$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a2f23fa9-613c-47f3-9f21-444d78462070.roa File: a2f23fa9-613c-47f3-9f21-444d78462070.roa (raw, json) Hash identifier: t4bIwHzS38a/ThzF6Pl+ETu6GcdZuiyYTAeA6BewSXU= Subject key identifier: 4C:25:19:AA:1D:37:E7:3D:1A:FB:08:67:D5:BD:A9:66:0D:D7:09:8D Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 27D6EE781930C95B73BE626A0593A33A60432D24 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a2f23fa9-613c-47f3-9f21-444d78462070.roa Signing time: Thu 08 May 2025 19:08:33 +0000 ROA not before: Thu 08 May 2025 19:08:33 +0000 ROA not after: Thu 12 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 13.154.16.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Tue 13 May 2025 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:d6:ee:78:19:30:c9:5b:73:be:62:6a:05:93:a3:3a:60:43:2d:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: May 8 19:08:33 2025 GMT Not After : Jun 12 23:59:59 2025 GMT Subject: serialNumber=f5e318cc65315bd3a231a1d31f9172f8ef2bd755602891f2705e71eba79c428e, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:7d:89:ed:c5:be:52:48:04:ad:fb:b3:8a:e3: 8e:3e:84:12:e0:e4:e2:e4:95:2f:13:c4:36:5e:52: bb:b1:b9:eb:ec:17:b8:33:39:6d:19:68:a1:15:cc: 9a:3e:0c:9e:6d:c8:ec:23:c7:27:db:62:05:04:de: ee:3f:73:9b:94:65:5d:72:06:1f:79:fd:81:66:29: 56:e1:e1:33:0a:6d:4c:0b:f9:b4:77:03:08:7b:ac: 7b:77:d0:21:57:2c:8f:68:88:9c:f5:e6:a8:99:19: e6:7b:78:3c:29:c2:f7:28:c6:77:3c:d7:95:12:ad: 9a:c3:09:79:55:18:06:20:3c:a8:20:ca:43:2d:a4: 61:63:03:42:8c:f6:95:80:1b:a5:92:3b:3a:4d:a0: bf:ed:8a:e8:11:e5:a5:67:0d:a6:fd:7a:69:a8:a7: ab:18:6b:68:1f:87:43:e4:1a:03:bb:94:64:39:a3: 4b:20:3a:1b:33:7d:80:2d:ef:47:d4:aa:31:b5:ee: 27:b7:57:69:e0:c8:71:fb:17:55:c8:35:20:0a:c3: c7:30:c7:d3:ea:30:6f:1c:52:29:1a:b9:1e:d8:ac: 51:03:74:00:9c:ee:5c:0b:89:fd:1f:e0:53:cc:0b: 59:00:cd:9e:11:ac:a3:19:20:c2:23:49:89:9d:53: 0e:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:25:19:AA:1D:37:E7:3D:1A:FB:08:67:D5:BD:A9:66:0D:D7:09:8D X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a2f23fa9-613c-47f3-9f21-444d78462070.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 13.154.16.0/20 Signature Algorithm: sha256WithRSAEncryption 7a:e0:c9:a4:32:19:d0:5d:c7:43:69:c7:44:a3:2e:5a:ef:70: 41:3a:42:b8:f0:98:28:25:15:cc:5b:42:49:be:f2:ae:7a:36: 70:da:8b:2c:21:b4:58:62:ec:be:27:ce:97:1a:4f:fe:66:1b: 5a:3a:3b:8a:fe:0a:71:f1:5b:da:8a:fa:81:94:61:c7:e7:f5: d1:57:b5:7f:1e:cb:60:21:ee:77:57:cd:fd:61:bd:88:71:2f: 42:bc:57:6f:03:0f:e9:30:c3:21:5f:ce:13:92:68:e2:fb:9c: db:d1:ac:c7:40:b1:db:7c:1b:56:54:dc:16:d6:86:88:8f:5f: e1:3e:d9:b3:b3:7e:35:40:70:84:c2:3f:b7:da:e4:c7:01:b3: 59:0e:f8:03:24:2c:ef:83:b9:09:ae:eb:77:83:d5:b3:db:07: bf:3b:ce:4b:2e:e4:02:c9:37:28:be:71:88:73:c3:9e:a0:eb: 4d:d8:5f:a4:28:0d:8d:d1:e1:f3:58:bf:33:16:ae:c4:64:7c: 0f:fd:4b:68:eb:95:25:4f:6d:9a:62:39:ba:c7:02:38:af:d9: ad:7f:16:6c:78:2d:99:15:29:85:b4:fb:36:4e:a7:05:8e:ea: db:7a:bc:05:82:d6:54:59:7b:1b:e1:72:8f:ca:98:92:ee:db: f1:04:fb:f8 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUJ9bueBkwyVtzvmJqBZOjOmBDLSQwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTA4MTkwODMzWhcNMjUwNjEyMjM1OTU5 WjB6MUkwRwYDVQQFE0BmNWUzMThjYzY1MzE1YmQzYTIzMWExZDMxZjkxNzJmOGVm MmJkNzU1NjAyODkxZjI3MDVlNzFlYmE3OWM0MjhlMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCcfYntxb5SSASt+7OK444+hBLg5OLklS8TxDZeUruxuevs F7gzOW0ZaKEVzJo+DJ5tyOwjxyfbYgUE3u4/c5uUZV1yBh95/YFmKVbh4TMKbUwL +bR3Awh7rHt30CFXLI9oiJz15qiZGeZ7eDwpwvcoxnc815USrZrDCXlVGAYgPKgg ykMtpGFjA0KM9pWAG6WSOzpNoL/tiugR5aVnDab9emmop6sYa2gfh0PkGgO7lGQ5 o0sgOhszfYAt70fUqjG17ie3V2ngyHH7F1XINSAKw8cwx9PqMG8cUikauR7YrFED dACc7lwLif0f4FPMC1kAzZ4RrKMZIMIjSYmdUw6HAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUTCUZqh035z0a+whn1b2pZg3XCY0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyL2EyZjIzZmE5LTYxM2MtNDdmMy05ZjIxLTQ0NGQ3ODQ2MjA3MC5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAQNmhAwDQYJKoZIhvcNAQELBQADggEBAHrgyaQyGdBdx0Npx0SjLlrvcEE6 QrjwmCglFcxbQkm+8q56NnDaiywhtFhi7L4nzpcaT/5mG1o6O4r+CnHxW9qK+oGU Ycfn9dFXtX8ey2Ah7ndXzf1hvYhxL0K8V28DD+kwwyFfzhOSaOL7nNvRrMdAsdt8 G1ZU3BbWhoiPX+E+2bOzfjVAcITCP7fa5McBs1kO+AMkLO+DuQmu63eD1bPbB787 zksu5ALJNyi+cYhzw56g603YX6QoDY3R4fNYvzMWrsRkfA/9S2jrlSVPbZpiObrH Ajiv2a1/Fmx4LZkVKYW0+zZOpwWO6tt6vAWC1lRZexvhco/KmJLu2/EE+/g= -----END CERTIFICATE-----Generated at Sun May 11 18:04:56 2025 by rpki-client