$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/2c005aeb-f132-4bb2-a865-90077d8d5e49.roa File: 2c005aeb-f132-4bb2-a865-90077d8d5e49.roa (raw, json) Hash identifier: TZ32rs+uKLrmzDZLuexwuppSBX48qrPhvLyJoIkiZds= Subject key identifier: 8B:38:6D:C3:99:97:73:59:F2:6E:98:1E:43:DF:4E:E7:1C:88:2D:88 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 16D95A4E3BBA421A273583EE586E936ADB0D4A12 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/2c005aeb-f132-4bb2-a865-90077d8d5e49.roa Signing time: Wed 25 Jun 2025 00:50:09 +0000 ROA not before: Wed 25 Jun 2025 00:50:09 +0000 ROA not after: Wed 30 Jul 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2600:f0f0:10a::/47 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Wed 02 Jul 2025 22:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:d9:5a:4e:3b:ba:42:1a:27:35:83:ee:58:6e:93:6a:db:0d:4a:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Jun 25 00:50:09 2025 GMT Not After : Jul 30 23:59:59 2025 GMT Subject: serialNumber=994b771cd619a07812b0ac658760267bb9bfa604c24a45afe9dc945d375f11ba, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:a6:21:c1:09:91:1d:fa:6a:86:86:f3:19:22: 61:65:0f:13:c5:97:51:45:00:75:1d:ac:23:3f:6d: c0:d2:e7:6b:c6:46:6b:e7:5b:ec:c8:d3:5b:cc:a9: 82:be:a3:a2:ee:73:7d:0d:63:83:fb:f5:4d:b0:cc: 74:fc:ec:62:51:ed:fc:2c:26:04:a7:b8:d4:8d:27: cc:40:a6:6a:bc:1f:49:c9:c2:1f:2c:d7:51:6f:d2: e5:db:a4:84:e8:f9:eb:17:eb:d6:75:d4:1e:95:56: f0:0f:15:60:62:8d:98:c8:96:cc:0e:c6:f8:fc:3c: 80:7c:a1:76:7f:b4:30:ff:a8:12:e6:d4:3d:30:cf: 46:ca:0c:e7:60:2c:7d:c5:7d:c7:1d:8f:3c:e4:6d: 82:33:3c:a5:cd:b2:9f:bf:cc:f7:40:c4:65:3a:f5: a6:f3:62:45:58:79:0f:bd:fc:52:7c:08:63:f7:5d: 3e:a3:fd:5e:8f:c0:79:b6:7d:c7:a6:8e:c2:49:43: b6:0c:25:2d:fb:1c:fa:f8:2c:d3:af:eb:8d:17:97: 7f:94:ad:38:df:c2:4e:12:ce:3d:fd:ce:fc:50:4e: db:4f:8a:f8:16:3f:8c:64:66:aa:64:e9:a2:68:e6: 33:ba:6c:a4:a7:d0:0f:28:04:c7:87:4d:4e:5b:d7: 9e:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:38:6D:C3:99:97:73:59:F2:6E:98:1E:43:DF:4E:E7:1C:88:2D:88 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/2c005aeb-f132-4bb2-a865-90077d8d5e49.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0f0:10a::/47 Signature Algorithm: sha256WithRSAEncryption 0c:ae:92:71:8d:3a:0a:23:63:88:2b:cd:8b:6b:18:9e:b5:fe: 82:c0:c2:a1:e1:ee:6e:05:db:0d:5c:3d:82:36:62:a3:cb:57: a2:00:14:1f:02:2c:5d:91:ed:58:0d:30:4c:d6:56:1d:88:8b: 2a:f8:f7:2c:b7:ae:c9:71:2a:52:46:ed:f7:d4:e8:d4:c2:94: 99:1c:1e:38:95:29:f8:e6:15:f7:b9:d9:b2:78:fd:d3:a1:eb: b1:24:d1:ce:05:7c:15:24:22:14:d0:54:04:18:21:2c:20:ad: 5d:bd:32:32:26:55:de:3c:4c:51:af:91:00:81:11:78:6c:70: 8a:aa:17:d1:e0:35:8c:3a:04:a9:af:6b:7a:13:c2:40:f0:35: 3f:32:42:3b:7d:fb:72:92:86:58:ba:6a:42:ad:ec:c0:4a:6b: dc:1a:e5:eb:69:c8:90:54:3b:32:f4:75:c5:68:9a:7e:fb:08: 57:8c:50:61:29:ab:94:05:48:33:94:26:d4:3f:da:ab:4e:38: 62:31:1f:1b:57:c9:de:28:13:b8:fe:21:87:00:08:cd:63:20: fd:8d:00:b7:71:56:23:a0:2d:33:f2:e0:cf:7e:5e:fa:4d:0a: 0a:39:a7:f5:5c:92:15:78:d7:c5:7f:32:9d:1c:6c:bf:41:d0: e7:cd:65:dc -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUFtlaTju6QhonNYPuWG6TatsNShIwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNjI1MDA1MDA5WhcNMjUwNzMwMjM1OTU5 WjB6MUkwRwYDVQQFE0A5OTRiNzcxY2Q2MTlhMDc4MTJiMGFjNjU4NzYwMjY3YmI5 YmZhNjA0YzI0YTQ1YWZlOWRjOTQ1ZDM3NWYxMWJhMS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCapiHBCZEd+mqGhvMZImFlDxPFl1FFAHUdrCM/bcDS52vG RmvnW+zI01vMqYK+o6Luc30NY4P79U2wzHT87GJR7fwsJgSnuNSNJ8xApmq8H0nJ wh8s11Fv0uXbpITo+esX69Z11B6VVvAPFWBijZjIlswOxvj8PIB8oXZ/tDD/qBLm 1D0wz0bKDOdgLH3FfccdjzzkbYIzPKXNsp+/zPdAxGU69abzYkVYeQ+9/FJ8CGP3 XT6j/V6PwHm2fcemjsJJQ7YMJS37HPr4LNOv640Xl3+UrTjfwk4Szj39zvxQTttP ivgWP4xkZqpk6aJo5jO6bKSn0A8oBMeHTU5b154tAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUizhtw5mXc1nybpgeQ99O5xyILYgwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2LzJjMDA1YWViLWYxMzItNGJiMi1hODY1LTkwMDc3ZDhkNWU0OS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwEmAPDwAQowDQYJKoZIhvcNAQELBQADggEBAAyuknGNOgojY4grzYtrGJ61 /oLAwqHh7m4F2w1cPYI2YqPLV6IAFB8CLF2R7VgNMEzWVh2Iiyr49yy3rslxKlJG 7ffU6NTClJkcHjiVKfjmFfe52bJ4/dOh67Ek0c4FfBUkIhTQVAQYISwgrV29MjIm Vd48TFGvkQCBEXhscIqqF9HgNYw6BKmva3oTwkDwNT8yQjt9+3KShli6akKt7MBK a9wa5etpyJBUOzL0dcVomn77CFeMUGEpq5QFSDOUJtQ/2qtOOGIxHxtXyd4oE7j+ IYcACM1jIP2NALdxViOgLTPy4M9+XvpNCgo5p/VckhV418V/Mp0cbL9B0OfNZdw= -----END CERTIFICATE-----Generated at Tue Jul 1 00:47:19 2025 by rpki-client