$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/8a554833-7334-4e02-8426-138572f3d41a.roa File: 8a554833-7334-4e02-8426-138572f3d41a.roa (raw, json) Hash identifier: 7g05161+63qHSlRN84r6PfsiewvnjsWMWS1ygMAdzN8= Subject key identifier: D7:A5:BE:CB:AD:9E:F1:DD:6C:47:33:A9:DC:93:CA:53:1E:1A:14:73 Certificate issuer: /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5 Certificate serial: 5DBD4EA64EF2F630AFD499A02FCEE9832E575930 Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/8a554833-7334-4e02-8426-138572f3d41a.roa Signing time: Tue 06 May 2025 00:00:08 +0000 ROA not before: Tue 06 May 2025 00:00:08 +0000 ROA not after: Tue 10 Jun 2025 23:59:59 +0000 asID: 14618 IP address blocks: 23.249.217.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Tue 13 May 2025 15:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:bd:4e:a6:4e:f2:f6:30:af:d4:99:a0:2f:ce:e9:83:2e:57:59:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5 Validity Not Before: May 6 00:00:08 2025 GMT Not After : Jun 10 23:59:59 2025 GMT Subject: serialNumber=60a4b9e62f39fe51b7ae98191a48625af40dca41c965dbc837855fe4c6c05a21, CN=42519eb9-9579-4979-bdaf-164abd0e290e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:94:d7:dc:ca:69:34:f5:6b:23:84:0c:dc:97: be:ae:b9:2b:d1:1c:0c:c0:6f:a8:25:94:21:3b:9a: 29:d5:3b:a5:f4:d1:0c:d2:5f:90:9a:2d:bb:b7:9b: 2a:5b:91:9a:83:bf:3f:f7:c5:d6:7e:d5:51:cc:77: 57:f9:45:7f:88:d2:73:19:64:ba:0a:56:55:49:f7: b6:ba:0e:c7:c8:3a:8a:4d:22:23:55:15:88:69:f2: 7c:9b:e0:a4:0b:2a:e0:e0:f8:b9:09:59:b8:8b:c4: e7:24:d6:d3:bc:cc:8c:ef:79:c4:37:87:ba:57:32: d5:ea:b0:9f:bc:7b:75:27:20:27:79:26:de:e0:1f: 60:b1:da:ac:f4:b6:bb:d7:63:5b:65:fd:43:2b:7c: 1e:a8:81:25:ba:db:00:2f:c7:2a:a3:ad:99:2d:a6: 59:19:13:54:47:83:ba:57:f9:ab:3f:e4:4e:15:a7: 21:ba:da:4a:20:1d:cb:0c:ab:fa:d7:9e:92:c2:40: f6:1d:6b:76:28:8e:28:e9:12:a6:27:0d:87:3d:9f: 4a:1f:c7:5a:69:a2:6c:50:48:ac:e9:ba:7c:bd:5d: cd:c8:54:c9:f7:1d:10:00:9b:db:f7:24:a4:32:6f: 5f:de:3d:4c:16:c8:b1:2e:52:9c:c7:19:fe:05:d0: 6d:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:A5:BE:CB:AD:9E:F1:DD:6C:47:33:A9:DC:93:CA:53:1E:1A:14:73 X509v3 Authority Key Identifier: keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/8a554833-7334-4e02-8426-138572f3d41a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 23.249.217.0/24 Signature Algorithm: