$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/70af8ef2-4e52-368a-a50c-aa4fc74ac17e.roa File: 70af8ef2-4e52-368a-a50c-aa4fc74ac17e.roa (raw, json) Hash identifier: 3omKFoQcmrHLjwKDrkrxZeULfJiZQioSQBje3mCjbWg= Subject key identifier: 71:A7:DE:30:47:C0:1D:FF:E9:EF:7A:53:9C:44:7C:F3:A3:2D:46:59 Certificate issuer: /CN=5d9c9ef5-b960-412d-af5e-2df18c21f809 Certificate serial: 010D0C9F43285849ABB4B2393C0EF85A3F526480 Authority key identifier: 86:A4:37:D4:6D:BA:92:7A:E6:8D:9D:6A:F3:35:C6:46:9A:DD:17:ED Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809.cer Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/70af8ef2-4e52-368a-a50c-aa4fc74ac17e.roa Signing time: Mon 28 Apr 2025 01:00:48 +0000 ROA not before: Mon 28 Apr 2025 01:00:48 +0000 ROA not after: Sun 27 Jul 2025 01:00:48 +0000 asID: 20940 IP address blocks: 23.223.28.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/5d9c9ef5-b960-412d-af5e-2df18c21f809.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/5d9c9ef5-b960-412d-af5e-2df18c21f809.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Wed 07 May 2025 20:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:0d:0c:9f:43:28:58:49:ab:b4:b2:39:3c:0e:f8:5a:3f:52:64:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d9c9ef5-b960-412d-af5e-2df18c21f809 Validity Not Before: Apr 28 01:00:48 2025 GMT Not After : Jul 27 01:00:48 2025 GMT Subject: CN=163cd98d-e4fd-47ac-8aa9-c017a4df716b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:5e:88:14:d9:06:da:17:91:81:2b:96:8c:65: 55:ba:81:6d:4b:cb:6c:94:ee:a7:f3:dd:61:67:4f: 96:98:a7:23:6b:3f:11:1d:be:cd:e6:14:d1:17:f3: 13:fc:04:f5:2d:41:21:a4:c1:9b:16:2d:28:b7:27: 64:cf:8e:29:35:4f:1a:88:33:ba:39:f6:d3:fa:da: a1:98:d9:51:36:24:02:8c:70:63:cb:80:97:84:88: 98:8d:45:70:10:ed:e7:d1:a7:14:91:21:e2:9f:a2: b4:8f:f0:9c:ae:b8:a2:84:91:1d:d0:3b:77:61:3c: 41:f3:ea:05:0b:2d:c4:c8:d4:0e:37:d0:6a:ef:aa: b0:96:e0:5b:1a:dc:16:70:1a:dd:53:47:2b:74:6f: 2f:3c:c0:f7:87:ee:df:62:ef:43:ed:0b:cc:41:b1: f9:80:68:14:d2:92:fd:60:12:1c:80:3e:85:5b:b5: cd:07:2d:c4:2d:03:0b:28:c9:b9:dc:3b:1c:9f:b5: 52:fe:c6:89:c5:0f:d9:67:6e:00:6e:55:9a:9d:5c: 9d:35:96:e5:35:49:08:2a:3a:90:55:de:6d:bf:96: 20:90:d4:26:10:27:20:5f:0f:b8:aa:3a:78:93:e0: 3c:f7:6c:0e:15:32:e3:cc:e0:0e:21:18:9b:e9:e9: ba:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:A7:DE:30:47:C0:1D:FF:E9:EF:7A:53:9C:44:7C:F3:A3:2D:46:59 Subject Information Access: Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/70af8ef2-4e52-368a-a50c-aa4fc74ac17e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809/5d9c9ef5-b960-412d-af5e-2df18c21f809.crl X509v3 Authority Key Identifier: keyid:86:A4:37:D4:6D:BA:92:7A:E6:8D:9D:6A:F3:35:C6:46:9A:DD:17:ED X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/5d9c9ef5-b960-412d-af5e-2df18c21f809.cer sbgp-ipAddrBlock: critical IPv4: 