$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/cd3025ff-3653-4276-a530-1fa2eed87e53.roa File: cd3025ff-3653-4276-a530-1fa2eed87e53.roa (raw, json) Hash identifier: QekQ+kZqLionl64rsACC3vaImZjvtD0cTOi73GfnNwg= Subject key identifier: 6E:6B:D7:3F:F8:3B:2B:52:09:97:88:1C:31:8D:EC:67:75:F3:41:42 Certificate issuer: /CN=5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64 Certificate serial: 485BB926B239C5B58A455E4F506D28C7660DCC9B Authority key identifier: FE:22:E0:F7:22:CC:4F:06:0C:58:5A:12:6F:E6:A2:65:00:36:5E:48 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/cd3025ff-3653-4276-a530-1fa2eed87e53.roa Signing time: Mon 06 Oct 2025 16:41:09 +0000 ROA not before: Mon 06 Oct 2025 16:41:09 +0000 ROA not after: Mon 10 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2620:107:3000::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/GCPJMZh-nJw38EAgqrq_m03_m2Q.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/GCPJMZh-nJw38EAgqrq_m03_m2Q.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/42b2991f-22c7-42f7-8cf5-4f3138859732.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/42b2991f-22c7-42f7-8cf5-4f3138859732.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Wed 22 Oct 2025 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:5b:b9:26:b2:39:c5:b5:8a:45:5e:4f:50:6d:28:c7:66:0d:cc:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64 Validity Not Before: Oct 6 16:41:09 2025 GMT Not After : Nov 10 23:59:59 2025 GMT Subject: serialNumber=f9c428e74f182e1ed917a981c858a11ac44f2a64fbaad8431c274252804d2b0b, CN=71c3876e-b944-4600-92c7-cec33d89523f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:86:08:e0:88:1d:23:93:22:2a:24:8b:48:e9:86: a1:cc:a5:db:5f:52:6f:51:09:f3:6a:66:96:52:bb: 68:aa:20:77:2d:ec:ca:f6:a0:3f:50:f5:1f:f4:17: 3f:69:70:58:c4:b5:fa:39:ae:00:e2:f0:ab:ca:98: ff:ce:97:53:9b:b1:76:e3:56:a5:b2:fa:07:9c:8a: ed:1b:57:dd:16:0c:95:2a:5d:75:4e:2f:81:90:ec: 1e:f0:8c:e9:65:34:72:03:bd:7b:7c:51:a1:be:44: 80:36:31:82:0d:b9:37:36:0a:41:f8:e4:65:43:49: aa:ab:32:d8:e4:bc:36:3c:68:e3:7f:4f:be:cc:a9: 7a:fd:cd:67:17:0d:0f:eb:d7:91:47:71:16:fc:1f: 32:3f:d2:1c:3f:c5:ba:6b:91:6a:88:bc:bd:2c:ae: 36:a7:9e:5e:2b:c7:17:dd:19:f2:1a:82:f6:84:be: a0:35:72:a1:f8:84:17:f1:e3:30:25:a4:d6:ef:80: 6b:ff:1e:f5:e0:61:aa:9b:b9:d9:99:1b:e1:d8:e7: dd:85:8a:65:95:2a:1f:2d:8c:11:31:6b:85:38:6c: 41:7e:fd:ec:05:bc:b7:05:ad:61:bf:95:42:cf:be: f5:3a:ea:d1:0a:c0:49:ca:d1:ac:f5:db:5f:25:8c: a7:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:6B:D7:3F:F8:3B:2B:52:09:97:88:1C:31:8D:EC:67:75:F3:41:42 X509v3 Authority Key Identifier: keyid:FE:22:E0:F7:22:CC:4F:06:0C:58:5A:12:6F:E6:A2:65:00:36:5E:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/42b2991f-22c7-42f7-8cf5-4f3138859732/5d803805e21823c931987e9c9c37f04020aababf9b4dff9b64.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/cd3025ff-3653-4276-a530-1fa2eed87e53.