$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/436af8e8-480b-485b-a232-f1503410322c.roa File: 436af8e8-480b-485b-a232-f1503410322c.roa (raw, json) Hash identifier: OmPws3TmVBmOgfKvf+KYGROoyNXiLU+uXfNmSJZltdc= Subject key identifier: 4A:B0:16:2F:99:F2:D3:94:30:5D:EA:A6:15:2D:FC:DA:74:BC:F6:A8 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 0B8232DF31D35A09CC27A0962725698E561F8583 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/436af8e8-480b-485b-a232-f1503410322c.roa Signing time: Sat 02 Aug 2025 00:10:16 +0000 ROA not before: Sat 02 Aug 2025 00:10:16 +0000 ROA not after: Sat 06 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 107.20.128.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 24 Aug 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:82:32:df:31:d3:5a:09:cc:27:a0:96:27:25:69:8e:56:1f:85:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Aug 2 00:10:16 2025 GMT Not After : Sep 6 23:59:59 2025 GMT Subject: serialNumber=32c8480072ff28ccb3bf92052d9c4e5b16add3068233154a39318392c960656c, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:b1:9a:04:21:e8:eb:87:87:9a:dd:b9:d3:0b: 8e:05:1e:07:e3:c3:2b:04:c3:2b:88:3c:32:55:b1: 77:78:96:67:d3:66:f7:48:14:91:94:16:58:42:20: 2e:74:43:65:43:be:65:6e:48:cb:68:9d:4a:dc:ef: 80:72:98:7b:15:07:cc:f0:1c:67:ed:bb:21:0e:f1: 36:f3:fa:a3:08:94:6e:e7:20:b3:f2:a9:ab:d3:aa: 7e:05:5c:00:cf:df:2f:aa:96:87:ad:b0:62:be:18: 70:96:4d:41:f9:93:65:8f:e5:cf:cc:4d:e3:72:6f: 56:eb:fb:20:22:b9:46:e6:b8:c7:ad:5f:d7:2e:a6: fd:1c:78:21:5f:0f:98:f0:4d:f8:78:2c:6b:ba:5d: 05:8b:53:b7:7a:17:b7:e0:95:a4:7a:af:c2:4a:1d: bd:e7:19:0c:0d:c1:5d:bd:02:5f:0d:49:36:5a:44: 92:58:b7:99:97:66:80:36:aa:3a:bd:67:f6:d9:fe: 24:ee:cf:ea:f5:2b:b2:42:a3:18:e5:11:3d:e3:95: 47:f0:7c:51:e3:d4:33:ab:6b:e1:69:05:a4:b3:54: d2:a5:60:50:d1:f8:31:79:d3:f0:a9:8a:3e:c6:70: e2:5c:5a:2d:86:b5:ee:29:06:25:4e:55:7e:0b:00: 39:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:B0:16:2F:99:F2:D3:94:30:5D:EA:A6:15:2D:FC:DA:74:BC:F6:A8 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/436af8e8-480b-485b-a232-f1503410322c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 107.20.128.0/22 Signature Algorithm: sha256WithRSAEncryption 8e:d9:c0:db:2b:06:32:ad:1e:46:58:06:c0:7b:54:51:b8:22: d9:8f:31:a4:ee:9b:1e:59:c1:8b:e3:c8:b1:ce:dd:0f:7e:48: 31:95:e7:82:26:0b:f1:31:f8:df:10:84:3e:62:c5:2b:2c:35: 67:40:f8:cf:7e:c4:84:a5:45:2c:1a:36:ce:27:94:3a:0f:d6: 71:11:c4:25:a9:31:f6:10:c1:07:b2:9e:ba:95:05:90:81:55: 32:7a:83:ee:a7:fa:f3:3d:85:40:37:da:0c:90:b8:2b:0f:0d: d3:77:76:8a:91:9e:10:dc:76:94:fb:55:d6:76:fa:8f:6a:e1: d6:99:f5:e9:29:e4:9e:b8:aa:ce:2c:02:31:0b:0a:a3:0e:4c: 8e:df:24:b3:7f:7b:33:4b:2b:98:4f:26:76:4c:c9:ab:4d:e5: f6:1f:a5:b1:f0:1b:f9:29:cb:e6:10:84:b9:86:c6:5d:78:df: 10:5c:a3:df:09:7d:e5:f3:0b:38:bc:68:9a:b9:af:6d:d0:3f: 05:9c:0a:60:74:cd:0d:c0:f5:ec:3d:a8:6d:b8:58:a6:86:52: c1:ad:13:33:6d:73:72:f0:b9:d2:f3:e7:51:21:b1:8e:9a:2e: e1:3f:2b:89:f2:1c:a3:5d:62:f0:39:4d:ed:a6:57:ed:ed:c8: 39:86:be:11 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUC4Iy3zHTWgnMJ6CWJyVpjlYfhYMwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODAyMDAxMDE2WhcNMjUwOTA2MjM1OTU5 WjB6MUkwRwYDVQQFE0AzMmM4NDgwMDcyZmYyOGNjYjNiZjkyMDUyZDljNGU1YjE2 YWRkMzA2ODIzMzE1NGEzOTMxODM5MmM5NjA2NTZjMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCksZoEIejrh4ea3bnTC44FHgfjwysEwyuIPDJVsXd4lmfT ZvdIFJGUFlhCIC50Q2VDvmVuSMtonUrc74BymHsVB8zwHGftuyEO8Tbz+qMIlG7n ILPyqavTqn4FXADP3y+qloetsGK+GHCWTUH5k2WP5c/MTeNyb1br+yAiuUbmuMet X9cupv0ceCFfD5jwTfh4LGu6XQWLU7d6F7fglaR6r8JKHb3nGQwNwV29Al8NSTZa RJJYt5mXZoA2qjq9Z/bZ/iTuz+r1K7JCoxjlET3jlUfwfFHj1DOra+FpBaSzVNKl YFDR+DF50/Cpij7GcOJcWi2Gte4pBiVOVX4LADkLAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUSrAWL5ny05QwXeqmFS382nS89qgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzQzNmFmOGU4LTQ4MGItNDg1Yi1hMjMyLWYxNTAzNDEwMzIyYy5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAJrFIAwDQYJKoZIhvcNAQELBQADggEBAI7ZwNsrBjKtHkZYBsB7VFG4ItmP MaTumx5ZwYvjyLHO3Q9+SDGV54ImC/Ex+N8QhD5ixSssNWdA+M9+xISlRSwaNs4n lDoP1nERxCWpMfYQwQeynrqVBZCBVTJ6g+6n+vM9hUA32gyQuCsPDdN3doqRnhDc dpT7VdZ2+o9q4daZ9ekp5J64qs4sAjELCqMOTI7fJLN/ezNLK5hPJnZMyatN5fYf pbHwG/kpy+YQhLmGxl143xBco98JfeXzCzi8aJq5r23QPwWcCmB0zQ3A9ew9qG24 WKaGUsGtEzNtc3LwudLz51EhsY6aLuE/K4nyHKNdYvA5Te2mV+3tyDmGvhE= -----END CERTIFICATE-----Generated at Sat Aug 23 08:28:29 2025 by rpki-client