$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d20a8802-84c3-4506-9863-f63207e3d2a4.roa File: d20a8802-84c3-4506-9863-f63207e3d2a4.roa (raw, json) Hash identifier: uEB79WlYlwC+uj9am518GtoO07tdNGRwRynnm2s6CNs= Subject key identifier: 3A:D4:20:19:9A:0B:04:04:4D:A7:66:54:BE:DA:8F:9E:6E:7C:B6:9D Certificate issuer: /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476 Certificate serial: 58564C720E832F583D62A414869B8FAF9A7129 Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d20a8802-84c3-4506-9863-f63207e3d2a4.roa Signing time: Thu 25 Sep 2025 18:32:18 +0000 ROA not before: Thu 25 Sep 2025 18:32:18 +0000 ROA not after: Thu 30 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 3.166.141.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Tue 21 Oct 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:56:4c:72:0e:83:2f:58:3d:62:a4:14:86:9b:8f:af:9a:71:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476 Validity Not Before: Sep 25 18:32:18 2025 GMT Not After : Oct 30 23:59:59 2025 GMT Subject: serialNumber=ba610097750191b68804fe49330051032136b1c4247490091870849ca075745b, CN=5f276045-5b9f-45ef-923d-f3fce24a6225 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:e0:45:98:4b:f9:a0:7c:0f:6a:86:31:49:77: 7e:ef:79:3a:b6:6e:c8:27:d1:4e:83:bf:7d:19:42: 0c:12:44:9d:4f:a4:aa:74:e4:6e:f4:03:25:14:04: d0:bb:eb:ed:f4:a9:87:83:f2:21:44:d9:fd:37:32: 64:07:9b:ed:02:1d:2b:3e:92:1a:37:4a:18:6e:0c: a0:87:0a:0f:57:95:a8:1d:4f:54:23:d2:19:bf:07: 1f:ea:66:13:bd:13:fb:d6:be:ff:98:93:f4:d5:2f: 0f:f2:af:3c:d8:34:0e:be:39:d1:88:9a:8d:6d:93: fe:13:9d:91:a2:54:3f:22:f3:f8:65:b2:44:00:2b: 18:8b:7f:d4:d4:18:ef:06:22:e8:ac:d0:14:e9:f5: 76:bb:b9:08:4a:70:44:00:7a:8c:c8:ab:37:eb:e4: f9:32:4e:df:43:00:00:1e:1f:44:a9:80:0a:51:95: 36:38:88:52:47:d7:71:d9:df:e0:26:9d:db:65:8f: 8f:1f:58:04:8c:9d:c4:1f:da:2d:0a:8d:26:89:17: cd:3e:ed:f1:52:7c:fa:07:59:95:37:b4:bc:4d:9a: 02:5a:85:00:f3:b6:48:cb:97:4b:51:82:4a:f9:b3: 4c:be:78:b4:50:fd:52:ee:70:78:aa:36:32:62:9c: 84:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:D4:20:19:9A:0B:04:04:4D:A7:66:54:BE:DA:8F:9E:6E:7C:B6:9D X509v3 Authority Key Identifier: keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/d20a8802-84c3-4506-9863-f63207e3d2a4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 3.166.141.0/24 Signature Algorithm: sha256WithRSAEncryption 30:6a:87:f2:38:2c:d9:6d:5c:b6:5a:b8:7c:cc:b8:ba:6a:a8: 