$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/af93e150-9469-47eb-8185-3ff03d87db06.roa File: af93e150-9469-47eb-8185-3ff03d87db06.roa (raw, json) Hash identifier: gqFMI8m1u9A096SN5oYEMKjUpdL7/IoHVvUXym1lz0I= Subject key identifier: 4E:D4:A9:F8:23:62:AF:2D:BE:DC:85:0C:71:AB:33:98:B2:F1:4F:21 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 094A001B7F454F2ADCCD9AE33F1E64989C5E10C7 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/af93e150-9469-47eb-8185-3ff03d87db06.roa Signing time: Fri 20 Jun 2025 00:10:15 +0000 ROA not before: Fri 20 Jun 2025 00:10:15 +0000 ROA not after: Fri 25 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:f0fb:f000::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Mon 30 Jun 2025 22:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:4a:00:1b:7f:45:4f:2a:dc:cd:9a:e3:3f:1e:64:98:9c:5e:10:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Jun 20 00:10:15 2025 GMT Not After : Jul 25 23:59:59 2025 GMT Subject: serialNumber=52b5fe55294b74a21291361b987a12fec7c2dbb3dbb3480d27408adc7cf15edc, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:83:0e:89:46:2a:07:61:0a:53:6e:75:f0:8d: db:07:1a:b2:a7:db:79:53:14:a5:21:50:f1:e8:71: ff:32:30:00:be:55:f8:a9:05:7e:55:6b:88:60:8e: ae:62:23:48:95:07:db:25:e3:48:16:c2:40:b0:73: 61:94:9b:0d:7a:ce:0e:11:b9:3c:62:59:23:90:c1: 5f:7c:77:35:a0:90:1b:55:4e:a4:00:ad:b1:e5:47: 66:37:a0:77:ca:f7:17:00:27:76:47:c5:45:12:52: 72:17:c3:74:28:8e:f7:3c:9e:51:f9:01:fa:08:03: 95:a8:f9:1d:13:49:0f:55:91:93:26:96:bf:98:73: 2a:71:98:6c:ee:65:a4:06:40:1e:03:2a:0d:ef:c6: 46:22:f6:22:96:63:9c:be:2f:08:1d:4d:89:2e:f4: eb:6a:1f:d6:f0:8f:d9:19:72:8b:d1:7b:84:54:10: 06:25:8f:eb:44:9b:05:94:4c:de:f1:db:5d:7d:83: b7:44:46:b7:fc:b9:7c:63:cb:e7:cd:2a:bc:f5:9d: 58:03:b8:17:82:0d:16:ea:66:18:e0:99:45:49:42: 1e:64:b8:ac:39:71:6d:bb:d8:b0:48:b0:96:17:e7: 5b:fa:39:96:14:fa:c7:91:e1:97:15:46:08:d5:40: 9b:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:D4:A9:F8:23:62:AF:2D:BE:DC:85:0C:71:AB:33:98:B2:F1:4F:21 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/af93e150-9469-47eb-8185-3ff03d87db06.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0fb:f000::/44 Signature Algorithm: sha256WithRSAEncryption 9f:1e:c3:76:ce:44:74:b7:08:a5:9a:64:f7:fa:9c:b8:6a:69: fb:ce:e9:83:6c:58:c6:45:7d:3c:9e:51:78:3f:3f:2b:a3:5e: 8d:48:66:21:6a:72:23:3b:6f:3e:12:2a:05:c0:f8:de:5e:2a: 64:8e:a9:2c:83:d6:2c:8f:8c:12:c9:bd:6e:3f:22:08:a5:f3: 63:ba:4e:b1:f6:a5:c0:7a:be:b5:91:f4:f3:8a:d4:df:01:24: b0:95:a9:c5:b5:f2:cf:6d:5d:ca:bd:f0:cf:46:0c:43:d7:dd: 2b:78:48:e9:1e:10:66:77:d8:39:78:d0:bb:2e:1d:d5:1f:44: bf:3e:0d:a7:44:3e:c5:34:51:67:2d:5c:ef:78:5c:93:cf:6f: 4a:9a:a5:2d:3b:61:c7:9b:e5:39:85:7d:05:f6:d1:6b:f7:a4: b7:4f:e6:e1:65:a2:ff:7d:04:c5:f3:2e:57:63:e5:30:0e:f2: f0:37:7b:99:84:4e:27:c6:eb:3d:d9:cc:5b:9a:0e:c5:aa:b7: 41:de:cb:23:8b:1a:cc:72:40:e2:d8:42:b7:62:b5:80:3f:33: fe:dd:f1:da:68:46:40:38:a5:06:36:bf:5e:82:b2:9a:a1:25: ba:f4:57:c0:e7:9c:9b:fe:75:f4:c1:03:28:1a:b3:90:73:37: ca:81:48:a1 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUCUoAG39FTyrczZrjPx5kmJxeEMcwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNjIwMDAxMDE1WhcNMjUwNzI1MjM1OTU5 WjB6MUkwRwYDVQQFE0A1MmI1ZmU1NTI5NGI3NGEyMTI5MTM2MWI5ODdhMTJmZWM3 YzJkYmIzZGJiMzQ4MGQyNzQwOGFkYzdjZjE1ZWRjMS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDegw6JRioHYQpTbnXwjdsHGrKn23lTFKUhUPHocf8yMAC+ VfipBX5Va4hgjq5iI0iVB9sl40gWwkCwc2GUmw16zg4RuTxiWSOQwV98dzWgkBtV TqQArbHlR2Y3oHfK9xcAJ3ZHxUUSUnIXw3Qojvc8nlH5AfoIA5Wo+R0TSQ9VkZMm lr+YcypxmGzuZaQGQB4DKg3vxkYi9iKWY5y+LwgdTYku9OtqH9bwj9kZcovRe4RU EAYlj+tEmwWUTN7x2119g7dERrf8uXxjy+fNKrz1nVgDuBeCDRbqZhjgmUVJQh5k uKw5cW272LBIsJYX51v6OZYU+seR4ZcVRgjVQJsJAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUTtSp+CNiry2+3IUMcaszmLLxTyEwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2L2FmOTNlMTUwLTk0NjktNDdlYi04MTg1LTNmZjAzZDg3ZGIwNi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwQmAPD78AAwDQYJKoZIhvcNAQELBQADggEBAJ8ew3bORHS3CKWaZPf6nLhq afvO6YNsWMZFfTyeUXg/PyujXo1IZiFqciM7bz4SKgXA+N5eKmSOqSyD1iyPjBLJ vW4/Igil82O6TrH2pcB6vrWR9POK1N8BJLCVqcW18s9tXcq98M9GDEPX3St4SOke EGZ32Dl40LsuHdUfRL8+DadEPsU0UWctXO94XJPPb0qapS07Yceb5TmFfQX20Wv3 pLdP5uFlov99BMXzLldj5TAO8vA3e5mETifG6z3ZzFuaDsWqt0HeyyOLGsxyQOLY QrditYA/M/7d8dpoRkA4pQY2v16CspqhJbr0V8DnnJv+dfTBAygas5BzN8qBSKE= -----END CERTIFICATE-----Generated at Sun Jun 29 09:10:56 2025 by rpki-client