$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/dc0e0e73-bbbe-4170-b733-4904ecc27f99.roa File: dc0e0e73-bbbe-4170-b733-4904ecc27f99.roa (raw, json) Hash identifier: Zdg7kj+pIe1kcDTdr7fARIeKSBdPVTrHG7b97DBGrWw= Subject key identifier: D5:1D:5A:A8:30:2B:14:DC:AF:B0:97:07:17:1F:87:7A:FD:03:6B:0B Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 4142302536788E6D3550D77F0EB30AC7675A009D Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/dc0e0e73-bbbe-4170-b733-4904ecc27f99.roa Signing time: Mon 16 Jun 2025 19:20:15 +0000 ROA not before: Mon 16 Jun 2025 19:20:15 +0000 ROA not after: Mon 21 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:f0fb:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Fri 04 Jul 2025 22:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:42:30:25:36:78:8e:6d:35:50:d7:7f:0e:b3:0a:c7:67:5a:00:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Jun 16 19:20:15 2025 GMT Not After : Jul 21 23:59:59 2025 GMT Subject: serialNumber=20f803f02fc1ba52851a341429fedd4010e7e1f1dccf51dd90357aa8ecc4faee, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:a9:44:de:fa:21:05:4a:a1:39:82:56:bd:67: 65:ee:3f:20:14:82:54:f3:2d:91:63:89:94:92:a7: a2:d3:02:70:70:1e:47:43:d6:39:21:4c:01:63:2d: 9d:7b:3f:87:2a:7f:0c:4f:2e:bf:af:de:70:ff:c1: 93:fe:2f:17:b9:3a:de:4b:80:de:c6:b8:eb:35:70: 6b:44:c8:92:b5:c2:cc:fc:cf:d5:dc:e4:19:5c:ee: b6:ac:f6:4f:53:fa:34:4f:2a:34:fd:d5:28:cc:a0: d7:08:d9:59:0d:12:e9:9b:09:a3:5f:2f:32:dc:ab: 8e:35:27:29:9e:92:29:e2:0b:72:96:d9:d6:9a:82: 7a:1f:a2:a4:7c:1b:8e:8c:fc:ba:32:8f:29:58:2f: 48:1a:98:4b:8d:bc:3c:95:4d:62:f9:44:02:5a:06: 55:94:a3:fa:3f:30:bb:68:90:6d:5a:ba:b1:fd:c8: c4:b9:78:c1:86:36:87:34:3b:62:46:06:64:16:dd: 39:db:40:8e:ed:b6:da:37:23:e5:2d:0a:1d:8e:ea: ed:d2:61:df:df:e2:a9:09:a4:94:c5:e7:8c:e4:55: ac:6a:6d:89:99:b0:63:43:d0:9b:dc:0a:36:c7:b9: c5:e9:da:44:1e:c7:be:80:3b:2d:cf:73:8e:c3:7b: 11:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:1D:5A:A8:30:2B:14:DC:AF:B0:97:07:17:1F:87:7A:FD:03:6B:0B X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/dc0e0e73-bbbe-4170-b733-4904ecc27f99.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0fb:e000::/40 Signature Algorithm: sha256WithRSAEncryption 33:72:25:a9:ab:84:29:dc:04:7f:ee:66:33:e9:5f:8c:8a:de: 51:01:83:8f:1d:d5:70:0b:08:26:94:92:13:11:fd:1e:03:e6: 32:43:ea:0b:a1:d8:61:a4:69:8d:f0:b8:09:e7:3f:9a:61:26: 00:67:44:d8:cf:25:b4:87:fe:33:b3:d8:2b:65:8c:21:44:8a: 3c:cd:b4:52:b1:e9:f6:04:ed:7a:f1:3c:2a:fa:d1:ea:b4:e4: 4e:a9:24:5a:7e:29:e7:65:41:f7:bd:c4:7d:c5:3e:35:6e:d9: 7b:14:de:2f:83:f0:71:eb:0f:7c:71:e9:89:b4:d5:2c:32:63: 4d:0d:9d:64:55:e0:96:cf:cd:b5:bf:e7:ab:fd:ec:92:dd:60: 7e:c1:0a:15:75:92:87:5f:e7:8e:76:04:f5:35:81:0d:c0:39: 38:ad:e9:36:de:8c:ba:9e:92:78:ad:1f:8d:23:8a:d5:35:85: dd:d5:f7:88:45:8a:dd:13:c2:c4:67:d4:e5:40:f3:f5:f0:7d: 3b:ff:48:c7:90:f1:95:2a:6e:b1:20:9e:86:f3:de:1b:fd:d1: 58:42:fd:b5:46:91:90:f7:5b:a5:02:f0:da:3a:0e:9b:b6:b3: d1:3c:fc:7f:c3:56:c8:a6:e6:72:bc:d5:be:5d:b3:47:3b:cf: 32:9c:ae:57 -----BEGIN CERTIFICATE----- MIIF+jCCBOKgAwIBAgIUQUIwJTZ4jm01UNd/DrMKx2daAJ0wDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNjE2MTkyMDE1WhcNMjUwNzIxMjM1OTU5 WjB6MUkwRwYDVQQFE0AyMGY4MDNmMDJmYzFiYTUyODUxYTM0MTQyOWZlZGQ0MDEw ZTdlMWYxZGNjZjUxZGQ5MDM1N2FhOGVjYzRmYWVlMS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDQqUTe+iEFSqE5gla9Z2XuPyAUglTzLZFjiZSSp6LTAnBw HkdD1jkhTAFjLZ17P4cqfwxPLr+v3nD/wZP+Lxe5Ot5LgN7GuOs1cGtEyJK1wsz8 z9Xc5Blc7ras9k9T+jRPKjT91SjMoNcI2VkNEumbCaNfLzLcq441JymekiniC3KW 2daagnofoqR8G46M/LoyjylYL0gamEuNvDyVTWL5RAJaBlWUo/o/MLtokG1aurH9 yMS5eMGGNoc0O2JGBmQW3TnbQI7ttto3I+UtCh2O6u3SYd/f4qkJpJTF54zkVaxq bYmZsGND0JvcCjbHucXp2kQex76AOy3Pc47DexErAgMBAAGjggKzMIICrzAdBgNV HQ4EFgQU1R1aqDArFNyvsJcHFx+Hev0DawswHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2L2RjMGUwZTczLWJiYmUtNDE3MC1iNzMzLTQ5MDRlY2MyN2Y5OS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAmAPD74DANBgkqhkiG9w0BAQsFAAOCAQEAM3IlqauEKdwEf+5mM+lfjIre UQGDjx3VcAsIJpSSExH9HgPmMkPqC6HYYaRpjfC4Cec/mmEmAGdE2M8ltIf+M7PY K2WMIUSKPM20UrHp9gTtevE8KvrR6rTkTqkkWn4p52VB973EfcU+NW7ZexTeL4Pw cesPfHHpibTVLDJjTQ2dZFXgls/Ntb/nq/3skt1gfsEKFXWSh1/njnYE9TWBDcA5 OK3pNt6Mup6SeK0fjSOK1TWF3dX3iEWK3RPCxGfU5UDz9fB9O/9Ix5DxlSpusSCe hvPeG/3RWEL9tUaRkPdbpQLw2joOm7az0Tz8f8NWyKbmcrzVvl2zRzvPMpyuVw== -----END CERTIFICATE-----Generated at Wed Jul 2 15:43:43 2025 by rpki-client