sha256WithRSAEncryption 40:7c:01:9e:a2:38:a7:c0:4d:db:bc:35:f2:41:81:cc:16:bc: 69:58:79:41:14:3f:e4:f0:03:8e:67:31:55:b6:7d:53:a4:0b: 4c:81:bb:df:52:ee:80:b8:1a:90:5d:35:be:ca:bb:3b:8c:b8: 75:49:ca:60:08:7f:83:da:12:8a:8b:cf:a2:5c:e1:91:c3:37: 04:43:b9:77:62:97:93:d7:21:2b:26:00:22:0f:7d:a0:bd:cc: 02:08:ef:fb:a7:35:95:c0:68:a6:fb:d6:ed:4e:5b:4e:6e:5a: cf:87:c7:e8:e6:36:96:87:3a:c2:02:a5:d1:1d:6b:4c:ee:9a: 98:48:e8:c9:5e:d8:96:e1:b2:98:1b:49:a3:46:26:f9:b6:53: 06:c8:0f:e5:19:38:11:78:fc:5e:c0:73:9a:10:67:d8:5b:6e: f0:95:d1:ef:e3:17:5f:8d:f7:be:e2:65:06:e9:6b:f8:4d:a0: 2f:00:ec:0b:37:d4:03:49:42:d5:f3:ec:5e:59:49:33:93:5d: 31:d8:2f:d8:5a:cc:27:0d:3a:c0:a5:92:e8:31:4b:68:45:a7: 1c:91:83:4d:52:7f:08:a6:d9:ca:39:20:ef:fb:0e:e3:ca:2c: bc:f7:61:b0:ca:70:a4:07:78:26:1a:f8:ea:c1:41:5f:ba:04: 52:37:73:cd -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUXb1Opk7y9jCv1JmgL87pgy5XWTAwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwNTA2MDAwMDA4WhcNMjUwNjEwMjM1OTU5 WjB6MUkwRwYDVQQFE0A2MGE0YjllNjJmMzlmZTUxYjdhZTk4MTkxYTQ4NjI1YWY0 MGRjYTQxYzk2NWRiYzgzNzg1NWZlNGM2YzA1YTIxMS0wKwYDVQQDEyQ0MjUxOWVi OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQColNfcymk09WsjhAzcl76uuSvRHAzAb6gllCE7minVO6X0 0QzSX5CaLbu3mypbkZqDvz/3xdZ+1VHMd1f5RX+I0nMZZLoKVlVJ97a6DsfIOopN IiNVFYhp8nyb4KQLKuDg+LkJWbiLxOck1tO8zIzvecQ3h7pXMtXqsJ+8e3UnICd5 Jt7gH2Cx2qz0trvXY1tl/UMrfB6ogSW62wAvxyqjrZktplkZE1RHg7pX+as/5E4V pyG62kogHcsMq/rXnpLCQPYda3YojijpEqYnDYc9n0ofx1ppomxQSKzpuny9Xc3I VMn3HRAAm9v3JKQyb1/ePUwWyLEuUpzHGf4F0G21AgMBAAGjggKxMIICrTAdBgNV HQ4EFgQU16W+y62e8d1sRzOp3JPKUx4aFHMwHwYDVR0jBBgwFoAUvJOucQ+vFCI2 CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04 NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2 ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1 NTUxNGQ5YzdkLzhhNTU0ODMzLTczMzQtNGUwMi04NDI2LTEzODU3MmYzZDQxYS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAAX+dkwDQYJKoZIhvcNAQELBQADggEBAEB8AZ6iOKfATdu8NfJBgcwWvGlY eUEUP+TwA45nMVW2fVOkC0yBu99S7oC4GpBdNb7KuzuMuHVJymAIf4PaEoqLz6Jc 4ZHDNwRDuXdil5PXISsmACIPfaC9zAII7/unNZXAaKb71u1OW05uWs+Hx+jmNpaH OsICpdEda0zumphI6Mle2JbhspgbSaNGJvm2UwbID+UZOBF4/F7Ac5oQZ9hbbvCV 0e/jF1+N977iZQbpa/hNoC8A7As31ANJQtXz7F5ZSTOTXTHYL9hazCcNOsClkugx S2hFpxyRg01Sfwim2co5IO/7DuPKLLz3YbDKcKQHeCYa+OrBQV+6BFI3c80= -----END CERTIFICATE-----Generated at Sun May 11 19:46:59 2025 by rpki-client