$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/43de5aff-1abc-4ba4-ac76-194395f6be8f.roa File: 43de5aff-1abc-4ba4-ac76-194395f6be8f.roa (raw, json) Hash identifier: g/2ef0VPYcQqI78y4gO95SAuOBAcGUKlikhxi+ITvLU= Subject key identifier: 62:49:C9:4A:59:02:F2:23:88:71:B4:95:55:A5:47:11:34:F3:5E:25 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 09E02D3FDFEAF4E193D66CC3D6938B3D18577CFC Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/43de5aff-1abc-4ba4-ac76-194395f6be8f.roa Signing time: Fri 17 Oct 2025 20:10:18 +0000 ROA not before: Fri 17 Oct 2025 20:10:18 +0000 ROA not after: Fri 21 Nov 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2600:f0f1:8b00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Tue 21 Oct 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:e0:2d:3f:df:ea:f4:e1:93:d6:6c:c3:d6:93:8b:3d:18:57:7c:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Oct 17 20:10:18 2025 GMT Not After : Nov 21 23:59:59 2025 GMT Subject: serialNumber=58933bf2da105c3bf192881b1f9f3b2b68627483caafcf119a953ea354a935f6, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:7a:97:75:20:fd:24:12:23:d2:a1:07:95:4c: 8c:10:1e:c2:01:d9:2f:0c:88:77:b1:c2:80:32:e7: 1e:77:35:a9:de:80:87:0f:c4:57:34:ab:45:37:7f: 23:41:e5:4a:77:71:8a:eb:12:68:20:6d:f4:c6:ae: 0e:9a:5f:5b:92:db:87:ec:4e:1a:f7:70:42:93:e9: d3:0d:a7:11:fd:d2:0f:6c:7c:84:d8:11:b4:d0:47: 02:67:db:3a:f9:c9:89:2c:ee:de:8b:d3:9b:2e:cb: 36:f9:43:4d:a2:58:43:98:94:40:26:30:28:74:7a: 4c:c8:a1:90:84:aa:d3:33:88:4b:9c:83:0c:15:6b: 44:41:1f:33:12:da:d5:7b:74:74:38:a0:da:f1:a0: 47:7b:41:40:75:12:75:ab:eb:ed:71:c5:1a:b3:f5: df:d7:13:49:8b:18:d0:54:c7:57:87:78:cd:5c:b7: 91:0f:d5:88:53:23:8b:f8:55:9b:50:b5:01:11:0d: 37:48:d8:aa:3c:cb:95:87:75:5f:3f:10:5b:96:1a: 5c:22:b8:69:85:f1:fb:ed:ff:a1:01:c7:9e:f8:e3: 19:2e:fd:3f:91:4b:7a:85:ea:59:e9:ae:c9:23:21: 10:92:1f:eb:6d:9e:2e:cd:24:08:9a:1d:d5:53:89: 1b:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:49:C9:4A:59:02:F2:23:88:71:B4:95:55:A5:47:11:34:F3:5E:25 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/43de5aff-1abc-4ba4-ac76-194395f6be8f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0f1:8b00::/48 Signature Algorithm: sha256WithRSAEncryption a3:30:e9:38:d6:37:84:08:75:d2:63:45:4e:56:05:7c:be:ab: 19:25:73:d2:01:5b:7e:e1:35:a4:6f:d3:21:bb:03:a9:2d:7d: 2f:82:d6:7e:ef:e4:b5:4b:cf:25:30:8e:4b:71:9c:3f:e4:20: 06:56:33:0d:14:a1:65:f7:83:27:1b:9f:a3:68:07:f2:f8:b0: e0:e9:22:60:d9:0f:d4:cb:b1:90:6b:5b:54:f2:af:1c:ae:5e: 52:c2:8d:11:d6:5f:52:46:11:04:cb:71:dc:5e:22:a7:c9:55: 42:04:18:d1:d8:3b:ba:ae:a2:57:b0:cb:fd:a0:9c:99:cc:e4: c5:42:3b:b2:cb:fb:88:0a:e1:d1:ce:55:a2:62:23:ff:ff:22: 04:ad:cc:5a:3b:7b:3c:88:a7:46:00:23:2c:a6:00:77:4d:21: 61:3f:7d:d6:a3:4b:90:03:6f:8a:f7:b2:2f:39:d0:6d:00:e8: f2:b8:c9:69:7f:47:2d:1c:ac:77:2d:47:6f:dc:20:78:c5:61: df:02:da:20:43:42:e8:94:15:cd:f1:c4:9c:cd:cd:d7:47:9a: 9a:13:96:06:85:3f:71:3e:a3:bd:c5:a9:70:b9:66:2a:9c:26: 45:9e:9c:81:5a:13:70:25:58:59:10:79:0a:e7:42:ec:36:6b: 86:f6:d4:c1 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUCeAtP9/q9OGT1mzD1pOLPRhXfPwwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDE3MjAxMDE4WhcNMjUxMTIxMjM1OTU5 WjB6MUkwRwYDVQQFE0A1ODkzM2JmMmRhMTA1YzNiZjE5Mjg4MWIxZjlmM2IyYjY4 NjI3NDgzY2FhZmNmMTE5YTk1M2VhMzU0YTkzNWY2MS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDoepd1IP0kEiPSoQeVTIwQHsIB2S8MiHexwoAy5x53Nane gIcPxFc0q0U3fyNB5Up3cYrrEmggbfTGrg6aX1uS24fsThr3cEKT6dMNpxH90g9s fITYEbTQRwJn2zr5yYks7t6L05suyzb5Q02iWEOYlEAmMCh0ekzIoZCEqtMziEuc gwwVa0RBHzMS2tV7dHQ4oNrxoEd7QUB1EnWr6+1xxRqz9d/XE0mLGNBUx1eHeM1c t5EP1YhTI4v4VZtQtQERDTdI2Ko8y5WHdV8/EFuWGlwiuGmF8fvt/6EBx5744xku /T+RS3qF6lnprskjIRCSH+ttni7NJAiaHdVTiRvPAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUYknJSlkC8iOIcbSVVaVHETTzXiUwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2LzQzZGU1YWZmLTFhYmMtNGJhNC1hYzc2LTE5NDM5NWY2YmU4Zi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwAmAPDxiwAwDQYJKoZIhvcNAQELBQADggEBAKMw6TjWN4QIddJjRU5WBXy+ qxklc9IBW37hNaRv0yG7A6ktfS+C1n7v5LVLzyUwjktxnD/kIAZWMw0UoWX3gycb n6NoB/L4sODpImDZD9TLsZBrW1TyrxyuXlLCjRHWX1JGEQTLcdxeIqfJVUIEGNHY O7quolewy/2gnJnM5MVCO7LL+4gK4dHOVaJiI///IgStzFo7ezyIp0YAIyymAHdN IWE/fdajS5ADb4r3si850G0A6PK4yWl/Ry0crHctR2/cIHjFYd8C2iBDQuiUFc3x xJzNzddHmpoTlgaFP3E+o73FqXC5ZiqcJkWenIFaE3AlWFkQeQrnQuw2a4b21ME= -----END CERTIFICATE-----Generated at Mon Oct 20 15:30:53 2025 by rpki-client