$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1156237d-aa31-489a-b82d-a2045f2f5ce8.roa File: 1156237d-aa31-489a-b82d-a2045f2f5ce8.roa (raw, json) Hash identifier: +8Nekjf54wdBogE8fi/Y+xDl+kO0GkJOYexT1mpbBk0= Subject key identifier: 07:96:AC:82:B7:BD:DA:3E:1E:67:DD:6E:70:9F:A9:53:A9:CD:18:02 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 491ED25BB676AD8679FC8DAD656D7B50240A8F79 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1156237d-aa31-489a-b82d-a2045f2f5ce8.roa Signing time: Tue 12 May 2026 01:40:04 +0000 ROA not before: Tue 12 May 2026 01:40:04 +0000 ROA not after: Mon 10 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 71.152.64.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 14 May 2026 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:1e:d2:5b:b6:76:ad:86:79:fc:8d:ad:65:6d:7b:50:24:0a:8f:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: May 12 01:40:04 2026 GMT Not After : Aug 10 23:59:59 2026 GMT Subject: serialNumber=8b6fb2a7d5b6000bb31a3d7402788fa5ec3fe2c92e24c552e2f888558f328d4d, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:fd:45:43:f4:89:95:92:26:1e:b5:c9:8b:0b: f3:b6:3e:56:00:5d:aa:eb:44:38:f0:d4:92:3c:99: bc:c1:ad:51:3b:5f:93:41:36:55:cf:a1:c4:ea:b0: 86:70:e2:6a:46:43:27:a1:68:34:ed:94:67:ec:90: d5:08:cc:05:77:db:df:d4:5b:7a:38:73:10:da:84: 49:5e:b4:5f:61:91:10:09:78:7b:fb:a3:26:0c:35: b1:07:8b:d6:b4:a8:ec:72:f3:da:5f:d9:f7:95:e8: 1f:ab:bc:3a:ba:cc:1e:fb:ea:49:ca:ec:0a:df:bf: 3b:ac:f9:9e:ee:76:75:43:f3:8c:66:fb:df:5c:b6: 42:2e:80:09:cd:92:94:79:08:7e:a2:ec:52:15:d7: 39:24:a1:0a:6f:b9:fc:c8:96:62:ef:15:30:43:45: b1:f7:ab:22:b7:4d:51:a8:d5:e1:3e:d4:a7:23:41: 0e:b7:2e:1c:c3:4f:f4:8c:3c:88:92:3c:ff:cb:a6: cf:94:f7:1b:3c:61:17:f5:bc:e1:02:94:35:dd:f8: d1:2e:b0:12:ea:e6:3e:18:b0:a2:c8:95:fb:00:4a: 95:37:92:7b:0e:ef:e3:57:ed:d9:40:b3:8c:ab:d5: 29:aa:ba:fe:f7:94:a2:17:f2:81:ac:eb:41:f2:f3: 3b:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:96:AC:82:B7:BD:DA:3E:1E:67:DD:6E:70:9F:A9:53:A9:CD:18:02 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1156237d-aa31-489a-b82d-a2045f2f5ce8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 71.152.64.0/24 Signature Algorithm: sha256WithRSAEncryption 1e:82:97:6a:a0:99:9d:37:02:bb:87:d8:d2:b0:e5:f2:bd:bb: 71:e4:cc:2b:54:be:32:79:35:49:b9:10:20:dc:ce:2c:de:0c: 68:05:29:7b:87:c2:d8:e8:0c:30:ab:8c:77:c0:85:5a:0c:2d: 8d:96:d4:07:d6:14:b1:a3:0c:09:03:46:95:b5:d5:fb:63:78: 2d:88:45:f0:7b:87:b7:46:d4:57:19:1f:8c:ff:a3:f2:9d:02: f3:1a:ba:02:e3:f0:e8:93:7e:ea:cf:3a:0e:66:68:8c:ff:05: dc:ac:1c:80:bc:07:3f:5c:a3:5a:bc:6b:77:c8:35:ae:07:b0: 05:78:de:bc:52:23:f1:c7:e4:0d:57:de:b6:d3:72:85:5b:5b: 4a:bc:7e:b2:b6:9b:74:0a:40:2c:8e:af:ca:50:43:3b:fa:a2: 59:69:12:5d:16:16:1c:37:c3:94:c3:c3:2a:2f:26:fb:f2:46: 7f:97:8c:6e:d2:2f:7c:04:be:60:9c:08:b6:0d:19:4a:22:d2: c4:ec:3b:89:dd:38:6a:ae:f4:d3:fd:da:b2:9d:4c:6f:a6:b3: 71:1e:59:6b:16:13:45:bc:9b:c8:75:7c:a1:24:0e:72:57:91: 17:6a:5c:5c:b8:14:42:72:d2:19:8e:bf:ca:04:8d:3b:89:05: e9:df:bc:04 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUSR7SW7Z2rYZ5/I2tZW17UCQKj3kwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNTEyMDE0MDA0WhcNMjYwODEwMjM1OTU5 WjB6MUkwRwYDVQQFE0A4YjZmYjJhN2Q1YjYwMDBiYjMxYTNkNzQwMjc4OGZhNWVj M2ZlMmM5MmUyNGM1NTJlMmY4ODg1NThmMzI4ZDRkMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCO/UVD9ImVkiYetcmLC/O2PlYAXarrRDjw1JI8mbzBrVE7 X5NBNlXPocTqsIZw4mpGQyehaDTtlGfskNUIzAV329/UW3o4cxDahEletF9hkRAJ eHv7oyYMNbEHi9a0qOxy89pf2feV6B+rvDq6zB776knK7Arfvzus+Z7udnVD84xm +99ctkIugAnNkpR5CH6i7FIV1zkkoQpvufzIlmLvFTBDRbH3qyK3TVGo1eE+1Kcj QQ63LhzDT/SMPIiSPP/Lps+U9xs8YRf1vOEClDXd+NEusBLq5j4YsKLIlfsASpU3 knsO7+NX7dlAs4yr1Smquv73lKIX8oGs60Hy8zv1AgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUB5asgre92j4eZ91ucJ+pU6nNGAIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzExNTYyMzdkLWFhMzEtNDg5YS1iODJkLWEyMDQ1ZjJmNWNlOC5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBABHmEAwDQYJKoZIhvcNAQELBQADggEBAB6Cl2qgmZ03AruH2NKw5fK9u3Hk zCtUvjJ5NUm5ECDczizeDGgFKXuHwtjoDDCrjHfAhVoMLY2W1AfWFLGjDAkDRpW1 1ftjeC2IRfB7h7dG1FcZH4z/o/KdAvMaugLj8OiTfurPOg5maIz/BdysHIC8Bz9c o1q8a3fINa4HsAV43rxSI/HH5A1X3rbTcoVbW0q8frK2m3QKQCyOr8pQQzv6ollp El0WFhw3w5TDwyovJvvyRn+XjG7SL3wEvmCcCLYNGUoi0sTsO4ndOGqu9NP92rKd TG+ms3EeWWsWE0W8m8h1fKEkDnJXkRdqXFy4FEJy0hmOv8oEjTuJBenfvAQ= -----END CERTIFICATE-----Generated at Tue May 12 21:59:11 2026 by rpki-client