23.223.28.0/24 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.arin.net/resources/rpki/cps.html Signature Algorithm: sha256WithRSAEncryption 8d:32:18:db:46:1d:96:57:15:c7:0a:e5:0c:1f:5d:8a:b2:cf: 48:0a:9e:65:50:55:8d:6a:57:49:e7:c1:ca:36:92:cd:e0:8d: 2c:e9:7b:9a:81:79:ad:de:d4:9b:b5:c8:cc:93:d0:d0:e0:1d: 9a:61:76:61:6a:78:07:12:ae:a4:00:50:45:3d:e2:af:5a:c9: 11:d0:10:76:54:af:5b:48:e8:12:e6:84:55:79:d6:74:81:4c: ae:e9:c8:b2:25:97:55:3c:4f:3b:b8:20:a1:71:5c:2c:6c:1e: 3a:64:c3:b5:e0:20:ee:bd:e0:ca:ed:f2:3d:63:fb:9d:4b:03: c4:9a:e5:d2:9b:33:b9:3b:b4:8a:76:49:62:e0:4c:fd:e2:1f: 24:73:dd:c5:22:74:55:1f:82:36:86:73:1d:86:87:6d:5e:d1: 49:98:1d:4a:75:45:55:4c:0b:d5:79:d1:83:75:3e:80:f4:d8: a1:a9:1d:18:e2:62:70:d0:10:99:9a:0a:c6:23:ee:f9:ef:6f: 88:f8:e4:37:28:88:a0:41:3c:50:f8:84:c2:db:f2:c2:90:59: 59:d3:55:e8:e8:59:6d:4d:e7:a1:eb:d4:01:54:bb:3a:62:17: eb:65:54:8c:47:9a:ae:99:70:2e:65:50:9a:cb:72:10:fe:19: 9e:a8:72:2d -----BEGIN CERTIFICATE----- MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEmrtLI5PA74Wj9SZIAwDQYJKoZIhvcNAQEL BQAwLzEtMCsGA1UEAxMkNWQ5YzllZjUtYjk2MC00MTJkLWFmNWUtMmRmMThjMjFm ODA5MB4XDTI1MDQyODAxMDA0OFoXDTI1MDcyNzAxMDA0OFowLzEtMCsGA1UEAxMk MTYzY2Q5OGQtZTRmZC00N2FjLThhYTktYzAxN2E0ZGY3MTZiMIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEArF6IFNkG2heRgSuWjGVVuoFtS8tslO6n891h Z0+WmKcjaz8RHb7N5hTRF/MT/AT1LUEhpMGbFi0otydkz44pNU8aiDO6OfbT+tqh mNlRNiQCjHBjy4CXhIiYjUVwEO3n0acUkSHin6K0j/CcrriihJEd0Dt3YTxB8+oF Cy3EyNQON9Bq76qwluBbGtwWcBrdU0crdG8vPMD3h+7fYu9D7QvMQbH5gGgU0pL9 YBIcgD6FW7XNBy3ELQMLKMm53Dscn7VS/saJxQ/ZZ24AblWanVydNZblNUkIKjqQ Vd5tv5YgkNQmECcgXw+4qjp4k+A892wOFTLjzOAOIRib6em6dQIDAQABo4IDVTCC A1EwHQYDVR0OBBYEFHGn3jBHwB3/6e96U5xEfPOjLUZZMIHlBggrBgEFBQcBCwSB 2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS81ZDlj OWVmNS1iOTYwLTQxMmQtYWY1ZS0yZGYxOGMyMWY4MDkvNzBhZjhlZjItNGU1Mi0z NjhhLWE1MGMtYWE0ZmM3NGFjMTdlLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvNWQ5YzllZjUtYjk2MC00MTJkLWFm NWUtMmRmMThjMjFmODA5LzVkOWM5ZWY1LWI5NjAtNDEyZC1hZjVlLTJkZjE4YzIx ZjgwOS5jcmwwHwYDVR0jBBgwFoAUhqQ31G26knrmjZ1q8zXGRprdF+0wDgYDVR0P AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz OS1hMmYzLTYyOTlhM2IwMmUyOS81ZDljOWVmNS1iOTYwLTQxMmQtYWY1ZS0yZGYx OGMyMWY4MDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAF98cMFQG A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93 d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL BQADggEBAI0yGNtGHZZXFccK5QwfXYqyz0gKnmVQVY1qV0nnwco2ks3gjSzpe5qB ea3e1Ju1yMyT0NDgHZphdmFqeAcSrqQAUEU94q9ayRHQEHZUr1tI6BLmhFV51nSB TK7pyLIll1U8Tzu4IKFxXCxsHjpkw7XgIO694Mrt8j1j+51LA8Sa5dKbM7k7tIp2 SWLgTP3iHyRz3cUidFUfgjaGcx2Gh21e0UmYHUp1RVVMC9V50YN1PoD02KGpHRji YnDQEJmaCsYj7vnvb4j45DcoiKBBPFD4hMLb8sKQWVnTVejoWW1N56Hr1AFUuzpi F+tlVIxHmq6ZcC5lUJrLchD+GZ6oci0= -----END CERTIFICATE-----Generated at Tue May 6 13:04:04 2025 by rpki-client