$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/6b90b1f9-6b22-4e82-af32-2981da75246a.roa File: 6b90b1f9-6b22-4e82-af32-2981da75246a.roa (raw, json) Hash identifier: 8OOJDmFDKLgzSSLK5NgMPRkm7GweYcgbmP4WZdC+K9o= Subject key identifier: AD:B4:91:C7:7E:9C:FC:C8:5D:14:3F:2F:36:C4:83:09:9B:0C:1B:52 Certificate issuer: /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c Certificate serial: 698D404C4C5944C6DAF98DD1F3F48F94A8A716BF Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/6b90b1f9-6b22-4e82-af32-2981da75246a.roa Signing time: Fri 10 Oct 2025 17:04:52 +0000 ROA not before: Fri 10 Oct 2025 17:04:52 +0000 ROA not after: Fri 14 Nov 2025 23:59:59 +0000 asID: 801 IP address blocks: 35.96.33.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Tue 21 Oct 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:8d:40:4c:4c:59:44:c6:da:f9:8d:d1:f3:f4:8f:94:a8:a7:16:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c Validity Not Before: Oct 10 17:04:52 2025 GMT Not After : Nov 14 23:59:59 2025 GMT Subject: serialNumber=3bdf01ebab3d61951ce742a1a7a69610165c605cd8b95b5f4b6eea09ed0e3059, CN=8cd8442f-235f-4171-84e6-8e1007a64c60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:9b:55:cd:a2:6f:68:f3:96:63:c0:97:6c:55: e8:98:ac:fb:77:7d:cd:2c:19:a5:b6:80:74:f5:88: ac:b5:7f:70:37:7c:fe:4a:9a:d3:e8:14:b5:9c:9f: ee:36:64:29:ec:2c:e0:51:3e:33:c3:c3:8b:ac:6e: 7d:f6:3b:5c:f1:04:05:a1:01:24:91:dd:7f:1c:51: 7d:c3:a9:f0:cb:b8:b0:bd:7f:ab:09:5d:39:bf:f1: e9:ea:f6:4f:32:ee:c0:79:31:bc:b2:aa:36:10:92: fb:ee:42:7c:8f:f1:c5:e2:b8:fc:df:25:4f:62:2b: f5:27:39:c3:41:d0:86:b3:7d:90:45:57:3b:dc:90: 14:73:4c:43:68:aa:29:88:17:ab:a6:2c:0c:18:da: 24:d2:18:68:73:4f:84:ec:0d:f6:d2:d9:0a:e7:65: 05:34:c5:df:28:d5:cb:f1:6e:1e:74:97:a1:c6:07: a6:66:f5:c3:b8:95:c9:ac:eb:c3:18:d4:ec:4b:5a: 6b:50:77:ba:21:0f:01:de:4e:8a:a4:92:70:14:32: b0:77:81:31:1a:5a:d9:50:58:e1:e3:e2:53:ef:fd: 20:0e:92:24:0d:7f:3e:f4:bc:e0:05:34:6e:88:11: 65:d5:20:23:b7:16:f4:87:60:04:b9:75:9d:a2:55: 45:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:B4:91:C7:7E:9C:FC:C8:5D:14:3F:2F:36:C4:83:09:9B:0C:1B:52 X509v3 Authority Key Identifier: keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/6b90b1f9-6b22-4e82-af32-2981da75246a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 35.96.33.0/24 Signature Algorithm: sha256WithRSAEncryption 55:6b:73:55:14:ec:30:f2:87:37:80:2f:e4:20:86:35:3d:25: