$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/bfa510ed-d40b-4552-a4d8-5bb4c30e482a.roa File: bfa510ed-d40b-4552-a4d8-5bb4c30e482a.roa (raw, json) Hash identifier: 2v4Nf6PEA2k/TV4ZdjIcHPWD3qfNsLjJhVWfGejQ7OI= Subject key identifier: 87:9B:80:82:BB:9C:3E:52:6F:18:F8:DF:2D:80:00:CB:8A:83:F3:9A Certificate issuer: /CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5 Certificate serial: 37DBB5021E9DB0BCD74DCE51D10E2FF45C16F56D Authority key identifier: BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/bfa510ed-d40b-4552-a4d8-5bb4c30e482a.roa Signing time: Tue 06 May 2025 00:00:07 +0000 ROA not before: Tue 06 May 2025 00:00:07 +0000 ROA not after: Tue 10 Jun 2025 23:59:59 +0000 asID: 8987 IP address blocks: 23.249.213.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/1059b52d-846a-4cbe-a7db-796f1dd8b929.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Fri 09 May 2025 15:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:db:b5:02:1e:9d:b0:bc:d7:4d:ce:51:d1:0e:2f:f4:5c:16:f5:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5 Validity Not Before: May 6 00:00:07 2025 GMT Not After : Jun 10 23:59:59 2025 GMT Subject: serialNumber=5a2defc620c97e1ad81fccfc1a5c37efae17056aa16eaa1b51a63c27f78f16bd, CN=42519eb9-9579-4979-bdaf-164abd0e290e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:7b:23:56:24:e3:00:d4:b7:ba:c8:f9:e5:79: 49:a1:10:c3:92:75:82:3c:ec:87:0d:e0:7a:0b:6d: 31:24:25:3e:54:4a:4c:9b:15:21:af:72:cf:dc:37: f9:9e:1e:1b:4a:9d:13:ab:71:32:68:9c:fb:97:ee: af:58:0d:7b:50:a2:a1:d6:5e:9c:41:b1:ba:ee:10: 69:67:fb:6c:04:8d:1f:c1:94:68:24:72:c8:7e:c7: e4:8d:58:69:c1:83:88:a0:bd:8d:63:b0:0c:26:fb: f7:c6:a7:55:db:03:ca:70:24:76:b5:11:87:d7:98: a5:59:cd:9e:85:6c:5e:b7:f3:5b:86:c7:14:74:76: 3a:fd:a0:40:0f:80:fb:41:3c:ca:ce:b6:79:ab:dc: 08:fb:77:f5:45:a5:3d:ee:65:69:4a:56:43:a8:9f: 91:91:ac:8e:e7:f2:06:f7:40:a1:9d:ad:a0:cb:cf: f1:55:ad:4a:34:16:59:b3:41:3c:63:4e:f0:46:1f: 90:49:2c:36:1a:38:67:f5:cc:4a:10:e0:6b:d7:bb: 82:7c:ae:39:cd:06:c6:48:97:1d:ce:9a:f4:94:e5: 2b:b8:b3:85:af:18:6b:9f:9f:bb:41:88:43:79:cf: 9d:01:ec:d6:fd:9d:e3:e7:c8:42:ef:52:7a:d3:98: 78:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:9B:80:82:BB:9C:3E:52:6F:18:F8:DF:2D:80:00:CB:8A:83:F3:9A X509v3 Authority Key Identifier: keyid:BC:93:AE:71:0F:AF:14:22:36:08:2F:8E:D9:6B:56:CB:A9:D5:02:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1059b52d-846a-4cbe-a7db-796f1dd8b929/d58fa2ccb66b1b0eae2d6e3f5c46e9c2f2d1d309dfbd9d2af5.