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/a841823c-a10d-477c-bfdf-4086f0b1594c/GCPJMZh-nJw38EAgqrq_m03_m2Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2620:107:3000::/44 Signature Algorithm: sha256WithRSAEncryption 75:88:99:e1:c5:4b:e2:51:49:78:f7:3f:db:f3:43:fc:9d:c7: 23:bb:82:92:2e:db:a6:87:8b:6c:35:6a:63:0e:72:11:b1:94: 7e:1a:b1:73:3a:21:67:1e:b4:c7:69:7f:5e:4e:b5:56:2b:59: 9c:be:80:b5:bf:33:4e:85:76:a9:23:45:73:2a:d3:b1:f3:0b: 08:1d:8d:f9:ae:7e:dd:1e:de:42:9e:01:22:55:b6:ed:7e:83: ee:45:92:3f:04:38:b2:b7:d3:0d:6e:55:f2:1f:d2:73:82:5d: f4:fa:d6:0f:67:89:98:f7:65:54:f4:44:00:71:69:48:11:6b: 3b:41:19:71:b1:d1:16:fa:a0:ad:6b:d2:3e:1c:cd:34:dd:5a: 10:b4:5c:42:42:07:f1:b3:81:01:34:f2:97:b9:b3:c7:07:74: 9a:b2:55:7b:69:ec:c2:08:dc:97:82:40:c7:a3:7d:83:d5:23: 03:1b:82:7b:ab:1b:4b:6c:d3:5e:a9:98:e7:f1:49:a7:18:69: 38:46:e5:6d:f3:cb:33:1b:4a:d5:fd:9f:85:24:70:bf:1b:78: 76:a1:07:25:00:96:e9:49:3d:f1:a3:a8:5e:6b:52:6e:5c:1e: 35:cc:90:05:52:71:0b:a3:ed:d7:30:88:7e:74:49:d1:74:2c: 82:ec:08:3d -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUSFu5JrI5xbWKRV5PUG0ox2YNzJswDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNWQ4MDM4MDVlMjE4MjNjOTMxOTg3ZTljOWMzN2YwNDAy MGFhYmFiZjliNGRmZjliNjQwHhcNMjUxMDA2MTY0MTA5WhcNMjUxMTEwMjM1OTU5 WjB6MUkwRwYDVQQFE0BmOWM0MjhlNzRmMTgyZTFlZDkxN2E5ODFjODU4YTExYWM0 NGYyYTY0ZmJhYWQ4NDMxYzI3NDI1MjgwNGQyYjBiMS0wKwYDVQQDEyQ3MWMzODc2 ZS1iOTQ0LTQ2MDAtOTJjNy1jZWMzM2Q4OTUyM2YwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCGCOCIHSOTIioki0jphqHMpdtfUm9RCfNqZpZSu2iqIHct 7Mr2oD9Q9R/0Fz9pcFjEtfo5rgDi8KvKmP/Ol1ObsXbjVqWy+geciu0bV90WDJUq XXVOL4GQ7B7wjOllNHIDvXt8UaG+RIA2MYINuTc2CkH45GVDSaqrMtjkvDY8aON/ T77MqXr9zWcXDQ/r15FHcRb8HzI/0hw/xbprkWqIvL0srjannl4rxxfdGfIagvaE vqA1cqH4hBfx4zAlpNbvgGv/HvXgYaqbudmZG+HY592FimWVKh8tjBExa4U4bEF+ /ewFvLcFrWG/lULPvvU66tEKwEnK0az1218ljKf5AgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUbmvXP/g7K1IJl4gcMY3sZ3XzQUIwHwYDVR0jBBgwFoAU/iLg9yLMTwYM WFoSb+aiZQA2XkgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi80MmIyOTkxZi0y MmM3LTQyZjctOGNmNS00ZjMxMzg4NTk3MzIvNWQ4MDM4MDVlMjE4MjNjOTMxOTg3 ZTljOWMzN2YwNDAyMGFhYmFiZjliNGRmZjliNjQuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvYTg0MTgyM2MtYTEwZC00NzdjLWJmZGYtNDA4 NmYwYjE1OTRjL2NkMzAyNWZmLTM2NTMtNDI3Ni1hNTMwLTFmYTJlZWQ4N2U1My5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2E4NDE4MjNjLWExMGQtNDc3Yy1iZmRm LTQwODZmMGIxNTk0Yy9HQ1BKTVpoLW5KdzM4RUFncXJxX20wM19tMlEuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwQmIAEHMAAwDQYJKoZIhvcNAQELBQADggEBAHWImeHFS+JRSXj3P9vzQ/yd xyO7gpIu26aHi2w1amMOchGxlH4asXM6IWcetMdpf15OtVYrWZy+gLW/M06Fdqkj RXMq07HzCwgdjfmuft0e3kKeASJVtu1+g+5Fkj8EOLK30w1uVfIf0nOCXfT61g9n iZj3ZVT0RABxaUgRaztBGXGx0Rb6oK1r0j4czTTdWhC0XEJCB/GzgQE08pe5s8cH dJqyVXtp7MII3JeCQMejfYPVIwMbgnurG0ts016pmOfxSacYaThG5W3zyzMbStX9 n4UkcL8beHahByUAlulJPfGjqF5rUm5cHjXMkAVScQuj7dcwiH50SdF0LILsCD0= -----END CERTIFICATE-----Generated at Mon Oct 20 20:38:11 2025 by rpki-client