ff:cf:e3:7a:4a:10:19:f3:73:72:dd:d0:a9:5c:96:59:b0:a7: 57:cf:e0:69:d3:fa:01:cc:db:a1:6d:aa:eb:bf:d3:6a:dd:8a: d3:64:04:7a:36:a9:6b:95:4a:78:fe:7b:80:ff:20:65:60:4b: e5:60:5e:1d:c3:a9:c2:72:d8:7c:87:4b:56:89:e6:b4:79:33: 9f:cc:e2:28:f2:3c:37:20:6b:dc:9e:74:b6:95:79:ea:ef:9c: 30:ad:80:2e:cc:1f:c8:9b:8a:9a:d8:7a:5d:6d:fd:a5:66:5a: 76:6d:65:63:b6:0d:a4:6b:d6:78:44:4e:c6:df:d4:75:6f:8a: 71:35:fd:c2:b3:93:6b:a9:60:a8:7a:ef:c5:7f:38:51:f0:ec: b4:44:78:5f:54:f4:21:2b:80:69:b6:7d:35:d0:9c:2f:5d:e6: 72:ab:74:d6:4c:8f:0b:44:98:bf:e2:84:82:44:67:aa:6e:55: 96:1c:57:d5:5c:b8:f0:e5:40:1c:58:63:ac:f9:e3:a6:f0:9f: cb:d5:91:be:3a:46:28:f3:ed:e0:6a:35:2b:75:b8:e7:60:96: fe:76:11:82:f4:1f:c5:cb:27:be:63:9d:d0:a5:03:5e:b1:d6: fe:18:84:4a -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUaY1ATExZRMba+Y3R8/SPlKinFr8wDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUxMDEwMTcwNDUyWhcNMjUxMTE0MjM1OTU5 WjB6MUkwRwYDVQQFE0AzYmRmMDFlYmFiM2Q2MTk1MWNlNzQyYTFhN2E2OTYxMDE2 NWM2MDVjZDhiOTViNWY0YjZlZWEwOWVkMGUzMDU5MS0wKwYDVQQDEyQ4Y2Q4NDQy Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDpm1XNom9o85ZjwJdsVeiYrPt3fc0sGaW2gHT1iKy1f3A3 fP5KmtPoFLWcn+42ZCnsLOBRPjPDw4usbn32O1zxBAWhASSR3X8cUX3DqfDLuLC9 f6sJXTm/8enq9k8y7sB5MbyyqjYQkvvuQnyP8cXiuPzfJU9iK/UnOcNB0IazfZBF VzvckBRzTENoqimIF6umLAwY2iTSGGhzT4TsDfbS2QrnZQU0xd8o1cvxbh50l6HG B6Zm9cO4lcms68MY1OxLWmtQd7ohDwHeToqkknAUMrB3gTEaWtlQWOHj4lPv/SAO kiQNfz70vOAFNG6IEWXVICO3FvSHYAS5dZ2iVUXZAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUrbSRx36c/MhdFD8vNsSDCZsMG1IwHwYDVR0jBBgwFoAUasw+faLnbZkR D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00 NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1 Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx MTI5ODY2MzYyLzZiOTBiMWY5LTZiMjItNGU4Mi1hZjMyLTI5ODFkYTc1MjQ2YS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4 LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAAjYCEwDQYJKoZIhvcNAQELBQADggEBAFVrc1UU7DDyhzeAL+QghjU9Jf/P 43pKEBnzc3Ld0Klcllmwp1fP4GnT+gHM26Ftquu/02rditNkBHo2qWuVSnj+e4D/ IGVgS+VgXh3DqcJy2HyHS1aJ5rR5M5/M4ijyPDcga9yedLaVeervnDCtgC7MH8ib iprYel1t/aVmWnZtZWO2DaRr1nhETsbf1HVvinE1/cKzk2upYKh678V/OFHw7LRE eF9U9CErgGm2fTXQnC9d5nKrdNZMjwtEmL/ihIJEZ6puVZYcV9VcuPDlQBxYY6z5 46bwn8vVkb46Rijz7eBqNSt1uOdglv52EYL0H8XLJ75jndClA16x1v4YhEo= -----END CERTIFICATE-----Generated at Mon Oct 20 10:47:50 2025 by rpki-client