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/bfa510ed-d40b-4552-a4d8-5bb4c30e482a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b8a1dd25-c313-4f25-ac21-bf55514d9c7d/axsOri1uP1xG6cLy0dMJ372dKvU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 23.249.213.0/24 Signature Algorithm: sha256WithRSAEncryption 2e:b3:1b:86:e4:55:1f:23:0e:b4:c4:56:5c:46:db:74:7b:5b: e5:50:e6:8e:48:31:92:2b:73:2e:cf:30:23:a7:6a:d8:ef:00: 6d:b2:19:c2:64:8e:30:be:b3:76:bc:5c:36:d2:a9:f4:a4:84: d1:05:e4:ef:ad:a4:cf:45:73:72:85:82:5f:fc:24:80:1c:74: 69:96:36:ec:fe:8b:73:65:23:46:90:4c:bf:ff:16:3f:3a:4e: bc:5e:28:dd:48:6c:45:da:0a:ba:d8:21:55:da:d3:f8:a3:d5: a4:93:ff:0e:b7:63:e8:ad:e9:8e:aa:ae:4f:8f:ba:c0:ad:30: ee:d0:05:dc:4b:67:bc:da:82:64:6e:14:27:e2:86:5b:16:5a: e4:42:98:57:04:37:41:16:65:a2:b1:70:ac:55:9f:14:70:6c: 7c:a2:94:eb:78:0d:40:86:87:10:22:68:c0:2f:68:35:0b:6a: 70:50:f5:4b:8b:83:01:1a:a2:08:83:66:01:f0:e0:9c:6a:af: 72:2e:df:41:8c:7d:e3:5a:86:5f:33:bc:3e:11:65:00:a4:e7: fe:3c:10:a9:e9:66:2b:08:58:5e:f5:7f:bf:e9:c0:aa:c7:5d: 82:c6:f9:d8:3f:2a:96:9f:9f:85:ba:53:29:31:60:5e:4c:d0: 4a:24:c0:99 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUN9u1Ah6dsLzXTc5R0Q4v9FwW9W0wDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2ZTNmNWM0NmU5YzJm MmQxZDMwOWRmYmQ5ZDJhZjUwHhcNMjUwNTA2MDAwMDA3WhcNMjUwNjEwMjM1OTU5 WjB6MUkwRwYDVQQFE0A1YTJkZWZjNjIwYzk3ZTFhZDgxZmNjZmMxYTVjMzdlZmFl MTcwNTZhYTE2ZWFhMWI1MWE2M2MyN2Y3OGYxNmJkMS0wKwYDVQQDEyQ0MjUxOWVi OS05NTc5LTQ5NzktYmRhZi0xNjRhYmQwZTI5MGUwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDYeyNWJOMA1Le6yPnleUmhEMOSdYI87IcN4HoLbTEkJT5U SkybFSGvcs/cN/meHhtKnROrcTJonPuX7q9YDXtQoqHWXpxBsbruEGln+2wEjR/B lGgkcsh+x+SNWGnBg4igvY1jsAwm+/fGp1XbA8pwJHa1EYfXmKVZzZ6FbF6381uG xxR0djr9oEAPgPtBPMrOtnmr3Aj7d/VFpT3uZWlKVkOon5GRrI7n8gb3QKGdraDL z/FVrUo0FlmzQTxjTvBGH5BJLDYaOGf1zEoQ4GvXu4J8rjnNBsZIlx3OmvSU5Su4 s4WvGGufn7tBiEN5z50B7Nb9nePnyELvUnrTmHibAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUh5uAgrucPlJvGPjfLYAAy4qD85owHwYDVR0jBBgwFoAUvJOucQ+vFCI2 CC+O2WtWy6nVAo0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xMDU5YjUyZC04 NDZhLTRjYmUtYTdkYi03OTZmMWRkOGI5MjkvZDU4ZmEyY2NiNjZiMWIwZWFlMmQ2 ZTNmNWM0NmU5YzJmMmQxZDMwOWRmYmQ5ZDJhZjUuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvYjhhMWRkMjUtYzMxMy00ZjI1LWFjMjEtYmY1 NTUxNGQ5YzdkL2JmYTUxMGVkLWQ0MGItNDU1Mi1hNGQ4LTViYjRjMzBlNDgyYS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I4YTFkZDI1LWMzMTMtNGYyNS1hYzIx LWJmNTU1MTRkOWM3ZC9heHNPcmkxdVAxeEc2Y0x5MGRNSjM3MmRLdlUuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAAX+dUwDQYJKoZIhvcNAQELBQADggEBAC6zG4bkVR8jDrTEVlxG23R7W+VQ 5o5IMZIrcy7PMCOnatjvAG2yGcJkjjC+s3a8XDbSqfSkhNEF5O+tpM9Fc3KFgl/8 JIAcdGmWNuz+i3NlI0aQTL//Fj86TrxeKN1IbEXaCrrYIVXa0/ij1aST/w63Y+it 6Y6qrk+PusCtMO7QBdxLZ7zagmRuFCfihlsWWuRCmFcEN0EWZaKxcKxVnxRwbHyi lOt4DUCGhxAiaMAvaDULanBQ9UuLgwEaogiDZgHw4Jxqr3Iu30GMfeNahl8zvD4R ZQCk5/48EKnpZisIWF71f7/pwKrHXYLG+dg/Kpafn4W6UykxYF5M0EokwJk= -----END CERTIFICATE-----Generated at Thu May 8 00:12:37 2025 by rpki-client