$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/8a0cac28-29b8-4996-b010-5eab278cc342.roa File: 8a0cac28-29b8-4996-b010-5eab278cc342.roa (raw, json) Hash identifier: bffOYUPP+I3Z4d4rrr+AaX8manKt40dAPnAvKgD4mWU= Subject key identifier: 22:CC:C0:5C:D6:90:34:68:86:9C:D5:22:57:82:12:5A:C7:EB:38:B2 Certificate issuer: /CN=c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173 Certificate serial: 0A68D3AC997B047B70A3D438D95A3255914D9DF1 Authority key identifier: CC:10:61:27:3F:FF:76:3F:76:D2:DE:E2:85:83:E8:BA:3B:05:C4:30 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/8a0cac28-29b8-4996-b010-5eab278cc342.roa Signing time: Sat 18 Oct 2025 00:10:05 +0000 ROA not before: Sat 18 Oct 2025 00:10:05 +0000 ROA not after: Sat 22 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 198.41.100.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Tue 21 Oct 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:68:d3:ac:99:7b:04:7b:70:a3:d4:38:d9:5a:32:55:91:4d:9d:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173 Validity Not Before: Oct 18 00:10:05 2025 GMT Not After : Nov 22 23:59:59 2025 GMT Subject: serialNumber=56030867960d6d274f3bb00d5c731b5c36ebf81f0a2ee391f7de9ee7f4d1c100, CN=88af7b95-2ef7-49fc-a37d-1b8f0547180d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:72:4f:52:a1:1c:1f:40:8c:4d:59:98:4c:8f: 34:ee:45:9c:c6:5f:28:f0:dc:7e:aa:ec:fb:f6:5b: b2:d6:69:cc:1e:57:a9:45:e6:01:17:ac:b5:f5:eb: f4:ed:6c:4e:70:63:47:a9:89:5f:89:a8:99:2c:14: 06:fc:f7:a4:7e:68:26:01:d6:e6:9a:51:a2:a2:44: 83:cf:b3:7b:81:6b:33:19:cc:4d:a7:a9:7f:d6:1b: 28:0e:4f:e2:0f:cc:52:09:af:f6:ab:f3:5f:c3:8e: 2c:3d:1f:25:83:18:57:40:da:0b:62:70:5a:df:b6: 8d:57:18:29:db:07:3b:2a:b4:8f:8f:43:9f:a8:e5: 8a:71:84:d8:00:6a:59:8e:61:11:f1:bd:93:6c:10: 08:c3:e2:59:d6:02:a7:9b:02:f8:2c:d8:80:3b:b5: cb:d5:35:89:8b:c5:8a:ac:39:a0:17:11:6a:33:d5: 66:19:94:b2:65:07:b7:d4:9e:99:c6:81:b3:1c:79: ad:b6:1f:5d:84:19:40:3b:93:8c:a0:25:1b:82:f8: 0a:ee:04:2f:ef:be:3b:4d:6c:20:20:b3:76:4d:d6: 8d:18:7e:aa:40:59:07:1f:75:d7:3e:20:12:80:14: e5:fe:9d:5b:7b:68:12:9c:2f:e2:5b:a8:9e:b0:26: 17:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:CC:C0:5C:D6:90:34:68:86:9C:D5:22:57:82:12:5A:C7:EB:38:B2 X509v3 Authority Key Identifier: keyid:CC:10:61:27:3F:FF:76:3F:76:D2:DE:E2:85:83:E8:BA:3B:05:C4:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/e5dea660-bf59-4b4c-b9ad-4a6787e03fce/c319424e039f86d6ad9fc4e7223df841d20ae6d0ff12428173.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/8a0cac28-29b8-4996-b010-5eab278cc342.