$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/b09c0df5-29e8-430d-b994-fadbc1050235.roa File: b09c0df5-29e8-430d-b994-fadbc1050235.roa (raw, json) Hash identifier: IkNlX50e1AuFrg+049ZYT4guK6pQpckuVTFoGS02AX8= Subject key identifier: 03:64:CC:51:B6:D8:8A:90:0A:69:5B:84:3F:BD:BD:62:AC:BB:EC:20 Certificate issuer: /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5 Certificate serial: 3A00540DA601E457BEBE356EED85B56C7B685520 Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/b09c0df5-29e8-430d-b994-fadbc1050235.roa Signing time: Tue 06 May 2025 00:00:14 +0000 ROA not before: Tue 06 May 2025 00:00:14 +0000 ROA not after: Tue 10 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 23.249.214.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 11 May 2025 15:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:00:54:0d:a6:01:e4:57:be:be:35:6e:ed:85:b5:6c:7b:68:55:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5 Validity Not Before: May 6 00:00:14 2025 GMT Not After : Jun 10 23:59:59 2025 GMT Subject: serialNumber=d6ae6600aa733b206c5fa848371da6b41e378bb85b2c648148528aaaf45598b4, CN=42519eb9-9579-4979-bdaf-164abd0e290e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:27:e0:83:62:30:e9:97:bf:a3:5c:b0:c9:12: 32:38:08:03:70:b2:15:83:e1:0b:5e:43:30:a8:c6: 61:4f:cf:2b:69:b9:c0:fa:2b:1b:d6:87:a2:2a:f2: 2b:1a:de:7a:12:44:22:71:ba:2b:98:b8:ee:68:e0: cc:06:f9:ec:4e:e6:ef:2e:a9:53:db:37:71:e0:ac: bb:cb:8f:7c:0a:08:49:fc:4b:33:68:ec:8c:87:77: 05:fb:ad:4c:00:7c:57:6e:4e:23:5e:c1:bb:0c:cb: e0:b4:02:84:27:70:d9:f8:12:62:09:0d:14:f0:50: f3:83:7d:43:38:4d:df:40:d9:62:16:76:d9:a6:02: e2:05:d7:cc:0d:6e:38:b5:cf:c7:72:79:a0:36:b7: 8f:fb:91:47:ee:9e:ee:96:cc:4b:5f:d9:6b:a2:d5: dd:db:f3:f7:a5:c7:59:b2:3b:b7:74:08:21:08:c2: d6:d2:f7:1f:57:6e:2a:5a:ec:71:b6:de:fd:3a:d0: 57:6d:46:10:78:6d:da:47:66:f3:be:78:47:2b:11: ac:6d:cb:d6:5a:91:fa:9b:cb:f5:98:e7:38:91:20: 4e:8a:65:4f:3a:57:a8:f9:dc:0d:82:34:6d:93:c0: cd:32:ac:cd:92:13:76:db:2f:a5:26:2e:92:bc:38: b5:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:64:CC:51:B6:D8:8A:90:0A:69:5B:84:3F:BD:BD:62:AC:BB:EC:20 X509v3 Authority Key Identifier: keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/b09c0df5-29e8-430d-b994-fadbc1050235.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 23.249.214.0/24 Signature Algorithm: sha256WithRSAEncryption 3c:0b:10:04:84:a8:50:22:a1:87:95:c3:d3:db:46:97:7d:18: 25:d2:6c:fd:08:85:e0:06:0e:37:4f:47:4e:f1:b1:58:b7:38: c5:1c:9b:5d:47:a4:05:be:98:e9:4d:eb:c4:06:5b:42:af:01: df:5a:6f:96:bd:fd:35:a2:b9:53:ca:72:33:c4:ce:05:4a:7f: c6:eb:6b:bd:22:76:3c:c0:32:a7:53:84:cc:71:6d:29:a3:fc: 0b:bc:b8:8d:b8:52:5a:8b:2c:39:30:c9:c9:fe:7b:2c:76:ad: 97:ba:da:df:41:c9:51:0c:8b:7a:fe:23:db:64:ab:d1:f2:bc: db:8b:1e:ed:f0:0c:37:40:48:39:41:e5:8a:12:43:6d:e3:af: 07:70:45:26:cb:1b:b9:1d:6a:a8:7e:9f:3b:9d:cb:e9:90:68: 3d:ea:fe:65:06:59:a6:7d:b2:9f:ca:4a:09:d3:29:21:dc:ff: e1:03:7b:d8:85:27:51:a2:2e:df:65:7e:26:ad:41:12:31:e9: 1c:c6:5e:d4:5a:6c:74:de:32:52:6c:07:cf:ed:b0:e5:25:3c: 94:27:26:bc:ce:7e:03:40:15:04:60:d4:41:12:f5:5b:89:b0: d3:ce:1d:a6:c9:53:45:e7:a4:84:48:bf:54:52:a0:c7:2a:8b: ac:74:fb:4f -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUOgBUDaYB5Fe+vjVu7YW1bHtoVSAwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwNTA2MDAwMDE0WhcNMjUwNjEwMjM1OTU5 WjB6MUkwRwYDVQQFE0BkNmFlNjYwMGFhNzMzYjIwNmM1ZmE4NDgzNzFkYTZiNDFl Mzc4YmI4NWIyYzY0ODE0ODUyOGFhYWY0NTU5OGI0MS0wKwYDVQQDEyQ0MjUxOWVi OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCpJ+CDYjDpl7+jXLDJEjI4CANwshWD4QteQzCoxmFPzytp ucD6KxvWh6Iq8isa3noSRCJxuiuYuO5o4MwG+exO5u8uqVPbN3HgrLvLj3wKCEn8 SzNo7IyHdwX7rUwAfFduTiNewbsMy+C0AoQncNn4EmIJDRTwUPODfUM4Td9A2WIW dtmmAuIF18wNbji1z8dyeaA2t4/7kUfunu6WzEtf2Wui1d3b8/elx1myO7d0CCEI wtbS9x9Xbipa7HG23v060FdtRhB4bdpHZvO+eEcrEaxty9Zakfqby/WY5ziRIE6K ZU86V6j53A2CNG2TwM0yrM2SE3bbL6UmLpK8OLWRAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUA2TMUbbYipAKaVuEP729Yqy77CAwHwYDVR0jBBgwFoAUvJOucQ+vFCI2 CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04 NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2 ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1 NTUxNGQ5YzdkL2IwOWMwZGY1LTI5ZTgtNDMwZC1iOTk0LWZhZGJjMTA1MDIzNS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAAX+dYwDQYJKoZIhvcNAQELBQADggEBADwLEASEqFAioYeVw9PbRpd9GCXS bP0IheAGDjdPR07xsVi3OMUcm11HpAW+mOlN68QGW0KvAd9ab5a9/TWiuVPKcjPE zgVKf8bra70idjzAMqdThMxxbSmj/Au8uI24UlqLLDkwycn+eyx2rZe62t9ByVEM i3r+I9tkq9HyvNuLHu3wDDdASDlB5YoSQ23jrwdwRSbLG7kdaqh+nzudy+mQaD3q /mUGWaZ9sp/KSgnTKSHc/+EDe9iFJ1GiLt9lfiatQRIx6RzGXtRabHTeMlJsB8/t sOUlPJQnJrzOfgNAFQRg1EES9VuJsNPOHabJU0XnpIRIv1RSoMcqi6x0+08= -----END CERTIFICATE-----Generated at Sat May 10 10:24:20 2025 by rpki-client