$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/5aa60e94-2eda-3416-b925-e6b36e93be4e.roa File: 5aa60e94-2eda-3416-b925-e6b36e93be4e.roa (raw, json) Hash identifier: cU+9QXURBwVeTdxCeg3cMqToaNh8uCvKS1CNu1/hmOM= Subject key identifier: 32:76:41:67:61:EC:AC:6A:3B:70:25:D7:71:76:F8:52:2F:04:C8:B1 Certificate issuer: /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3 Certificate serial: 010D0C9F43285849B14A3850E677DBBBDC5AD200 Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/5aa60e94-2eda-3416-b925-e6b36e93be4e.roa Signing time: Wed 30 Apr 2025 01:00:47 +0000 ROA not before: Wed 30 Apr 2025 01:00:47 +0000 ROA not after: Tue 29 Jul 2025 01:00:47 +0000 asID: 14 IP address blocks: 209.2.208.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 11 May 2025 20:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:0d:0c:9f:43:28:58:49:b1:4a:38:50:e6:77:db:bb:dc:5a:d2:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3 Validity Not Before: Apr 30 01:00:47 2025 GMT Not After : Jul 29 01:00:47 2025 GMT Subject: CN=6a162d49-bd73-4c92-86e9-4350cea5fabf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:63:23:1a:88:c8:90:41:d4:67:38:aa:a7:cb: 24:5c:e8:56:41:3d:2a:3b:b6:8f:4e:0c:c4:2d:7b: 8b:79:1b:66:d4:12:60:e1:7a:78:b1:5f:a0:32:87: 7f:ad:1a:ab:d8:54:fa:5c:54:a3:50:60:10:84:3f: 14:ff:28:47:7d:61:04:37:94:e2:b8:f0:84:8a:b3: 2c:c6:c0:a9:fa:2f:19:e0:f0:69:6c:d0:6d:30:75: 87:5d:aa:8d:f2:bf:4d:df:5c:0d:5c:69:9e:3e:84: 47:87:91:36:9a:a0:d6:a5:fc:65:2c:51:a2:43:13: d5:3c:dc:ff:e6:0b:ef:e7:0b:7b:22:10:bd:d6:e3: 28:05:b2:65:ba:86:87:d8:84:00:1c:31:fa:78:39: 7b:4f:7f:96:2b:76:11:6c:ef:df:56:4b:c1:02:56: e3:79:06:7a:a6:f0:4b:a5:3c:df:0a:62:4e:99:cc: 94:48:ff:10:03:32:8a:8b:e2:9f:a8:01:46:1f:e1: 9e:dc:2f:57:bd:5e:d6:49:36:a2:71:7d:2d:60:a3: 63:2c:c3:51:35:65:94:81:dc:2e:8b:66:7b:ee:3f: 25:c9:99:6d:48:bb:a9:82:a2:4f:ac:a3:de:4e:11: 17:52:1f:d9:55:73:ee:df:1a:a3:58:8d:8b:93:16: 2f:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:76:41:67:61:EC:AC:6A:3B:70:25:D7:71:76:F8:52:2F:04:C8:B1 Subject Information Access: Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/5aa60e94-2eda-3416-b925-e6b36e93be4e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl X509v3 Authority Key Identifier: keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer sbgp-ipAddrBlock: critical IPv4: 209.2.208.0/20 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.arin.net/resources/rpki/cps.html Signature Algorithm: sha256WithRSAEncryption 18:5c:19:02:22:1b:b0:41:46:a7:2e:27:f0:13:59:3a:cf:82: d4:e7:9c:77:02:25:3d:06:fb:e6:58:12:5a:4b:76:10:17:1e: 65:78:8e:ef:5d:b5:af:fa:6a:14:30:0e:0a:76:6f:43:36:ad: 82:5a:92:4b:de:d7:d0:74:6b:46:04:1f:76:17:1f:8a:aa:9d: 80:3d:4a:89:81:dc:cb:89:49:de:ca:54:42:cc:16:65:dd:e8: fb:04:ec:1b:29:55:0a:a0:39:46:a0:a5:8c:14:78:90:28:9d: 1d:9a:82:ef:1c:ed:fd:89:98:fe:1c:60:46:4a:2a:43:9a:55: 04:33:8b:25:00:9b:e1:a7:01:57:c3:b0:c6:af:46:52:31:41: 91:1e:97:15:a5:dd:52:ed:22:e1:c9:fc:96:24:e9:2d:18:6b: 95:95:a0:57:88:95:5c:33:0e:cd:85:71:47:bb:5f:11:b8:26: d0:ca:f8:3c:45:b0:5f:69:6b:6c:10:7f:4c:1d:c6:b0:27:35: e7:1a:f8:76:a9:4f:ad:6b:e9:48:e2:3b:ed:9a:92:7a:4d:87: 63:33:de:49:a0:45:64:6e:4e:ec:aa:6d:03:22:23:e2:0e:63: 55:80:e6:24:79:84:d5:ee:1b:4d:dd:d0:ed:c1:7e:81:ed:bd: da:41:b7:6f -----BEGIN CERTIFICATE----- MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEmxSjhQ5nfbu9xa0gAwDQYJKoZIhvcNAQEL BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi MmQzMB4XDTI1MDQzMDAxMDA0N1oXDTI1MDcyOTAxMDA0N1owLzEtMCsGA1UEAxMk NmExNjJkNDktYmQ3My00YzkyLTg2ZTktNDM1MGNlYTVmYWJmMIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmMjGojIkEHUZziqp8skXOhWQT0qO7aPTgzE LXuLeRtm1BJg4Xp4sV+gMod/rRqr2FT6XFSjUGAQhD8U/yhHfWEEN5TiuPCEirMs xsCp+i8Z4PBpbNBtMHWHXaqN8r9N31wNXGmePoRHh5E2mqDWpfxlLFGiQxPVPNz/ 5gvv5wt7IhC91uMoBbJluoaH2IQAHDH6eDl7T3+WK3YRbO/fVkvBAlbjeQZ6pvBL pTzfCmJOmcyUSP8QAzKKi+KfqAFGH+Ge3C9XvV7WSTaicX0tYKNjLMNRNWWUgdwu i2Z77j8lyZltSLupgqJPrKPeThEXUh/ZVXPu3xqjWI2LkxYvhwIDAQABo4IDVTCC A1EwHQYDVR0OBBYEFDJ2QWdh7KxqO3Al13F2+FIvBMixMIHlBggrBgEFBQcBCwSB 2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvNWFhNjBlOTQtMmVkYS0z NDE2LWI5MjUtZTZiMzZlOTNiZTRlLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05 NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1 YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3 M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE0QLQMFQG A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93 d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL BQADggEBABhcGQIiG7BBRqcuJ/ATWTrPgtTnnHcCJT0G++ZYElpLdhAXHmV4ju9d ta/6ahQwDgp2b0M2rYJakkve19B0a0YEH3YXH4qqnYA9SomB3MuJSd7KVELMFmXd 6PsE7BspVQqgOUagpYwUeJAonR2agu8c7f2JmP4cYEZKKkOaVQQziyUAm+GnAVfD sMavRlIxQZEelxWl3VLtIuHJ/JYk6S0Ya5WVoFeIlVwzDs2FcUe7XxG4JtDK+DxF sF9pa2wQf0wdxrAnNeca+HapT61r6UjiO+2aknpNh2Mz3kmgRWRuTuyqbQMiI+IO Y1WA5iR5hNXuG03d0O3BfoHtvdpBt28= -----END CERTIFICATE-----Generated at Sat May 10 13:08:33 2025 by rpki-client