36:21: a5:cd:1d:5c:c2:b6:98:83:7f:e7:0a:d5:e2:8f:e4:55:4f:61: d1:dc:49:12:3b:23:c7:33:40:d5:ef:38:05:77:0f:c8:31:04: fa:e3:c7:e7 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUXsDKNIlmSlBw6Cm/wNhVx5GaRZ4wDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTA3MDAxMTQyWhcNMjUwNjExMjM1OTU5 WjB6MUkwRwYDVQQFE0BlNjhiN2U4ZTAyNzg3YjJlMzAxMGFiYjUwOGZlMTQwMzBj NGFkOWUyN2QyNGIwNjI3ODFiZjFiMmIzZTRhYjI1MS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCaJqRVIOKn3LSL8l+DQA/sP+OtwT4MZYY1l1/e6t8tHD85 szW2Ag5zFEY73yaBrxn3jcvTEdr2d5GhDF+P++v6PxRflP/GlsiJav8jYpuY/aWK 9ASwAFWIzKoyHNj+pDpm/QLOS97dwKOP8ZtpOy/4/H+hPbd8eIIwK6dHRDP1k6SC pqDdw1XRp+mOSszYxqL4mOJPVgwa6PH1Or4PSqe7UjBgVepGpvT9Ev+kAgH46E+q LO/6JTmT7ktOcSlaj5aTQAQgy0uqteMkQ/AZf0gUVRh+QmiWKAKLYb4OoFzuxvA2 JhmqLOTRAmYvzl+ybFDBloYCsgfL4kbPZ+qXrjwbAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUGh5Pd+M9jpK3rr5olSb55kFrxPkwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzkxZWEwNDk2LTg2N2ItNDQzNS1hNDdhLWRlNDc3YjQ4MjdjNy5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAAs6XYwDQYJKoZIhvcNAQELBQADggEBAA7LDxv9pE90vVcwRXgpxY5OMC2D P5ZCYRVWS5JT54IhocrIN8OZwhEWr6GzWR8QOHfAbRULI0QnmiUe3Lpr/QBSkWCr eWXV3LsGrV4kDvr578igYjG8kC/r5SpKRMMxA4jbWHJp4l5pTc3nj5ZwiqJFMfVz 4gpSL51WAWvhQyfDuhWW3DUVECqHh7QHgCDn5Pb92RTnutByEd+v+Ll86XzG5Qoo lUXk8KVhg0EPdl7zkZn0Id4/aFLEpdc9RVnibzEjeGyHSHzP2YWhx54z+NnBIz8o oqs2IaXNHVzCtpiDf+cK1eKP5FVPYdHcSRI7I8czQNXvOAV3D8gxBPrjx+c= -----END CERTIFICATE-----Generated at Mon May 12 21:40:43 2025 by rpki-client