$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/44f47a87-fa5e-4db0-bb12-60c873b8710c.roa File: 44f47a87-fa5e-4db0-bb12-60c873b8710c.roa (raw, json) Hash identifier: J3bw0PpFHTMGKrf/98RMcfuOYMtqorY+uGCbBJRFXYQ= Subject key identifier: 9E:95:26:04:5A:0A:54:6B:5D:A2:13:49:AA:B9:2F:54:3B:EF:48:25 Certificate issuer: /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c Certificate serial: 16C96AAF85F216405F28E75324984F66C94D7067 Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/44f47a87-fa5e-4db0-bb12-60c873b8710c.roa Signing time: Fri 10 Oct 2025 17:04:55 +0000 ROA not before: Fri 10 Oct 2025 17:04:55 +0000 ROA not after: Fri 14 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 35.96.32.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Tue 21 Oct 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:c9:6a:af:85:f2:16:40:5f:28:e7:53:24:98:4f:66:c9:4d:70:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c Validity Not Before: Oct 10 17:04:55 2025 GMT Not After : Nov 14 23:59:59 2025 GMT Subject: serialNumber=2da14ed5d7617072b23fee8dcd6ef30ef96398c4b2edc7718c7ee7a16ea50467, CN=8cd8442f-235f-4171-84e6-8e1007a64c60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:d0:e4:c8:bc:3f:35:83:cd:c0:15:d2:de:c6: d8:e3:35:eb:6d:76:71:96:ff:52:17:60:c5:24:90: fe:13:19:42:55:df:64:c5:de:b3:0d:e3:f4:69:f7: 48:5d:d7:39:1f:71:4d:84:d3:ce:48:40:ce:c5:da: be:1e:f4:f9:87:cd:7b:f9:c7:55:c4:12:73:52:3e: dc:40:08:98:51:11:b9:56:23:4b:06:f9:67:de:1b: 9f:cc:68:ff:b9:93:1c:24:1c:0a:5f:da:64:5d:38: 95:09:cc:8a:36:14:9b:66:ca:5f:ad:fb:43:13:f5: ab:da:27:ff:f4:c8:72:af:6f:ad:f7:24:54:6b:ee: de:fd:32:59:58:4a:8c:4d:ec:2e:91:ac:15:e5:81: dd:09:06:86:c0:fc:f1:18:4d:5f:88:e9:65:7f:30: bb:de:4d:8e:fb:ba:bb:48:9c:f9:38:4c:a9:45:ce: c0:5e:a1:64:6a:bd:7d:81:00:76:22:1b:f9:1a:7b: e0:0e:2b:93:1c:86:e0:ea:dc:e8:39:35:90:d5:6c: 5b:41:c9:cf:34:b7:68:fa:1f:bf:53:e7:db:cf:e9: 86:36:c8:31:ba:a8:20:77:91:08:f7:dc:f8:23:66: 72:6b:80:10:31:73:ba:44:d1:b0:29:c7:99:b8:dc: 8b:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:95:26:04:5A:0A:54:6B:5D:A2:13:49:AA:B9:2F:54:3B:EF:48:25 X509v3 Authority Key Identifier: keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/44f47a87-fa5e-4db0-bb12-60c873b8710c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 35.96.32.0/24 Signature Algorithm: sha256WithRSAEncryption 53:71:44:84:7c:0e:3a:64:03:e3:f9:14:89:99:b4:c7:0f:31: 2c:ce:36:a8:6a:de:d1:38:0d:0e:8a:fe:98:01:b5:45:a2:3d: 11:d8:f1:81:77:dd:b7:f4:0d:2d:af:b5:00:20:b0:e5:71:6d: f6:ae:55:47:07:bd:29:56:1c:fc:e5:08:e9:a6:ba:0f:0f:9b: 9d:f9:8e:0f:9f:ec:f0:df:d3:1e:3c:b4:f7:95:74:b3:da:ea: fa:cf:1f:b0:78:48:4b:b9:55:86:60:7c:eb:eb:01:90:01:92: 62:f3:16:a5:6c:09:fc:21:c2:32:fc:ed:85:e3:d4:09:96:9c: 3c:10:7e:ba:a0:ef:b9:a6:30:f7:ea:66:f2:de:6f:ab:62:20: fd:b9:e6:2f:09:cb:b2:64:dc:f2:b9:7e:e9:dc:71:86:db:04: 73:dc:c4:a2:e1:fc:ae:eb:5b:85:89:a7:23:8c:21:6c:cf:d6: fe:6d:7f:ad:e2:da:0f:fd:21:c9:d7:f9:87:01:bd:e0:1f:b5: af:52:be:62:32:65:38:fa:d6:2c:f0:19:c1:38:3d:f9:f1:12: 16:bb:9d:78:3a:23:5c:a5:16:c7:38:e4:76:8e:d8:cd:05:62: b1:c7:ac:63:e4:92:bc:5a:dc:eb:3d:ed:81:6d:b6:9a:8a:23: 5f:9a:08:23 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUFslqr4XyFkBfKOdTJJhPZslNcGcwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUxMDEwMTcwNDU1WhcNMjUxMTE0MjM1OTU5 WjB6MUkwRwYDVQQFE0AyZGExNGVkNWQ3NjE3MDcyYjIzZmVlOGRjZDZlZjMwZWY5 NjM5OGM0YjJlZGM3NzE4YzdlZTdhMTZlYTUwNDY3MS0wKwYDVQQDEyQ4Y2Q4NDQy Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDA0OTIvD81g83AFdLextjjNettdnGW/1IXYMUkkP4TGUJV 32TF3rMN4/Rp90hd1zkfcU2E085IQM7F2r4e9PmHzXv5x1XEEnNSPtxACJhREblW I0sG+WfeG5/MaP+5kxwkHApf2mRdOJUJzIo2FJtmyl+t+0MT9avaJ//0yHKvb633 JFRr7t79MllYSoxN7C6RrBXlgd0JBobA/PEYTV+I6WV/MLveTY77urtInPk4TKlF zsBeoWRqvX2BAHYiG/kae+AOK5MchuDq3Og5NZDVbFtByc80t2j6H79T59vP6YY2 yDG6qCB3kQj33PgjZnJrgBAxc7pE0bApx5m43IsNAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUnpUmBFoKVGtdohNJqrkvVDvvSCUwHwYDVR0jBBgwFoAUasw+faLnbZkR D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00 NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1 Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx MTI5ODY2MzYyLzQ0ZjQ3YTg3LWZhNWUtNGRiMC1iYjEyLTYwYzg3M2I4NzEwYy5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4 LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAAjYCAwDQYJKoZIhvcNAQELBQADggEBAFNxRIR8DjpkA+P5FImZtMcPMSzO Nqhq3tE4DQ6K/pgBtUWiPRHY8YF33bf0DS2vtQAgsOVxbfauVUcHvSlWHPzlCOmm ug8Pm535jg+f7PDf0x48tPeVdLPa6vrPH7B4SEu5VYZgfOvrAZABkmLzFqVsCfwh wjL87YXj1AmWnDwQfrqg77mmMPfqZvLeb6tiIP255i8Jy7Jk3PK5funccYbbBHPc xKLh/K7rW4WJpyOMIWzP1v5tf63i2g/9IcnX+YcBveAfta9SvmIyZTj61izwGcE4 PfnxEha7nXg6I1ylFsc45HaO2M0FYrHHrGPkkrxa3Os97YFttpqKI1+aCCM= -----END CERTIFICATE-----Generated at Mon Oct 20 13:05:57 2025 by rpki-client