$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/2b654b1b-1b20-4e58-b50d-f23964f25963.roa File: 2b654b1b-1b20-4e58-b50d-f23964f25963.roa (raw, json) Hash identifier: yLffoFRcBOo6Gf/uKTi61Au7qCFrz+0UWBeluU/BB5Y= Subject key identifier: 20:7A:3A:81:A3:BB:17:4B:6F:59:90:AD:51:8B:06:FE:40:EA:41:07 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 58413BA371F9E2B76820645EE367C3BC71C5A015 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/2b654b1b-1b20-4e58-b50d-f23964f25963.roa Signing time: Mon 18 Aug 2025 18:22:27 +0000 ROA not before: Mon 18 Aug 2025 18:22:27 +0000 ROA not after: Mon 22 Sep 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2600:f0f0:6115::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 24 Aug 2025 13:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:41:3b:a3:71:f9:e2:b7:68:20:64:5e:e3:67:c3:bc:71:c5:a0:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Aug 18 18:22:27 2025 GMT Not After : Sep 22 23:59:59 2025 GMT Subject: serialNumber=4cc5b2448b8f7330d1793331b835d1c8142662c7117b53c8b849863911bc802a, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:f5:b7:b2:8a:79:71:64:f9:70:54:e5:cd:16: ba:b6:02:dd:e5:18:85:0c:89:bb:80:8c:4b:4f:17: 28:4d:1d:4e:07:cd:db:4d:f3:b7:41:00:eb:de:56: e5:37:89:d2:18:43:f1:22:bc:1e:a1:5a:be:0c:b8: 6d:8e:ab:22:a8:31:88:15:4d:6d:40:91:10:a5:51: b1:62:51:ee:7c:50:32:c8:35:09:d2:3b:3d:36:15: d1:da:dc:a3:97:22:c1:0b:2b:f0:48:0e:4b:43:7f: 9b:39:50:e3:5d:f1:ae:e1:1f:42:01:31:46:67:9a: e0:e1:47:9d:44:07:94:1c:3d:54:55:58:87:c4:5a: 54:00:11:ce:0f:9b:75:b0:10:b2:b8:52:a3:4b:f1: c1:5f:7f:2b:03:80:82:76:84:e7:32:eb:d1:e2:28: 83:13:10:4c:42:ff:bd:41:36:b3:5a:51:67:eb:42: d1:ed:b4:7a:3d:5b:59:a0:26:da:fe:43:d2:10:e5: c6:26:0c:e3:a0:77:a1:4f:92:02:99:5c:86:75:b1: 4e:17:bd:75:da:f9:04:30:57:ba:8c:87:86:ad:14: ea:93:fd:fa:4a:db:45:cf:73:06:e6:5f:2c:5f:93: de:36:d2:52:f6:5d:4d:16:ab:33:8b:87:e0:86:73: 88:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:7A:3A:81:A3:BB:17:4B:6F:59:90:AD:51:8B:06:FE:40:EA:41:07 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/2b654b1b-1b20-4e58-b50d-f23964f25963.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0f0:6115::/48 Signature Algorithm: sha256WithRSAEncryption 86:70:5c:31:b4:44:6d:73:53:d9:a9:47:03:1b:cb:58:46:9f: 90:ff:c3:ab:39:3a:8f:17:18:8e:e7:54:e2:3e:ec:fd:5b:24: c7:d6:de:52:84:81:6a:50:42:b5:c7:10:0e:4a:0e:65:77:4c: 94:87:ce:ae:b1:5b:f5:db:fa:41:4b:4f:8b:03:65:fd:e1:2b: 5a:4a:70:00:df:5e:b3:6c:ea:c7:0f:ab:bf:ef:34:83:76:5e: f7:4f:2a:1d:7b:48:0b:de:97:d2:3b:00:25:c7:32:86:2c:1b: e1:b3:54:5d:ee:42:00:77:4d:d2:41:84:0f:d6:0b:30:4d:b6: 92:fe:b2:49:a7:6f:8d:57:79:81:4e:32:f5:33:85:f4:27:5a: 91:09:9f:ae:53:3f:06:64:20:b8:38:f5:35:74:f4:db:c5:4e: 2b:77:d5:1a:a0:9d:13:8a:5f:37:0c:ee:7c:3a:43:da:18:96: 87:6a:84:44:b8:5c:3f:b6:a4:74:ec:08:33:67:bb:3b:d1:8a: f6:a0:72:30:81:e9:29:96:8f:74:dd:2d:c4:56:cb:e8:94:59: 6c:51:13:d2:fb:f8:e9:6c:ff:02:2d:47:13:c9:53:80:c0:09: 65:b3:2f:39:45:2b:64:a6:46:1b:79:0b:5f:af:e4:a8:11:eb: 75:cd:fe:4c -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUWEE7o3H54rdoIGRe42fDvHHFoBUwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwODE4MTgyMjI3WhcNMjUwOTIyMjM1OTU5 WjB6MUkwRwYDVQQFE0A0Y2M1YjI0NDhiOGY3MzMwZDE3OTMzMzFiODM1ZDFjODE0 MjY2MmM3MTE3YjUzYzhiODQ5ODYzOTExYmM4MDJhMS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDI9beyinlxZPlwVOXNFrq2At3lGIUMibuAjEtPFyhNHU4H zdtN87dBAOveVuU3idIYQ/EivB6hWr4MuG2OqyKoMYgVTW1AkRClUbFiUe58UDLI NQnSOz02FdHa3KOXIsELK/BIDktDf5s5UONd8a7hH0IBMUZnmuDhR51EB5QcPVRV WIfEWlQAEc4Pm3WwELK4UqNL8cFffysDgIJ2hOcy69HiKIMTEExC/71BNrNaUWfr QtHttHo9W1mgJtr+Q9IQ5cYmDOOgd6FPkgKZXIZ1sU4XvXXa+QQwV7qMh4atFOqT /fpK20XPcwbmXyxfk9420lL2XU0WqzOLh+CGc4iHAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUIHo6gaO7F0tvWZCtUYsG/kDqQQcwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2LzJiNjU0YjFiLTFiMjAtNGU1OC1iNTBkLWYyMzk2NGYyNTk2My5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwAmAPDwYRUwDQYJKoZIhvcNAQELBQADggEBAIZwXDG0RG1zU9mpRwMby1hG n5D/w6s5Oo8XGI7nVOI+7P1bJMfW3lKEgWpQQrXHEA5KDmV3TJSHzq6xW/Xb+kFL T4sDZf3hK1pKcADfXrNs6scPq7/vNIN2XvdPKh17SAvel9I7ACXHMoYsG+GzVF3u QgB3TdJBhA/WCzBNtpL+skmnb41XeYFOMvUzhfQnWpEJn65TPwZkILg49TV09NvF Tit31RqgnROKXzcM7nw6Q9oYlodqhES4XD+2pHTsCDNnuzvRivagcjCB6SmWj3Td LcRWy+iUWWxRE9L7+Ols/wItRxPJU4DACWWzLzlFK2SmRht5C1+v5KgR63XN/kw= -----END CERTIFICATE-----Generated at Sat Aug 23 06:56:51 2025 by rpki-client