$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2c8703a1-34ff-445a-83d6-9423df90d41e.roa File: 2c8703a1-34ff-445a-83d6-9423df90d41e.roa (raw, json) Hash identifier: H8Uu+0Se1pyGKO8Wmppig6fqf23dVbRP+vUiSgjVxAM= Subject key identifier: 85:57:EE:31:FC:99:CF:73:AC:7E:EF:C1:89:EC:E8:A7:0E:1F:C6:95 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 35E92352B708771B1896B6356606BA58164FAD95 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2c8703a1-34ff-445a-83d6-9423df90d41e.roa Signing time: Mon 30 Jun 2025 15:31:06 +0000 ROA not before: Mon 30 Jun 2025 15:31:06 +0000 ROA not after: Mon 04 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 99.150.0.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Wed 02 Jul 2025 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:e9:23:52:b7:08:77:1b:18:96:b6:35:66:06:ba:58:16:4f:ad:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Jun 30 15:31:06 2025 GMT Not After : Aug 4 23:59:59 2025 GMT Subject: serialNumber=57b1268373ec904881df8283fe3f870b69889601ad33d5ba35a2b70ea571eb3d, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:60:6f:ca:c9:30:b8:1c:7c:fb:00:35:4e:7a: 55:1a:81:51:94:3f:ca:15:e2:ad:33:30:87:a8:95: a5:0f:dd:29:56:4b:0f:33:2f:07:ed:51:d1:59:2b: 41:f5:0b:04:a7:30:59:ae:8b:b6:7d:5c:79:bb:51: 24:8c:92:0b:ff:fc:08:5a:57:45:2e:af:f7:fd:1f: 13:cc:d8:6f:8b:8b:47:08:e5:3b:36:04:75:20:59: 93:81:c1:39:f2:8d:83:b0:bb:cd:5c:f6:52:30:c6: 7d:2a:56:c3:d5:dc:d9:c8:5b:b4:89:93:60:93:01: 93:e0:68:f7:8e:8b:16:f1:cf:2b:d9:9e:b8:76:a4: 8e:0e:82:b3:4a:bc:30:fb:ae:46:29:12:b6:74:f5: 74:f7:7b:77:0d:a2:9b:91:35:9b:0b:40:8b:f9:f2: da:e8:cc:32:7b:d4:df:79:a6:07:01:05:97:06:13: e6:96:0a:b6:69:f8:40:35:de:4d:f3:83:22:0c:2c: 34:7c:a3:26:9d:64:c5:96:a4:82:39:b8:03:a5:8a: 32:e3:0e:87:23:d3:a8:d7:7f:2c:68:6d:06:53:dc: 68:3b:92:3f:3f:65:6b:7f:dc:ff:b1:3e:02:86:7b: 03:7e:b0:dc:f7:9e:b7:80:90:f9:5a:57:3d:f2:e6: 4a:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:57:EE:31:FC:99:CF:73:AC:7E:EF:C1:89:EC:E8:A7:0E:1F:C6:95 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2c8703a1-34ff-445a-83d6-9423df90d41e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 99.150.0.0/22 Signature Algorithm: sha256WithRSAEncryption b5:10:35:48:00:b7:29:37:f1:0d:b9:a4:ea:62:59:5c:9f:e3: 7a:ff:c4:da:e8:6d:63:15:ff:26:83:69:f3:51:6c:8d:18:bb: ba:cd:ec:56:27:d9:23:f0:b2:cf:6a:41:dd:f5:30:81:bc:be: e5:90:3f:b6:74:ec:08:10:08:bc:7e:86:ad:a5:37:40:ca:8b: f4:f4:ce:0a:d0:3b:5a:89:06:d1:ed:a4:40:5a:af:df:aa:35: 70:0d:96:c5:f5:10:8e:8c:ab:06:0b:55:d1:c7:61:72:3c:90: 78:43:69:c6:17:e6:f9:de:65:b0:05:8d:71:0f:7d:3a:74:c7: 3b:f5:d7:a1:4e:64:fd:a9:22:95:76:6e:36:d5:44:4d:df:5c: 38:9a:74:58:5e:0b:07:82:7c:2a:43:92:08:49:d8:e9:52:c9: c4:eb:e3:05:68:92:fa:23:ff:65:b2:19:41:cd:de:ca:d2:40: 74:83:ad:54:7f:ff:34:d5:55:61:6a:37:3b:85:dd:83:d2:3a: da:43:c2:49:f7:e2:0b:15:19:c2:bf:e1:c5:76:90:9e:58:af: ff:86:bb:9c:4f:75:61:75:34:41:94:01:c5:40:b6:a3:fd:91: fb:40:4a:44:9c:7d:25:d5:e7:0f:ad:46:ef:79:13:0c:88:28: 0d:40:6a:27 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUNekjUrcIdxsYlrY1Zga6WBZPrZUwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjMwMTUzMTA2WhcNMjUwODA0MjM1OTU5 WjB6MUkwRwYDVQQFE0A1N2IxMjY4MzczZWM5MDQ4ODFkZjgyODNmZTNmODcwYjY5 ODg5NjAxYWQzM2Q1YmEzNWEyYjcwZWE1NzFlYjNkMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCqYG/KyTC4HHz7ADVOelUagVGUP8oV4q0zMIeolaUP3SlW Sw8zLwftUdFZK0H1CwSnMFmui7Z9XHm7USSMkgv//AhaV0Uur/f9HxPM2G+Li0cI 5Ts2BHUgWZOBwTnyjYOwu81c9lIwxn0qVsPV3NnIW7SJk2CTAZPgaPeOixbxzyvZ nrh2pI4OgrNKvDD7rkYpErZ09XT3e3cNopuRNZsLQIv58trozDJ71N95pgcBBZcG E+aWCrZp+EA13k3zgyIMLDR8oyadZMWWpII5uAOlijLjDocj06jXfyxobQZT3Gg7 kj8/ZWt/3P+xPgKGewN+sNz3nreAkPlaVz3y5krvAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUhVfuMfyZz3Osfu/Biezopw4fxpUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzJjODcwM2ExLTM0ZmYtNDQ1YS04M2Q2LTk0MjNkZjkwZDQxZS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAJjlgAwDQYJKoZIhvcNAQELBQADggEBALUQNUgAtyk38Q25pOpiWVyf43r/ xNrobWMV/yaDafNRbI0Yu7rN7FYn2SPwss9qQd31MIG8vuWQP7Z07AgQCLx+hq2l N0DKi/T0zgrQO1qJBtHtpEBar9+qNXANlsX1EI6MqwYLVdHHYXI8kHhDacYX5vne ZbAFjXEPfTp0xzv116FOZP2pIpV2bjbVRE3fXDiadFheCweCfCpDkghJ2OlSycTr 4wVokvoj/2WyGUHN3srSQHSDrVR//zTVVWFqNzuF3YPSOtpDwkn34gsVGcK/4cV2 kJ5Yr/+Gu5xPdWF1NEGUAcVAtqP9kftASkScfSXV5w+tRu95EwyIKA1Aaic= -----END CERTIFICATE-----Generated at Tue Jul 1 01:14:50 2025 by rpki-client