$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/d2e3c99e-3e03-4115-856b-b25d7e97c4f3.roa File: d2e3c99e-3e03-4115-856b-b25d7e97c4f3.roa (raw, json) Hash identifier: jGfMKfEy4njYYCLu+xe6ruzHDK4wi54+PHBy9kx7KDY= Subject key identifier: 89:03:E4:FC:19:37:75:52:B8:89:8B:BD:42:F4:52:D4:A1:15:1E:E0 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 30CFA82017F525CCFAEBFFD09D126504A3E28154 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/d2e3c99e-3e03-4115-856b-b25d7e97c4f3.roa Signing time: Mon 29 Sep 2025 15:23:41 +0000 ROA not before: Mon 29 Sep 2025 15:23:41 +0000 ROA not after: Mon 03 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:f0f0:4141::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Wed 22 Oct 2025 22:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:cf:a8:20:17:f5:25:cc:fa:eb:ff:d0:9d:12:65:04:a3:e2:81:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Sep 29 15:23:41 2025 GMT Not After : Nov 3 23:59:59 2025 GMT Subject: serialNumber=6e46fe49cea839fecd1bba12365dc4ff776fb839530373763210c456ba0be2b5, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:86:70:f6:6b:66:d4:d1:f3:40:21:91:57:32: 95:01:dd:9d:94:bd:df:e7:35:05:c4:d3:f5:49:fe: 30:2e:52:8a:11:85:21:9e:19:db:f7:5b:cb:65:39: 4b:7f:b0:5e:ce:b9:24:06:76:e8:2e:37:51:6b:9c: 19:d0:b0:f9:8a:bd:44:d7:d5:db:e8:09:6b:35:4a: 12:0a:a6:6b:f1:70:9a:0f:2c:ce:58:e2:ac:51:27: 4f:ea:35:7e:50:3e:1f:7a:2d:fe:09:63:5f:2a:6f: 94:a2:0c:51:c2:8b:a1:c5:dc:b3:1b:37:ee:85:36: c2:5a:3b:6f:13:8b:70:33:4f:c6:72:bd:7a:2a:17: fa:8c:d7:03:f3:4c:a9:a5:a8:5f:3a:e2:a6:c8:a1: 7a:42:66:d5:33:ea:eb:11:78:b6:51:17:01:c8:3b: a9:12:5c:9b:25:b5:d4:bf:d7:cc:cc:4a:eb:c3:6a: 19:53:df:90:57:c3:7c:88:ee:a5:bf:bd:7a:f1:a7: ac:2a:f2:2b:b4:e6:89:a4:58:15:93:49:3e:9c:5f: 9c:c5:f2:f8:73:ca:03:12:26:9d:d2:c8:2b:39:ad: 57:b5:1f:6e:6d:c1:de:09:28:88:bf:0b:69:a9:19: 3b:ed:5d:5e:02:44:b7:ea:cf:90:1a:26:bd:d4:ed: d7:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:03:E4:FC:19:37:75:52:B8:89:8B:BD:42:F4:52:D4:A1:15:1E:E0 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/d2e3c99e-3e03-4115-856b-b25d7e97c4f3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0f0:4141::/48 Signature Algorithm: sha256WithRSAEncryption 38:2d:fe:fc:8f:1f:48:74:de:fe:9c:c4:9a:87:9f:e7:ba:d1: 51:53:06:b9:c9:2a:64:9b:21:37:4f:06:a1:c9:7e:6a:27:25: ae:ce:12:5b:56:a0:0a:3a:42:14:f3:6d:76:85:a8:0a:c6:b3: 71:0b:9c:7e:8c:55:77:4f:da:77:a4:c9:f1:36:5d:b6:8c:b7: 5b:27:2e:14:88:b4:10:74:46:57:da:dd:28:c1:03:45:8d:31: 3b:e3:c4:1a:ed:b1:f9:80:33:e3:27:af:c2:aa:7a:d4:b9:de: a5:72:51:ab:01:b7:41:43:6d:8f:08:7c:54:62:2f:e4:27:ba: 3e:bc:42:3c:c0:ae:81:b1:4f:85:24:d7:29:a3:07:68:04:9a: 4f:72:67:18:75:06:de:5e:95:22:d4:7d:aa:18:d4:30:7f:b4: dc:ce:42:68:2a:e1:08:92:9b:45:52:6b:32:b2:ce:a3:68:e1: dc:e9:c5:2b:02:7d:da:d3:02:d8:8a:37:74:d3:7f:fc:d6:0c: 77:a5:d9:56:b4:84:35:cc:b3:d6:aa:af:bf:d3:a9:78:9d:98: b6:51:e5:41:79:c5:fd:3c:8f:9b:ce:f5:6f:6c:37:9f:fc:00: 94:e3:8a:96:1f:24:40:83:7c:13:f0:a4:cb:6e:3c:39:fd:3c: df:3e:4d:ad -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUMM+oIBf1Jcz66//QnRJlBKPigVQwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwOTI5MTUyMzQxWhcNMjUxMTAzMjM1OTU5 WjB6MUkwRwYDVQQFE0A2ZTQ2ZmU0OWNlYTgzOWZlY2QxYmJhMTIzNjVkYzRmZjc3 NmZiODM5NTMwMzczNzYzMjEwYzQ1NmJhMGJlMmI1MS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDHhnD2a2bU0fNAIZFXMpUB3Z2Uvd/nNQXE0/VJ/jAuUooR hSGeGdv3W8tlOUt/sF7OuSQGduguN1FrnBnQsPmKvUTX1dvoCWs1ShIKpmvxcJoP LM5Y4qxRJ0/qNX5QPh96Lf4JY18qb5SiDFHCi6HF3LMbN+6FNsJaO28Ti3AzT8Zy vXoqF/qM1wPzTKmlqF864qbIoXpCZtUz6usReLZRFwHIO6kSXJsltdS/18zMSuvD ahlT35BXw3yI7qW/vXrxp6wq8iu05omkWBWTST6cX5zF8vhzygMSJp3SyCs5rVe1 H25twd4JKIi/C2mpGTvtXV4CRLfqz5AaJr3U7dfZAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUiQPk/Bk3dVK4iYu9QvRS1KEVHuAwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2L2QyZTNjOTllLTNlMDMtNDExNS04NTZiLWIyNWQ3ZTk3YzRmMy5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwAmAPDwQUEwDQYJKoZIhvcNAQELBQADggEBADgt/vyPH0h03v6cxJqHn+e6 0VFTBrnJKmSbITdPBqHJfmonJa7OEltWoAo6QhTzbXaFqArGs3ELnH6MVXdP2nek yfE2XbaMt1snLhSItBB0Rlfa3SjBA0WNMTvjxBrtsfmAM+Mnr8KqetS53qVyUasB t0FDbY8IfFRiL+Qnuj68QjzAroGxT4Uk1ymjB2gEmk9yZxh1Bt5elSLUfaoY1DB/ tNzOQmgq4QiSm0VSazKyzqNo4dzpxSsCfdrTAtiKN3TTf/zWDHel2Va0hDXMs9aq r7/TqXidmLZR5UF5xf08j5vO9W9sN5/8AJTjipYfJECDfBPwpMtuPDn9PN8+Ta0= -----END CERTIFICATE-----Generated at Mon Oct 20 17:35:13 2025 by rpki-client