$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/dc822c01-1717-4e45-a5a8-3a5dc916c76d.roa File: dc822c01-1717-4e45-a5a8-3a5dc916c76d.roa (raw, json) Hash identifier: wwP8IQzvhSSFqrmT4x7e345Wxc3SFfm+ZUcxRTceiqY= Subject key identifier: 2A:07:C7:42:CE:19:CF:69:45:89:04:C3:99:48:18:BB:55:8A:7F:2A Certificate issuer: /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c Certificate serial: 698561604C18008FA6E6F6AF9489D809B1C6E1C3 Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/dc822c01-1717-4e45-a5a8-3a5dc916c76d.roa Signing time: Fri 10 Oct 2025 17:04:59 +0000 ROA not before: Fri 10 Oct 2025 17:04:59 +0000 ROA not after: Fri 14 Nov 2025 23:59:59 +0000 asID: 801 IP address blocks: 35.96.11.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Tue 21 Oct 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:85:61:60:4c:18:00:8f:a6:e6:f6:af:94:89:d8:09:b1:c6:e1:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c Validity Not Before: Oct 10 17:04:59 2025 GMT Not After : Nov 14 23:59:59 2025 GMT Subject: serialNumber=ab0c2b63fd777a9d7d0ac3d69e550d5bfd76aa9c200d8aeddf12a62d2d1ce9bf, CN=8cd8442f-235f-4171-84e6-8e1007a64c60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:9d:cf:dd:b5:28:99:0b:a2:af:c7:2d:8f:7a: f7:a4:b8:81:8f:5f:81:2d:64:52:d4:25:ef:97:62: 75:86:37:c6:9f:a2:47:4a:64:ba:5c:0b:08:e2:00: 48:35:95:72:88:4f:9e:71:74:8c:b8:a9:0a:07:b4: be:61:d8:13:42:34:67:c0:d6:f4:6b:21:56:6b:11: 2c:a9:a2:e3:15:e1:65:9c:24:90:73:82:a4:10:c6: dd:a3:a0:94:67:58:c7:0c:47:77:a8:b2:75:b8:0e: 9b:f2:53:70:21:6d:0c:bf:03:31:56:e7:d8:10:59: 92:f7:5e:58:63:7b:b3:0c:eb:27:4e:24:c3:04:3e: 59:21:0d:8c:74:f7:79:dc:ed:1a:e6:6b:c4:b4:a8: d9:32:c1:61:4b:cd:56:50:cf:00:75:35:67:ba:70: 38:c1:07:38:6e:ea:27:76:15:e6:e1:42:ba:15:a7: ca:fd:c3:ae:84:f0:c0:2c:31:83:8b:56:23:c9:05: 8b:ef:fd:49:c8:af:6b:25:4d:76:33:18:f5:65:75: c3:4d:5b:e7:3a:2a:4c:53:a5:9b:25:b0:a4:51:ea: 65:f9:6a:c3:2d:6e:42:87:1b:5d:c1:7e:fa:fa:db: cb:75:19:df:54:74:f9:7a:88:48:07:86:44:0e:f8: 31:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:07:C7:42:CE:19:CF:69:45:89:04:C3:99:48:18:BB:55:8A:7F:2A X509v3 Authority Key Identifier: keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/dc822c01-1717-4e45-a5a8-3a5dc916c76d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 35.96.11.0/24 Signature Algorithm: sha256WithRSAEncryption 19:ab:e0:2f:55:b9:44:86:72:bc:80:a8:18:b2:f5:93:b9:eb: 