$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3c60dda9-8882-487b-951b-14baa9359e8e.roa File: 3c60dda9-8882-487b-951b-14baa9359e8e.roa (raw, json) Hash identifier: glayBsxxAX37/iDSksfy8UnqBzlNPMZaBc0lTLE4u/8= Subject key identifier: 68:77:47:A9:6E:31:4E:A3:DA:E1:FD:B3:63:3B:14:E7:BE:CA:A3:8E Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 749AD3DB34510817E98D64F286238B72A8DFB0A1 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3c60dda9-8882-487b-951b-14baa9359e8e.roa Signing time: Fri 22 Aug 2025 00:20:31 +0000 ROA not before: Fri 22 Aug 2025 00:20:31 +0000 ROA not after: Fri 26 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 125.253.160.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 24 Aug 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:9a:d3:db:34:51:08:17:e9:8d:64:f2:86:23:8b:72:a8:df:b0:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Aug 22 00:20:31 2025 GMT Not After : Sep 26 23:59:59 2025 GMT Subject: serialNumber=fa5e0d9b03dbc21c7182809e576aac5109a34d309522c7dece53cad9b0808444, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:29:e6:e6:bc:b2:a6:ea:15:2f:4c:ad:bf:1e: e8:e4:8d:e8:34:5c:fd:31:0a:2e:bb:04:b5:e8:6b: 05:85:3f:82:1d:6e:a8:34:58:f2:cc:fd:d9:9b:08: eb:7b:7f:32:2b:f3:af:5e:ac:6b:83:c5:3a:da:b8: 07:84:e0:cc:3c:cd:b9:af:fd:84:d1:a3:ae:8c:91: ac:5e:0d:c6:2e:cf:a0:1d:ba:62:79:d8:53:8f:59: 8f:24:c5:d9:14:f7:52:7e:25:77:8c:79:5c:0b:d3: 9e:a9:8b:7b:c6:ad:9b:83:1a:7f:b9:a3:27:3b:74: b2:91:e2:af:83:f6:19:95:c3:38:b4:11:76:3d:51: 38:4e:30:cb:e9:d1:a8:6a:11:b3:41:0f:27:8c:63: 61:7f:5f:ff:e1:3b:89:77:44:9d:43:54:02:26:1b: e9:57:b3:2d:7a:a3:83:39:91:73:fe:95:8a:70:11: 14:6e:f0:46:16:ac:2e:a8:f5:7b:de:a3:43:a1:32: 8a:d3:5c:d2:c5:f5:09:b9:05:58:79:80:05:06:cd: da:60:8d:68:77:80:f9:ff:80:18:dd:e4:ee:07:8c: bd:03:b2:e0:6f:ae:bf:d4:5b:34:c7:81:eb:b3:45: 57:13:24:3a:cf:e2:6d:df:5a:df:e3:b7:10:d0:61: 3a:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:77:47:A9:6E:31:4E:A3:DA:E1:FD:B3:63:3B:14:E7:BE:CA:A3:8E X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3c60dda9-8882-487b-951b-14baa9359e8e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 125.253.160.0/19 Signature Algorithm: sha256WithRSAEncryption 8c:b3:a2:09:09:9a:f0:e6:4e:fd:da:b4:77:87:b2:99:e7:5e: 00:84:88:8b:6f:c6:b9:47:e5:a0:f3:c5:75:d8:69:bf:c9:59: 5e:02:87:3f:10:52:20:99:21:92:35:f8:bc:07:23:a3:c2:f0: 98:53:19:88:c8:35:ce:14:5e:e6:ef:bb:64:da:ae:20:ed:f1: ad:eb:2b:75:51:a7:9e:14:6b:d3:9e:29:a6:d6:5b:3c:85:e9: 02:e5:22:4f:0e:b1:16:8a:24:43:c6:8f:a0:a2:31:ca:5b:aa: 68:04:1a:fc:53:69:df:bc:fb:67:f7:5d:68:27:00:ea:0a:dc: 07:c2:fc:4e:96:72:c0:ff:e0:8f:42:68:32:34:c0:80:dd:eb: 6a:4f:72:20:d6:bc:38:ae:5c:57:fd:a3:ec:30:11:ea:25:c8: 20:e1:35:29:f6:4d:99:c2:cf:a7:e3:02:27:8c:0d:79:5b:fa: 40:85:de:f2:6f:0e:66:79:2b:a2:59:5b:a1:68:ba:ab:fa:ca: 8c:2f:54:4b:bb:0e:b4:24:2f:7f:9b:a3:26:19:0a:3f:0e:47: 93:b0:ea:bc:d2:0a:b0:ee:b7:13:0b:13:d8:b8:9d:9d:d9:6e: 06:a5:0a:fb:97:1e:01:1d:16:83:5b:7a:5e:a3:0e:fc:ae:40: 8e:70:cd:2a -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUdJrT2zRRCBfpjWTyhiOLcqjfsKEwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODIyMDAyMDMxWhcNMjUwOTI2MjM1OTU5 WjB6MUkwRwYDVQQFE0BmYTVlMGQ5YjAzZGJjMjFjNzE4MjgwOWU1NzZhYWM1MTA5 YTM0ZDMwOTUyMmM3ZGVjZTUzY2FkOWIwODA4NDQ0MS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQC/KebmvLKm6hUvTK2/Hujkjeg0XP0xCi67BLXoawWFP4Id bqg0WPLM/dmbCOt7fzIr869erGuDxTrauAeE4Mw8zbmv/YTRo66MkaxeDcYuz6Ad umJ52FOPWY8kxdkU91J+JXeMeVwL056pi3vGrZuDGn+5oyc7dLKR4q+D9hmVwzi0 EXY9UThOMMvp0ahqEbNBDyeMY2F/X//hO4l3RJ1DVAImG+lXsy16o4M5kXP+lYpw ERRu8EYWrC6o9Xveo0OhMorTXNLF9Qm5BVh5gAUGzdpgjWh3gPn/gBjd5O4HjL0D suBvrr/UWzTHgeuzRVcTJDrP4m3fWt/jtxDQYTpLAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUaHdHqW4xTqPa4f2zYzsU577Ko44wHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzNjNjBkZGE5LTg4ODItNDg3Yi05NTFiLTE0YmFhOTM1OWU4ZS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAV9/aAwDQYJKoZIhvcNAQELBQADggEBAIyzogkJmvDmTv3atHeHspnnXgCE iItvxrlH5aDzxXXYab/JWV4Chz8QUiCZIZI1+LwHI6PC8JhTGYjINc4UXubvu2Ta riDt8a3rK3VRp54Ua9OeKabWWzyF6QLlIk8OsRaKJEPGj6CiMcpbqmgEGvxTad+8 +2f3XWgnAOoK3AfC/E6WcsD/4I9CaDI0wIDd62pPciDWvDiuXFf9o+wwEeolyCDh NSn2TZnCz6fjAieMDXlb+kCF3vJvDmZ5K6JZW6Fouqv6yowvVEu7DrQkL3+boyYZ Cj8OR5Ow6rzSCrDutxMLE9i4nZ3ZbgalCvuXHgEdFoNbel6jDvyuQI5wzSo= -----END CERTIFICATE-----Generated at Sat Aug 23 08:21:17 2025 by rpki-client