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/2df51cd2-e6af-493a-a88a-3221d01f7d90/n4bWrZ_E5yI9-EHSCubQ_xJCgXM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 198.41.100.0/24 Signature Algorithm: sha256WithRSAEncryption 3a:1a:a5:7e:e6:df:75:8a:f5:df:b0:41:ad:78:1c:9a:79:28: b7:74:90:6e:4e:52:c7:1d:0b:30:83:f6:cd:db:f2:b6:35:2b: 1a:ed:c0:16:cd:90:6e:25:a5:39:33:de:ac:bb:5d:18:45:b6: 36:89:f0:15:84:bb:a6:30:ea:0b:03:52:3f:b9:e5:f6:bf:96: 70:86:26:58:60:70:c6:67:50:5e:98:18:41:31:28:19:f1:50: 1c:d7:72:46:c3:bb:02:05:3f:36:66:b3:59:62:a9:7d:ec:1f: ec:c6:79:33:9a:f3:fa:db:6b:98:89:c1:70:9a:0d:f7:5b:b4: 7e:f1:f4:c0:19:34:2d:06:1a:20:de:83:69:01:31:b2:25:d7: 52:56:40:60:57:3c:e7:b6:48:13:61:c8:57:4c:e0:87:ab:bf: d2:81:cf:c5:d7:10:8a:b0:6b:3a:7d:9c:0d:7e:72:63:d0:57: 3d:13:2c:c8:93:97:b0:b7:97:f8:a9:b5:3e:cf:34:52:88:0a: b2:5b:0c:bf:fd:e4:4a:8b:a6:c8:97:bc:a8:67:36:86:f4:66: 55:a4:64:12:4c:3a:99:b7:90:ae:ee:66:ff:0a:9a:a7:68:04: b6:bb:ae:d8:e2:25:29:f7:76:06:1e:c3:b2:54:65:6e:4e:5a: df:30:71:be -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUCmjTrJl7BHtwo9Q42VoyVZFNnfEwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYzMxOTQyNGUwMzlmODZkNmFkOWZjNGU3MjIzZGY4NDFk MjBhZTZkMGZmMTI0MjgxNzMwHhcNMjUxMDE4MDAxMDA1WhcNMjUxMTIyMjM1OTU5 WjB6MUkwRwYDVQQFE0A1NjAzMDg2Nzk2MGQ2ZDI3NGYzYmIwMGQ1YzczMWI1YzM2 ZWJmODFmMGEyZWUzOTFmN2RlOWVlN2Y0ZDFjMTAwMS0wKwYDVQQDEyQ4OGFmN2I5 NS0yZWY3LTQ5ZmMtYTM3ZC0xYjhmMDU0NzE4MGQwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDOck9SoRwfQIxNWZhMjzTuRZzGXyjw3H6q7Pv2W7LWacwe V6lF5gEXrLX16/TtbE5wY0epiV+JqJksFAb896R+aCYB1uaaUaKiRIPPs3uBazMZ zE2nqX/WGygOT+IPzFIJr/ar81/Djiw9HyWDGFdA2gticFrfto1XGCnbBzsqtI+P Q5+o5YpxhNgAalmOYRHxvZNsEAjD4lnWAqebAvgs2IA7tcvVNYmLxYqsOaAXEWoz 1WYZlLJlB7fUnpnGgbMcea22H12EGUA7k4ygJRuC+AruBC/vvjtNbCAgs3ZN1o0Y fqpAWQcfddc+IBKAFOX+nVt7aBKcL+JbqJ6wJhfJAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUIszAXNaQNGiGnNUiV4ISWsfrOLIwHwYDVR0jBBgwFoAUzBBhJz//dj92 0t7ihYPoujsFxDAwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz L2Q2YjVhZDI4LTFjYmMtNDdhYi05MDRlLTQ1MzYxYTU0ODdjMy9lNWRlYTY2MC1i ZjU5LTRiNGMtYjlhZC00YTY3ODdlMDNmY2UvYzMxOTQyNGUwMzlmODZkNmFkOWZj NGU3MjIzZGY4NDFkMjBhZTZkMGZmMTI0MjgxNzMuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMmRmNTFjZDItZTZhZi00OTNhLWE4OGEtMzIy MWQwMWY3ZDkwLzhhMGNhYzI4LTI5YjgtNDk5Ni1iMDEwLTVlYWIyNzhjYzM0Mi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzJkZjUxY2QyLWU2YWYtNDkzYS1hODhh LTMyMjFkMDFmN2Q5MC9uNGJXclpfRTV5STktRUhTQ3ViUV94SkNnWE0uY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBADGKWQwDQYJKoZIhvcNAQELBQADggEBADoapX7m33WK9d+wQa14HJp5KLd0 kG5OUscdCzCD9s3b8rY1KxrtwBbNkG4lpTkz3qy7XRhFtjaJ8BWEu6Yw6gsDUj+5 5fa/lnCGJlhgcMZnUF6YGEExKBnxUBzXckbDuwIFPzZms1liqX3sH+zGeTOa8/rb a5iJwXCaDfdbtH7x9MAZNC0GGiDeg2kBMbIl11JWQGBXPOe2SBNhyFdM4Ierv9KB z8XXEIqwazp9nA1+cmPQVz0TLMiTl7C3l/iptT7PNFKICrJbDL/95EqLpsiXvKhn Nob0ZlWkZBJMOpm3kK7uZv8KmqdoBLa7rtjiJSn3dgYew7JUZW5OWt8wcb4= -----END CERTIFICATE-----Generated at Mon Oct 20 10:31:50 2025 by rpki-client