64:13:64:56:24:c9:88:18:72:b9:77:50:98:c6:04:26:71:88: b1:71:37:76:7d:33:0b:55:4d:26:5f:89:69:89:56:65:42:a1: 96:6b:97:12:a7:f3:a4:00:f4:1f:7f:14:8e:b5:e3:90:5b:62: a1:ad:46:2d:b1:0b:4d:9f:ad:fd:48:14:4a:d0:46:6d:cf:04: b1:b5:d6:60:47:0c:dd:9c:51:a5:eb:9e:2a:50:33:5b:48:b1: 05:7a:85:b8:bd:fb:4b:17:b6:34:0a:f2:e5:51:a7:01:38:4c: 15:4c:d1:2f:3c:d6:0c:86:0e:53:62:52:c3:ab:0a:86:e2:6f: c2:85:3c:37:ef:fd:18:ba:e3:2e:be:e8:2d:3b:f2:2f:87:b3: 6e:78:c5:56:b3:d9:8b:0f:3c:83:83:0a:47:0e:0b:e3:c8:17: a9:6f:a6:34:0b:a6:0c:64:f9:c9:c7:d4:5f:5b:19:04:ca:f2: 97:8c:c1:8b:0f:67:b3:72:ea:20:9c:e1:c3:44:6b:0d:71:26: 5c:22:ba:1f:84:38:c8:56:1b:be:06:b5:62:4d:ff:d3:dd:e3: 4b:ed:6f:b4:fb:20:11:f9:b4:62:f7:f1:8b:0a:2d:f6:b8:64: 85:6e:52:e7 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUaYVhYEwYAI+m5vavlInYCbHG4cMwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUxMDEwMTcwNDU5WhcNMjUxMTE0MjM1OTU5 WjB6MUkwRwYDVQQFE0BhYjBjMmI2M2ZkNzc3YTlkN2QwYWMzZDY5ZTU1MGQ1YmZk NzZhYTljMjAwZDhhZWRkZjEyYTYyZDJkMWNlOWJmMS0wKwYDVQQDEyQ4Y2Q4NDQy Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCcnc/dtSiZC6Kvxy2PevekuIGPX4EtZFLUJe+XYnWGN8af okdKZLpcCwjiAEg1lXKIT55xdIy4qQoHtL5h2BNCNGfA1vRrIVZrESypouMV4WWc JJBzgqQQxt2joJRnWMcMR3eosnW4DpvyU3AhbQy/AzFW59gQWZL3Xlhje7MM6ydO JMMEPlkhDYx093nc7Rrma8S0qNkywWFLzVZQzwB1NWe6cDjBBzhu6id2FebhQroV p8r9w66E8MAsMYOLViPJBYvv/UnIr2slTXYzGPVldcNNW+c6KkxTpZslsKRR6mX5 asMtbkKHG13Bfvr628t1Gd9UdPl6iEgHhkQO+DE/AgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUKgfHQs4Zz2lFiQTDmUgYu1WKfyowHwYDVR0jBBgwFoAUasw+faLnbZkR D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00 NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1 Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx MTI5ODY2MzYyL2RjODIyYzAxLTE3MTctNGU0NS1hNWE4LTNhNWRjOTE2Yzc2ZC5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4 LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAAjYAswDQYJKoZIhvcNAQELBQADggEBABmr4C9VuUSGcryAqBiy9ZO562QT ZFYkyYgYcrl3UJjGBCZxiLFxN3Z9MwtVTSZfiWmJVmVCoZZrlxKn86QA9B9/FI61 45BbYqGtRi2xC02frf1IFErQRm3PBLG11mBHDN2cUaXrnipQM1tIsQV6hbi9+0sX tjQK8uVRpwE4TBVM0S881gyGDlNiUsOrCobib8KFPDfv/Ri64y6+6C078i+Hs254 xVaz2YsPPIODCkcOC+PIF6lvpjQLpgxk+cnH1F9bGQTK8peMwYsPZ7Ny6iCc4cNE aw1xJlwiuh+EOMhWG74GtWJN/9Pd40vtb7T7IBH5tGL38YsKLfa4ZIVuUuc= -----END CERTIFICATE-----Generated at Mon Oct 20 10:17:19 2025 by rpki-client