$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bcfd0799-77ef-4694-a750-917e80873aaa.roa File: bcfd0799-77ef-4694-a750-917e80873aaa.roa (raw, json) Hash identifier: KbZoPs6r/3V5/65iFj1sGhkBgB5DxUcvzNkKitwIPWI= Subject key identifier: 90:8D:A6:9C:C0:E0:90:EB:64:21:73:2E:4F:C7:9C:BF:19:16:A5:09 Certificate issuer: /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476 Certificate serial: 0E47E1F64BDA438FFB499E39C2E8749C1971BCCB Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bcfd0799-77ef-4694-a750-917e80873aaa.roa Signing time: Thu 16 Oct 2025 15:18:32 +0000 ROA not before: Thu 16 Oct 2025 15:18:32 +0000 ROA not after: Thu 20 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 18.68.154.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Tue 21 Oct 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:47:e1:f6:4b:da:43:8f:fb:49:9e:39:c2:e8:74:9c:19:71:bc:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476 Validity Not Before: Oct 16 15:18:32 2025 GMT Not After : Nov 20 23:59:59 2025 GMT Subject: serialNumber=34919afbb036a31b684ab1faf8bc56c9f7f347696444469c8d760af3318968e0, CN=5f276045-5b9f-45ef-923d-f3fce24a6225 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:8a:bb:83:ed:65:f8:bd:13:4f:55:ba:6c:c8: 30:0c:22:02:1b:bd:20:3f:30:bd:f6:51:0d:0f:6c: a5:8c:56:73:13:48:52:99:82:4e:4f:01:eb:0c:aa: d9:a9:db:fa:21:e0:6b:56:7d:bb:83:71:5b:6c:23: 11:14:cc:a3:40:04:23:ba:c8:3a:28:d0:17:72:e4: e8:71:c7:e5:52:82:e0:27:bf:be:1c:c8:59:ca:4f: ec:0d:8d:22:6a:de:31:20:e5:7f:5c:e7:57:b1:9b: c1:7e:5c:fe:a8:6b:b0:51:9e:e1:f1:d5:0a:d5:ff: fe:64:b4:53:f1:ba:ee:8c:86:a8:c4:d5:e4:48:8e: 02:26:d2:1f:f7:83:93:66:d4:f8:cb:01:45:cf:15: 70:0e:b5:7c:63:1d:f3:89:31:13:19:69:64:40:23: 30:cd:1a:23:e2:81:15:2b:94:cd:0e:b6:d1:b9:df: 4f:80:cd:0c:30:ae:a2:d6:eb:00:c0:ff:9d:58:cf: 00:e5:dd:28:a7:fc:e8:1e:c7:53:60:94:e0:c3:b6: 27:32:1f:85:69:92:ae:5d:34:d0:cf:2b:b6:c3:6c: 09:80:97:18:74:f1:54:4b:e4:bc:b4:ee:df:78:6a: 0a:f6:79:37:df:2c:97:5d:a3:0f:14:46:4f:25:86: 5f:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:8D:A6:9C:C0:E0:90:EB:64:21:73:2E:4F:C7:9C:BF:19:16:A5:09 X509v3 Authority Key Identifier: keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/bcfd0799-77ef-4694-a750-917e80873aaa.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 18.68.154.0/24 Signature Algorithm: sha256WithRSAEncryption 3c:31:7d:5b:13:f0:b8:af:12:ff:00:f9:76:4b:e8:ef:aa:15: 7e:05:db:54:fa:4d:6d:6f:30:9d:8a:7f:ad:77:12:84:cc:4a: 99:5b:98:bd:4c:ef:77:f5:c6:d6:e7:4b:23:98:3c:08:bf:cc: be:62:ea:d9:c8:a0:89:c0:45:4a:3f:5f:15:cc:c0:75:0a:06: 8b:1f:5f:8d:2d:29:d4:b3:77:1b:ea:35:82:02:d3:15:17:99: a9:46:94:78:6a:88:01:d8:f3:15:45:24:5d:f2:3f:b1:ae:8a: c2:8c:73:97:da:f4:91:b4:6c:64:68:11:d0:4c:65:68:e5:3e: 4c:cc:ee:3c:e5:8c:2a:4c:9d:5c:d1:94:2e:31:8d:54:e8:df: 0b:24:29:9a:ac:98:d9:d7:45:2c:d5:f2:6c:90:5e:37:fd:0f: 2a:c9:03:a0:ff:2e:6a:bc:66:e5:4a:19:a5:4c:b4:97:0b:c9: ce:83:97:1d:a5:58:46:4b:05:18:41:16:bc:49:8b:72:7f:42: c8:e3:6e:c2:99:02:dc:a6:3a:76:20:fe:ef:b1:be:5b:48:44: 94:7a:81:d5:70:16:ad:6d:b7:88:ca:cb:86:f4:10:c4:b9:fe: 9a:75:c9:c5:18:cd:84:57:e4:9c:10:8b:2b:73:4f:ce:e7:41: e1:0e:d6:c8 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUDkfh9kvaQ4/7SZ45wuh0nBlxvMswDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDE2MTUxODMyWhcNMjUxMTIwMjM1OTU5 WjB6MUkwRwYDVQQFE0AzNDkxOWFmYmIwMzZhMzFiNjg0YWIxZmFmOGJjNTZjOWY3 ZjM0NzY5NjQ0NDQ2OWM4ZDc2MGFmMzMxODk2OGUwMS0wKwYDVQQDEyQ1ZjI3NjA0 NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDZiruD7WX4vRNPVbpsyDAMIgIbvSA/ML32UQ0PbKWMVnMT SFKZgk5PAesMqtmp2/oh4GtWfbuDcVtsIxEUzKNABCO6yDoo0Bdy5Ohxx+VSguAn v74cyFnKT+wNjSJq3jEg5X9c51exm8F+XP6oa7BRnuHx1QrV//5ktFPxuu6MhqjE 1eRIjgIm0h/3g5Nm1PjLAUXPFXAOtXxjHfOJMRMZaWRAIzDNGiPigRUrlM0OttG5 30+AzQwwrqLW6wDA/51YzwDl3Sin/Ogex1NglODDticyH4Vpkq5dNNDPK7bDbAmA lxh08VRL5Ly07t94agr2eTffLJddow8URk8lhl9zAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUkI2mnMDgkOtkIXMuT8ecvxkWpQkwHwYDVR0jBBgwFoAUJa3TQrAet6WO rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4 MDkwNGU0MmQyL2JjZmQwNzk5LTc3ZWYtNDY5NC1hNzUwLTkxN2U4MDg3M2FhYS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAASRJowDQYJKoZIhvcNAQELBQADggEBADwxfVsT8LivEv8A+XZL6O+qFX4F 21T6TW1vMJ2Kf613EoTMSplbmL1M73f1xtbnSyOYPAi/zL5i6tnIoInARUo/XxXM wHUKBosfX40tKdSzdxvqNYIC0xUXmalGlHhqiAHY8xVFJF3yP7GuisKMc5fa9JG0 bGRoEdBMZWjlPkzM7jzljCpMnVzRlC4xjVTo3wskKZqsmNnXRSzV8myQXjf9DyrJ A6D/Lmq8ZuVKGaVMtJcLyc6Dlx2lWEZLBRhBFrxJi3J/QsjjbsKZAtymOnYg/u+x vltIRJR6gdVwFq1tt4jKy4b0EMS5/pp1ycUYzYRX5JwQiytzT87nQeEO1sg= -----END CERTIFICATE-----Generated at Mon Oct 20 11:11:16 2025 by rpki-client