$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3fa4f6da-6073-4400-a522-35f62e2343ee.roa File: 3fa4f6da-6073-4400-a522-35f62e2343ee.roa (raw, json) Hash identifier: EKgT/6l3DwfFszldc+yHfYZRr10ZPpmdJLQJWtK8Qvs= Subject key identifier: 04:23:C8:1A:68:61:D8:AF:84:63:15:FF:1A:FD:22:7B:4E:0F:2C:F4 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 186C21242B4B348A7AE5DF80EC359F9461E45054 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3fa4f6da-6073-4400-a522-35f62e2343ee.roa Signing time: Tue 24 Jun 2025 00:41:08 +0000 ROA not before: Tue 24 Jun 2025 00:41:08 +0000 ROA not after: Tue 29 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 71.16.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 03 Jul 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:6c:21:24:2b:4b:34:8a:7a:e5:df:80:ec:35:9f:94:61:e4:50:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Jun 24 00:41:08 2025 GMT Not After : Jul 29 23:59:59 2025 GMT Subject: serialNumber=816976b10038c49c6219da78338f2bd8c7a2aee28f4e75c71eba076b23a609e9, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:92:51:35:e6:4c:7e:e2:52:fe:89:ba:13:7a: 3f:a6:78:87:6c:5d:e3:4e:ea:7e:92:56:dc:da:a7: 81:de:c4:76:b9:07:87:6a:59:b0:82:50:0e:6b:32: 76:ef:73:6e:e4:f8:43:89:12:f4:40:b5:4c:4c:d1: 5b:60:65:a0:bd:d3:37:06:a3:4f:fa:45:dd:43:6d: bc:6c:62:88:bc:9b:4e:84:9b:66:8d:3f:a9:11:dd: e0:93:80:9e:f2:ff:4f:75:e1:a9:a0:c7:83:c3:74: f6:23:fa:ed:c8:11:26:7c:ac:d4:55:9c:d4:b2:db: bb:0e:9f:07:e5:48:78:20:5b:ba:34:f2:35:99:17: 17:59:be:9b:7f:e3:d4:df:e5:06:7e:f7:bd:ba:02: f2:cc:99:cb:87:05:a4:a2:cf:36:bb:ac:d5:62:f0: 80:36:b3:a0:69:e0:69:dd:be:24:96:05:53:2a:1b: a7:24:3e:8a:3d:45:ce:3f:3c:14:db:b3:7e:1c:b5: f6:6a:ed:ad:c7:9b:13:75:a1:d8:c1:e0:3e:81:2c: fb:91:63:e2:bc:ca:22:79:1b:62:f0:0c:13:1f:0d: 87:58:ad:5c:59:3b:d4:f5:bc:b8:09:4e:86:8b:0b: d1:a2:ac:0e:f7:e3:62:24:eb:d4:91:50:25:25:85: 96:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:23:C8:1A:68:61:D8:AF:84:63:15:FF:1A:FD:22:7B:4E:0F:2C:F4 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3fa4f6da-6073-4400-a522-35f62e2343ee.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 71.16.0.0/16 Signature Algorithm: sha256WithRSAEncryption 80:3a:2c:d3:3b:7d:65:35:4e:50:c3:be:fe:cf:7e:a4:79:f7: 64:39:ac:b7:2d:07:d6:13:34:82:84:e9:4e:a7:bd:a4:3d:dc: 95:f9:2a:b2:03:99:3b:8d:26:f4:eb:6c:40:82:6d:36:bc:50: 26:21:14:ef:0e:5d:e3:93:88:81:13:ba:7a:43:0f:06:4e:67: 55:72:f1:06:e6:62:74:e5:96:e2:8b:7d:05:32:a2:94:fa:61: 8b:32:84:fe:fb:af:4c:56:58:47:58:cc:e3:1e:15:d2:31:ae: 5a:7c:98:6c:62:fc:df:25:d8:c4:d3:91:7b:3e:77:3a:ea:60: 7a:27:fc:da:66:07:36:87:17:e8:e8:cd:17:8f:00:06:f6:22: f9:cb:17:63:de:51:fb:da:15:cc:af:42:9f:34:f3:7f:ec:91: 6e:82:d2:1f:1e:bb:76:60:ac:df:89:24:1f:20:6b:a0:e2:db: 38:7e:79:ad:dc:89:ab:e7:79:4a:86:2e:2e:bc:42:d4:cf:39: d0:92:d4:fb:25:5a:37:d0:4f:b8:02:41:64:39:64:56:b4:bd: 46:21:d7:81:b6:e7:78:78:11:e1:69:e8:91:50:b0:56:97:f3: ed:cf:f5:3f:2b:26:ec:90:c6:ae:8f:2a:1a:d7:ec:f5:f0:3f: 3b:01:00:f9 -----BEGIN CERTIFICATE----- MIIF9zCCBN+gAwIBAgIUGGwhJCtLNIp65d+A7DWflGHkUFQwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNjI0MDA0MTA4WhcNMjUwNzI5MjM1OTU5 WjB6MUkwRwYDVQQFE0A4MTY5NzZiMTAwMzhjNDljNjIxOWRhNzgzMzhmMmJkOGM3 YTJhZWUyOGY0ZTc1YzcxZWJhMDc2YjIzYTYwOWU5MS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDDklE15kx+4lL+iboTej+meIdsXeNO6n6SVtzap4HexHa5 B4dqWbCCUA5rMnbvc27k+EOJEvRAtUxM0VtgZaC90zcGo0/6Rd1DbbxsYoi8m06E m2aNP6kR3eCTgJ7y/0914amgx4PDdPYj+u3IESZ8rNRVnNSy27sOnwflSHggW7o0 8jWZFxdZvpt/49Tf5QZ+9726AvLMmcuHBaSizza7rNVi8IA2s6Bp4GndviSWBVMq G6ckPoo9Rc4/PBTbs34ctfZq7a3HmxN1odjB4D6BLPuRY+K8yiJ5G2LwDBMfDYdY rVxZO9T1vLgJToaLC9GirA7342Ik69SRUCUlhZafAgMBAAGjggKwMIICrDAdBgNV HQ4EFgQUBCPIGmhh2K+EYxX/Gv0ie04PLPQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzNmYTRmNmRhLTYwNzMtNDQwMC1hNTIyLTM1ZjYyZTIzNDNlZS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB MAUDAwBHEDANBgkqhkiG9w0BAQsFAAOCAQEAgDos0zt9ZTVOUMO+/s9+pHn3ZDms ty0H1hM0goTpTqe9pD3clfkqsgOZO40m9OtsQIJtNrxQJiEU7w5d45OIgRO6ekMP Bk5nVXLxBuZidOWW4ot9BTKilPphizKE/vuvTFZYR1jM4x4V0jGuWnyYbGL83yXY xNORez53Oupgeif82mYHNocX6OjNF48ABvYi+csXY95R+9oVzK9CnzTzf+yRboLS Hx67dmCs34kkHyBroOLbOH55rdyJq+d5SoYuLrxC1M850JLU+yVaN9BPuAJBZDlk VrS9RiHXgbbneHgR4WnokVCwVpfz7c/1Pysm7JDGro8qGtfs9fA/OwEA+Q== -----END CERTIFICATE-----Generated at Wed Jul 2 06:06:55 2025 by rpki-client