$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/2800c70c-6ec1-4d86-a916-4850deb2dfaa.roa File: 2800c70c-6ec1-4d86-a916-4850deb2dfaa.roa (raw, json) Hash identifier: zSHUd2fICvTqxU+MA1cm12cNjV6RpVRSb9L7I4qSzec= Subject key identifier: 3E:F5:76:AC:02:BD:1B:18:06:6B:70:6E:88:81:9C:4A:5B:09:0B:7E Certificate issuer: /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c Certificate serial: 0C4E7C5C582017B700162552CDFFD33A96E22512 Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/2800c70c-6ec1-4d86-a916-4850deb2dfaa.roa Signing time: Fri 10 Oct 2025 17:05:12 +0000 ROA not before: Fri 10 Oct 2025 17:05:12 +0000 ROA not after: Fri 14 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 35.96.8.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Tue 21 Oct 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:4e:7c:5c:58:20:17:b7:00:16:25:52:cd:ff:d3:3a:96:e2:25:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c Validity Not Before: Oct 10 17:05:12 2025 GMT Not After : Nov 14 23:59:59 2025 GMT Subject: serialNumber=648539c9c510675e92eef1dee9529365ef62c4d3f6ae59db33974f053eb889e5, CN=8cd8442f-235f-4171-84e6-8e1007a64c60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:e0:dc:72:f3:40:d8:91:0f:57:23:0c:5b:4a: f4:bf:20:b0:48:7a:4c:71:db:8a:3f:fa:69:3d:f0: dd:52:ed:9e:8d:49:47:8f:13:4b:7b:81:39:b1:f3: 96:cf:53:8e:b3:ec:7c:a9:09:98:6b:66:52:fb:49: 5f:bc:7d:f9:e7:f4:0f:f9:83:69:30:8a:84:12:a1: dc:6e:e9:87:db:ef:9a:d2:fd:60:61:0e:49:62:e4: ce:d3:e2:92:97:92:1b:eb:b0:02:43:f1:5d:70:d6: c4:67:8b:8e:40:a5:7e:d0:e9:98:33:6f:55:bf:f8: c1:5d:12:75:ba:b7:02:b0:cf:18:1b:f4:f1:4b:19: 97:c7:9d:f9:36:8f:89:36:46:20:77:eb:bf:c0:87: 75:14:3b:ea:c2:ff:5d:e8:e8:86:b0:4d:08:9b:aa: bc:68:66:b5:f6:d2:6f:48:31:6d:ae:34:ed:9f:13: 4b:87:1e:8f:85:8c:12:8d:d1:4e:96:b1:b1:b0:29: 12:ba:69:db:6c:89:b1:37:20:02:34:7a:a7:81:ba: ad:29:3e:04:8b:24:3c:b5:c1:c3:c4:67:db:a6:54: a2:a6:99:26:1f:f7:d0:32:65:71:d2:76:2a:33:5e: 76:bb:18:af:d5:7a:2e:4f:e0:0f:87:6b:42:9b:33: f0:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:F5:76:AC:02:BD:1B:18:06:6B:70:6E:88:81:9C:4A:5B:09:0B:7E X509v3 Authority Key Identifier: keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/2800c70c-6ec1-4d86-a916-4850deb2dfaa.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 35.96.8.0/24 Signature Algorithm: sha256WithRSAEncryption 84:3b:b3:9e:69:21:72:e8:22:21:fc:0b:29:d8:d2:ea:17:a3: b6:c0:da:bb:80:61:a1:72:3c:c2:15:6f:74:13:25:57:e4:6d: 46:37:25:31:42:72:a7:1b:d3:0e:0b:d4:2f:3f:7c:ee:1c:6f: 9f:f7:b3:30:d7:fe:01:06:af:3d:54:25:70:66:88:1d:49:35: c5:e3:ae:40:c4:0c:de:3a:ba:06:5b:63:e1:86:70:46:f3:68: 8e:dc:42:c3:65:51:f2:a4:c6:bb:e3:2e:a5:7e:ea:88:8c:97: 93:e7:fb:39:2f:bd:c8:7d:b2:39:1f:dc:0a:b8:9a:15:16:08: c1:90:b4:49:76:56:e0:19:51:ee:fe:04:62:d1:9c:07:ac:2f: 3d:43:51:f6:e5:f1:ac:15:7d:3e:96:b1:dd:4d:bb:bd:67:f6: 7a:7a:93:8f:a3:45:43:da:0d:d8:11:57:b1:c9:4f:19:3e:c6: b6:b3:cf:d9:9b:03:61:c4:ba:fd:70:c5:f2:f8:6a:b8:9a:90: c9:0b:30:ec:36:84:7e:44:8d:a3:36:59:75:e8:ca:cc:5c:08: 56:39:c2:58:11:2b:cc:d1:63:f4:7a:28:61:a5:19:71:e3:a9: e0:76:9e:48:7c:93:34:01:0b:39:3a:84:d2:cc:d2:97:81:76: 10:ab:54:ce -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUDE58XFggF7cAFiVSzf/TOpbiJRIwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUxMDEwMTcwNTEyWhcNMjUxMTE0MjM1OTU5 WjB6MUkwRwYDVQQFE0A2NDg1MzljOWM1MTA2NzVlOTJlZWYxZGVlOTUyOTM2NWVm NjJjNGQzZjZhZTU5ZGIzMzk3NGYwNTNlYjg4OWU1MS0wKwYDVQQDEyQ4Y2Q4NDQy Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCt4Nxy80DYkQ9XIwxbSvS/ILBIekxx24o/+mk98N1S7Z6N SUePE0t7gTmx85bPU46z7HypCZhrZlL7SV+8ffnn9A/5g2kwioQSodxu6Yfb75rS /WBhDkli5M7T4pKXkhvrsAJD8V1w1sRni45ApX7Q6Zgzb1W/+MFdEnW6twKwzxgb 9PFLGZfHnfk2j4k2RiB367/Ah3UUO+rC/13o6IawTQibqrxoZrX20m9IMW2uNO2f E0uHHo+FjBKN0U6WsbGwKRK6adtsibE3IAI0eqeBuq0pPgSLJDy1wcPEZ9umVKKm mSYf99AyZXHSdiozXna7GK/Vei5P4A+Ha0KbM/AZAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUPvV2rAK9GxgGa3BuiIGcSlsJC34wHwYDVR0jBBgwFoAUasw+faLnbZkR D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00 NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1 Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx MTI5ODY2MzYyLzI4MDBjNzBjLTZlYzEtNGQ4Ni1hOTE2LTQ4NTBkZWIyZGZhYS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4 LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAAjYAgwDQYJKoZIhvcNAQELBQADggEBAIQ7s55pIXLoIiH8CynY0uoXo7bA 2ruAYaFyPMIVb3QTJVfkbUY3JTFCcqcb0w4L1C8/fO4cb5/3szDX/gEGrz1UJXBm iB1JNcXjrkDEDN46ugZbY+GGcEbzaI7cQsNlUfKkxrvjLqV+6oiMl5Pn+zkvvch9 sjkf3Aq4mhUWCMGQtEl2VuAZUe7+BGLRnAesLz1DUfbl8awVfT6Wsd1Nu71n9np6 k4+jRUPaDdgRV7HJTxk+xrazz9mbA2HEuv1wxfL4ariakMkLMOw2hH5EjaM2WXXo ysxcCFY5wlgRK8zRY/R6KGGlGXHjqeB2nkh8kzQBCzk6hNLM0peBdhCrVM4= -----END CERTIFICATE-----Generated at Mon Oct 20 08:02:07 2025 by rpki-client