$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3bae7a09-ca74-4daa-b312-884e14c7c51a.roa File: 3bae7a09-ca74-4daa-b312-884e14c7c51a.roa (raw, json) Hash identifier: l/7or4iFuzoRVOr8dV35DxaF9uyf69h88rPof5Td62M= Subject key identifier: 20:EC:13:CB:4D:DE:40:9B:85:D2:B1:1F:C2:29:E0:C8:A5:AC:46:D6 Certificate issuer: /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476 Certificate serial: 5DB90D1236D5A6799DC1D41E3DC38BCBDBB0E195 Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3bae7a09-ca74-4daa-b312-884e14c7c51a.roa Signing time: Sun 19 Oct 2025 20:13:38 +0000 ROA not before: Sun 19 Oct 2025 20:13:38 +0000 ROA not after: Sun 23 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 18.65.64.0/18 maxlen: 18 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Tue 21 Oct 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:b9:0d:12:36:d5:a6:79:9d:c1:d4:1e:3d:c3:8b:cb:db:b0:e1:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476 Validity Not Before: Oct 19 20:13:38 2025 GMT Not After : Nov 23 23:59:59 2025 GMT Subject: serialNumber=c77e83b06b7c6a6edcfc290df0ed28c7719b5c51ecfca20737e5693c3ab29e40, CN=5f276045-5b9f-45ef-923d-f3fce24a6225 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:21:71:c5:f2:d9:d5:d9:8f:f7:bf:a3:27:3a: ac:98:5d:fb:1b:bb:49:1e:3a:0a:b2:45:cf:1b:df: 51:df:8c:56:45:c1:20:0c:0e:0c:62:74:d9:e3:a0: fc:46:dd:be:02:51:2d:c7:24:4f:ab:a3:b2:f1:2a: 49:e9:b8:52:35:3e:20:07:5e:ae:9e:c6:a3:f8:d7: 7a:b5:8b:0c:c6:29:4c:47:98:50:e4:5e:4f:fe:0c: 96:a6:ee:ef:41:53:66:eb:7f:ab:32:8e:13:f7:94: 20:e1:48:b2:ed:87:11:55:7c:9d:d2:fb:87:a6:34: de:e4:30:45:67:68:96:d4:86:15:34:66:83:0d:6e: 80:31:ca:50:8d:67:3c:de:2f:7e:75:5d:34:ee:2f: f5:05:34:4d:66:90:67:2a:30:1e:f2:48:ba:29:05: 78:40:e6:e9:49:a7:5b:2d:c0:de:85:39:d4:a9:ad: 79:1d:ef:f1:df:0b:23:93:07:b1:4c:1a:73:9d:aa: bf:71:20:e1:ff:96:0b:97:94:51:0b:2a:4c:f5:b7: 7f:ca:b0:e1:b5:7d:ec:a3:e6:62:46:bf:5d:e8:fc: df:c0:22:9b:24:f1:74:af:2d:1d:7c:ca:18:73:8a: db:4d:1f:bf:71:64:8c:77:25:22:24:ea:c5:38:aa: d5:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:EC:13:CB:4D:DE:40:9B:85:D2:B1:1F:C2:29:E0:C8:A5:AC:46:D6 X509v3 Authority Key Identifier: keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/3bae7a09-ca74-4daa-b312-884e14c7c51a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 18.65.64.0/18 Signature Algorithm: sha256WithRSAEncryption af:50:df:17:9d:17:b8:c0:d6:fc:14:57:4d:c2:5b:c9:da:e6: b0:fb:5c:82:21:30:2a:a5:de:24:18:0b:56:0a:20:99:59:fe: eb:33:7a:f8:ee:e8:b1:d9:55:af:26:33:4a:f6:bd:eb:ca:7f: 88:81:45:cd:4d:30:40:5e:d5:87:5d:55:13:18:62:e2:8e:81: 39:31:3e:f2:56:f9:ee:0d:18:62:6a:7f:81:aa:d2:97:e4:b0: 36:81:45:54:42:06:60:8c:8e:03:91:c8:8d:35:bf:16:ad:a9: e8:3d:25:47:45:52:ee:c7:df:3a:c4:aa:66:a9:20:b5:25:8c: af:7e:86:f2:ac:c8:c5:de:ff:78:54:a0:cc:10:b2:07:a0:c5: 98:1c:e1:57:e0:22:f6:ab:29:70:97:bf:df:14:35:84:57:1e: 08:08:28:52:bc:b0:fb:74:b0:ef:2c:41:09:f9:31:ee:d2:e6: 10:93:cf:6b:ac:79:21:bc:6e:bf:7a:6c:75:0c:a2:6c:90:8a: 8c:c4:34:2d:1f:b1:89:4f:3d:03:9f:87:cb:fa:f3:b3:57:38: 93:4c:d6:60:b8:39:20:d8:06:b1:07:a6:e2:0d:82:b5:63:19: 3c:7f:08:0e:ed:c5:9d:9b:17:54:cd:57:be:28:62:ff:73:98: 85:1b:8d:6a -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUXbkNEjbVpnmdwdQePcOLy9uw4ZUwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE5MjAxMzM4WhcNMjUxMTIzMjM1OTU5 WjB6MUkwRwYDVQQFE0BjNzdlODNiMDZiN2M2YTZlZGNmYzI5MGRmMGVkMjhjNzcx OWI1YzUxZWNmY2EyMDczN2U1NjkzYzNhYjI5ZTQwMS0wKwYDVQQDEyQ1ZjI3NjA0 NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQClIXHF8tnV2Y/3v6MnOqyYXfsbu0keOgqyRc8b31HfjFZF wSAMDgxidNnjoPxG3b4CUS3HJE+ro7LxKknpuFI1PiAHXq6exqP413q1iwzGKUxH mFDkXk/+DJam7u9BU2brf6syjhP3lCDhSLLthxFVfJ3S+4emNN7kMEVnaJbUhhU0 ZoMNboAxylCNZzzeL351XTTuL/UFNE1mkGcqMB7ySLopBXhA5ulJp1stwN6FOdSp rXkd7/HfCyOTB7FMGnOdqr9xIOH/lguXlFELKkz1t3/KsOG1feyj5mJGv13o/N/A Ipsk8XSvLR18yhhzittNH79xZIx3JSIk6sU4qtXDAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUIOwTy03eQJuF0rEfwingyKWsRtYwHwYDVR0jBBgwFoAUJa3TQrAet6WO rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4 MDkwNGU0MmQyLzNiYWU3YTA5LWNhNzQtNGRhYS1iMzEyLTg4NGUxNGM3YzUxYS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAYSQUAwDQYJKoZIhvcNAQELBQADggEBAK9Q3xedF7jA1vwUV03CW8na5rD7 XIIhMCql3iQYC1YKIJlZ/uszevju6LHZVa8mM0r2vevKf4iBRc1NMEBe1YddVRMY YuKOgTkxPvJW+e4NGGJqf4Gq0pfksDaBRVRCBmCMjgORyI01vxatqeg9JUdFUu7H 3zrEqmapILUljK9+hvKsyMXe/3hUoMwQsgegxZgc4VfgIvarKXCXv98UNYRXHggI KFK8sPt0sO8sQQn5Me7S5hCTz2useSG8br96bHUMomyQiozENC0fsYlPPQOfh8v6 87NXOJNM1mC4OSDYBrEHpuINgrVjGTx/CA7txZ2bF1TNV74oYv9zmIUbjWo= -----END CERTIFICATE-----Generated at Mon Oct 20 09:49:21 2025 by rpki-client