$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/720f42c5-101d-41af-abc8-bd64d6f08fe0.roa File: 720f42c5-101d-41af-abc8-bd64d6f08fe0.roa (raw, json) Hash identifier: IksoHTY0xlov2oDYGggxiePRDxMDh2vBJtDv42J3S3Y= Subject key identifier: C1:57:3D:59:18:6D:39:65:A5:B7:36:C1:06:45:61:D0:FA:E6:C0:3C Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 4C9E92DD629E65A19D39DC60FE72AA6A2CD3EE5F Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/720f42c5-101d-41af-abc8-bd64d6f08fe0.roa Signing time: Mon 13 Oct 2025 17:55:16 +0000 ROA not before: Mon 13 Oct 2025 17:55:16 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2600:f0f2:7011::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Tue 21 Oct 2025 13:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:9e:92:dd:62:9e:65:a1:9d:39:dc:60:fe:72:aa:6a:2c:d3:ee:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Oct 13 17:55:16 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=373c6bad681412b4bf691604671ae8da0c73fe185dd9cc785df6b4627b72fe29, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:81:50:71:55:94:d0:c8:2e:75:5e:2d:7d:a0: db:23:d9:98:28:56:9e:03:e9:d3:dd:9b:65:a9:87: 1f:90:04:8b:5d:e0:a9:d8:55:de:73:d9:85:f3:e8: ff:a0:c7:9d:da:8a:1c:f7:f8:d3:b7:54:af:8d:a1: 7a:8a:bb:45:42:33:64:a2:ba:4a:fa:be:2c:40:f8: 8d:71:f7:b0:f9:4f:00:18:b7:5c:8c:4f:b3:69:9f: 1f:cf:8f:c9:e9:a7:87:ef:41:a6:4d:c3:9b:b1:bc: f9:48:ca:67:d1:3a:0b:7d:8b:37:61:5e:a8:44:09: ba:af:cb:87:05:b7:2a:1b:d1:08:33:c5:5e:c2:42: 15:ad:ae:e0:b0:ce:8f:86:b6:dc:4a:64:b8:3a:57: bf:d7:5e:3f:4d:1e:c4:6d:72:12:7a:47:3e:f2:28: ee:55:09:46:78:53:79:1f:ed:f3:41:79:e0:87:d9: eb:8b:a0:0e:f9:e5:69:1d:98:06:ed:75:16:2f:a5: 0b:7f:f4:20:ec:98:e0:bb:46:93:b9:6c:19:9d:9e: 84:44:e1:69:6b:a9:15:5c:35:f1:8e:0e:8a:a7:ef: ba:ca:f9:4f:09:18:48:4c:c9:d6:99:73:b0:c5:8a: c9:2e:a4:b0:8a:9a:92:c4:81:15:ad:0b:54:16:68: ae:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:57:3D:59:18:6D:39:65:A5:B7:36:C1:06:45:61:D0:FA:E6:C0:3C X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/720f42c5-101d-41af-abc8-bd64d6f08fe0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0f2:7011::/48 Signature Algorithm: sha256WithRSAEncryption 69:29:81:78:55:6c:ca:3f:f7:32:d3:42:39:4e:64:ff:69:1f: b7:ed:08:5e:4a:d6:13:45:ae:ab:89:a3:44:4c:e1:5b:f1:10: 9c:e5:0b:3e:17:34:3a:2a:c0:94:6e:29:c1:a4:4c:bf:2e:e4: ee:83:e7:3c:7f:05:35:38:e1:3e:a9:1d:1c:19:f2:d6:76:a7: 1b:91:11:21:0b:f8:38:da:ea:11:c2:d2:1a:fe:77:99:90:cd: d6:a8:2e:d8:29:dc:02:14:ec:da:84:87:d1:f8:0e:9e:cc:20: c2:35:f0:90:5d:eb:b3:bf:86:8d:10:27:8f:80:a8:a0:d0:93: 23:d5:6b:32:f3:c3:9d:81:d3:c2:40:ac:61:c1:6f:3f:52:25: 90:9a:91:22:69:a4:e0:b0:8d:4b:5c:32:94:1e:54:24:b1:1b: e7:d9:eb:55:ac:d8:d6:9e:2f:11:c1:70:90:ca:73:1e:99:33: 00:29:6e:44:11:27:74:97:7f:b5:39:36:b6:40:1b:7e:b9:9e: 53:ad:03:9d:58:c9:b2:7d:8f:a8:8f:e7:c7:19:4f:b6:ce:0d: 07:7f:1c:3c:17:49:cf:01:77:4d:a7:d3:c8:72:6c:4a:50:e6: 8b:4a:29:40:86:c5:4d:4d:c4:e7:ef:ac:d8:40:fa:de:33:c9: 16:2e:5e:42 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUTJ6S3WKeZaGdOdxg/nKqaizT7l8wDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDEzMTc1NTE2WhcNMjUxMTE3MjM1OTU5 WjB6MUkwRwYDVQQFE0AzNzNjNmJhZDY4MTQxMmI0YmY2OTE2MDQ2NzFhZThkYTBj NzNmZTE4NWRkOWNjNzg1ZGY2YjQ2MjdiNzJmZTI5MS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCmgVBxVZTQyC51Xi19oNsj2ZgoVp4D6dPdm2Wphx+QBItd 4KnYVd5z2YXz6P+gx53aihz3+NO3VK+NoXqKu0VCM2Siukr6vixA+I1x97D5TwAY t1yMT7Npnx/Pj8npp4fvQaZNw5uxvPlIymfROgt9izdhXqhECbqvy4cFtyob0Qgz xV7CQhWtruCwzo+GttxKZLg6V7/XXj9NHsRtchJ6Rz7yKO5VCUZ4U3kf7fNBeeCH 2euLoA755WkdmAbtdRYvpQt/9CDsmOC7RpO5bBmdnoRE4WlrqRVcNfGODoqn77rK +U8JGEhMydaZc7DFiskupLCKmpLEgRWtC1QWaK5BAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUwVc9WRhtOWWltzbBBkVh0PrmwDwwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2LzcyMGY0MmM1LTEwMWQtNDFhZi1hYmM4LWJkNjRkNmYwOGZlMC5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwAmAPDycBEwDQYJKoZIhvcNAQELBQADggEBAGkpgXhVbMo/9zLTQjlOZP9p H7ftCF5K1hNFrquJo0RM4VvxEJzlCz4XNDoqwJRuKcGkTL8u5O6D5zx/BTU44T6p HRwZ8tZ2pxuRESEL+Dja6hHC0hr+d5mQzdaoLtgp3AIU7NqEh9H4Dp7MIMI18JBd 67O/ho0QJ4+AqKDQkyPVazLzw52B08JArGHBbz9SJZCakSJppOCwjUtcMpQeVCSx G+fZ61Ws2NaeLxHBcJDKcx6ZMwApbkQRJ3SXf7U5NrZAG365nlOtA51YybJ9j6iP 58cZT7bODQd/HDwXSc8Bd02n08hybEpQ5otKKUCGxU1NxOfvrNhA+t4zyRYuXkI= -----END CERTIFICATE-----Generated at Mon Oct 20 12:01:00 2025 by rpki-client