$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ab21c5f9-ce84-4471-a364-da93073d3430.roa File: ab21c5f9-ce84-4471-a364-da93073d3430.roa (raw, json) Hash identifier: RM+xGmTtUmQuL/eSYce5bp1u536r/QfN5LloPu5e24s= Subject key identifier: 62:C7:4F:52:2F:35:AD:EC:A2:E1:91:DB:71:35:E3:30:30:8E:FA:D6 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 476D15270750B5F47AF83C4EAC4D41B92E62D39F Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ab21c5f9-ce84-4471-a364-da93073d3430.roa Signing time: Mon 05 May 2025 15:01:07 +0000 ROA not before: Mon 05 May 2025 15:01:07 +0000 ROA not after: Mon 09 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 199.35.64.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Mon 12 May 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:6d:15:27:07:50:b5:f4:7a:f8:3c:4e:ac:4d:41:b9:2e:62:d3:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: May 5 15:01:07 2025 GMT Not After : Jun 9 23:59:59 2025 GMT Subject: serialNumber=487ae20a693abf84436de18b07261b40fcd5cc778d95fa747f700433d1ca1517, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:41:e2:3e:75:b2:b3:06:c0:c3:cc:77:95:30: df:4c:e8:45:70:9f:19:27:2d:2e:e1:da:1e:6d:38: 5f:8e:2e:b9:1d:c7:48:29:51:24:f9:88:1c:9e:13: 3b:c9:11:a7:10:43:34:f1:1c:0c:50:fc:57:e8:25: 28:5f:20:2c:86:01:18:72:b5:67:71:da:79:85:b2: fc:00:9d:7f:32:f4:d0:70:5d:a9:18:51:d4:2e:53: 02:67:16:ea:57:41:fc:c6:7f:a1:27:c1:0f:2a:63: 65:58:50:cf:23:e9:4d:6b:7d:b9:a6:4d:23:1e:e9: 67:db:aa:63:1a:7d:5f:e3:93:aa:bb:b3:9e:82:8a: 9d:7c:6c:52:4f:2f:03:15:11:e1:4c:74:d8:c1:e9: db:c0:f9:d7:9a:ad:aa:44:59:a6:0e:15:0b:94:53: fb:a5:ef:44:9c:61:dc:e4:9b:ac:61:69:d8:6c:10: 16:7a:51:fe:d7:3b:0e:e9:f6:3c:13:45:18:2b:ca: 1c:c7:97:29:33:c8:e5:44:5c:81:c4:ae:09:63:80: 69:6b:22:1a:f1:24:dc:d5:d9:f4:76:ed:1b:f1:04: 69:8c:1a:da:3e:79:19:8b:99:d9:cf:9d:97:4e:09: fc:c1:05:53:83:1d:4a:d9:e6:ba:d7:83:f8:46:04: ae:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:C7:4F:52:2F:35:AD:EC:A2:E1:91:DB:71:35:E3:30:30:8E:FA:D6 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ab21c5f9-ce84-4471-a364-da93073d3430.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 199.35.64.0/19 Signature Algorithm: sha256WithRSAEncryption 26:30:73:c4:1a:5d:14:fd:2e:17:e4:a8:7d:3b:7c:a1:ed:c1: 79:22:62:81:01:6a:e3:52:f3:01:82:23:e9:75:22:75:59:9b: f1:ed:fe:ab:df:ed:a3:8d:bd:b3:31:5d:6d:2c:c9:50:01:0a: 0b:30:cd:d6:7e:a5:da:b4:2a:5c:ae:11:b4:2f:ea:a8:55:36: a8:0e:f1:1c:2b:66:3f:03:60:1a:b6:c9:7b:51:6d:99:55:f5: 72:2c:dd:db:c4:75:3d:1f:49:50:bc:5a:0c:2d:51:54:17:6e: c8:5b:c8:24:85:13:a8:a5:df:d4:23:92:ae:e0:6a:11:ab:11: ed:1b:03:02:90:25:bd:cf:d4:44:0a:dd:a5:4a:59:0d:3e:a5: 0b:fd:e0:83:ba:8d:e0:15:ee:1e:4e:bb:a3:2a:a4:a6:99:df: 7d:89:e7:85:ee:7e:47:8e:3f:86:f5:95:70:7a:07:b4:18:1d: 18:fb:ea:52:04:07:fa:1f:02:42:cd:60:02:be:94:bd:a4:8c: 97:29:46:d2:ee:8b:12:84:b5:2a:ce:d6:e2:ce:e8:1a:37:7b: fa:a6:ef:12:88:93:91:0a:22:c8:10:34:97:5b:24:62:8e:85: 61:38:10:f2:30:9c:53:3b:54:04:de:15:db:e8:af:58:bb:72: 93:05:9c:64 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUR20VJwdQtfR6+DxOrE1BuS5i058wDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTA1MTUwMTA3WhcNMjUwNjA5MjM1OTU5 WjB6MUkwRwYDVQQFE0A0ODdhZTIwYTY5M2FiZjg0NDM2ZGUxOGIwNzI2MWI0MGZj ZDVjYzc3OGQ5NWZhNzQ3ZjcwMDQzM2QxY2ExNTE3MS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQC7QeI+dbKzBsDDzHeVMN9M6EVwnxknLS7h2h5tOF+OLrkd x0gpUST5iByeEzvJEacQQzTxHAxQ/FfoJShfICyGARhytWdx2nmFsvwAnX8y9NBw XakYUdQuUwJnFupXQfzGf6EnwQ8qY2VYUM8j6U1rfbmmTSMe6WfbqmMafV/jk6q7 s56Cip18bFJPLwMVEeFMdNjB6dvA+dearapEWaYOFQuUU/ul70ScYdzkm6xhadhs EBZ6Uf7XOw7p9jwTRRgryhzHlykzyOVEXIHErgljgGlrIhrxJNzV2fR27RvxBGmM Gto+eRmLmdnPnZdOCfzBBVODHUrZ5rrXg/hGBK5zAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUYsdPUi81reyi4ZHbcTXjMDCO+tYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyL2FiMjFjNWY5LWNlODQtNDQ3MS1hMzY0LWRhOTMwNzNkMzQzMC5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAXHI0AwDQYJKoZIhvcNAQELBQADggEBACYwc8QaXRT9LhfkqH07fKHtwXki YoEBauNS8wGCI+l1InVZm/Ht/qvf7aONvbMxXW0syVABCgswzdZ+pdq0KlyuEbQv 6qhVNqgO8RwrZj8DYBq2yXtRbZlV9XIs3dvEdT0fSVC8WgwtUVQXbshbyCSFE6il 39Qjkq7gahGrEe0bAwKQJb3P1EQK3aVKWQ0+pQv94IO6jeAV7h5Ou6MqpKaZ332J 54XufkeOP4b1lXB6B7QYHRj76lIEB/ofAkLNYAK+lL2kjJcpRtLuixKEtSrO1uLO 6Bo3e/qm7xKIk5EKIsgQNJdbJGKOhWE4EPIwnFM7VATeFdvor1i7cpMFnGQ= -----END CERTIFICATE-----Generated at Sun May 11 05:10:47 2025 by rpki-client