76:66:5b:66:d3:40:07:12:25:0e:7a:8f:aa:22:1d:cc:7e:0e: 83:cb:2e:a1:94:b5:63:8f:6b:e7:c7:93:1f:46:17:92:34:9a: ed:f1:3d:b9:a7:e0:c2:b6:88:32:6c:54:e6:10:05:a4:e4:91: bf:21:7b:69:a3:eb:a4:fd:7d:0a:9d:35:36:e7:e0:65:c4:75: 32:63:e0:dc:0c:52:5e:c8:3f:90:05:22:1e:62:0e:ae:28:26: 05:c6:47:73:78:08:01:ca:83:3e:37:5f:36:c8:4f:84:d6:e2: 60:ac:4d:8d:ea:d3:5d:bb:a3:52:e5:2f:bf:99:e9:ed:e4:55: 33:84:34:83:ea:f4:04:df:50:bd:eb:09:b4:24:c8:8a:a8:25: 21:73:c6:c2:f1:08:55:41:39:d2:11:52:74:ec:50:64:8c:f5: c4:44:69:3d:22:de:8a:4d:22:9a:44:68:61:5f:0a:c3:9d:0c: b1:69:e5:99:c3:71:79:e7:da:64:14:71:6e:df:85:55:3e:e0: 18:17:fb:7c:74:84:33:5b:e9:80:a7:65:28:d9:7f:a0:7f:4c: fa:46:d4:13:9a:bb:c2:81:56:a2:93:a6:c0:c5:a6:32:97:5a: 9b:ae:a8:37 -----BEGIN CERTIFICATE----- MIIF9zCCBN+gAwIBAgITWFZMcg6DL1g9YqQUhpuPr5pxKTANBgkqhkiG9w0BAQsF ADA9MTswOQYDVQQDEzJkZjZmM2IzYTM0YjYzODZkMWEzMmQ4ZjRmYTMxNzhlZjMx ODg3ZDhiNDI4ZGZhYTQ3NjAeFw0yNTA5MjUxODMyMThaFw0yNTEwMzAyMzU5NTla MHoxSTBHBgNVBAUTQGJhNjEwMDk3NzUwMTkxYjY4ODA0ZmU0OTMzMDA1MTAzMjEz NmIxYzQyNDc0OTAwOTE4NzA4NDljYTA3NTc0NWIxLTArBgNVBAMTJDVmMjc2MDQ1 LTViOWYtNDVlZi05MjNkLWYzZmNlMjRhNjIyNTCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBALbgRZhL+aB8D2qGMUl3fu95OrZuyCfRToO/fRlCDBJEnU+k qnTkbvQDJRQE0Lvr7fSph4PyIUTZ/TcyZAeb7QIdKz6SGjdKGG4MoIcKD1eVqB1P VCPSGb8HH+pmE70T+9a+/5iT9NUvD/KvPNg0Dr450YiajW2T/hOdkaJUPyLz+GWy RAArGIt/1NQY7wYi6KzQFOn1dru5CEpwRAB6jMirN+vk+TJO30MAAB4fRKmAClGV NjiIUkfXcdnf4Cad22WPjx9YBIydxB/aLQqNJokXzT7t8VJ8+gdZlTe0vE2aAlqF APO2SMuXS1GCSvmzTL54tFD9Uu5weKo2MmKchHECAwEAAaOCArEwggKtMB0GA1Ud DgQWBBQ61CAZmgsEBE2nZlS+2o+ebny2nTAfBgNVHSMEGDAWgBQlrdNCsB63pY6t GZAmiLVLP4H0uDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzg1MWNlZjE3LTEz MmEtNDMzNy1iN2QxLWJmMTZhNTJmZmQwMy9kZjZmM2IzYTM0YjYzODZkMWEzMmQ4 ZjRmYTMxNzhlZjMxODg3ZDhiNDI4ZGZhYTQ3Ni5jZXIwgZ4GCCsGAQUFBwELBIGR MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9mNzAzNjk2ZS1lNDdiLTRjMjAtYmQ5My02Zjgw OTA0ZTQyZDIvZDIwYTg4MDItODRjMy00NTA2LTk4NjMtZjYzMjA3ZTNkMmE0LnJv YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0 LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMt NmY4MDkwNGU0MmQyL3RqaHRHakxZOVBveGVPOHhpSDJMUW8zNnBIWS5jcmwwGAYD VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAAOmjTANBgkqhkiG9w0BAQsFAAOCAQEAMGqH8jgs2W1ctlq4fMy4umqodmZb ZtNABxIlDnqPqiIdzH4Og8suoZS1Y49r58eTH0YXkjSa7fE9uafgwraIMmxU5hAF pOSRvyF7aaPrpP19Cp01NufgZcR1MmPg3AxSXsg/kAUiHmIOrigmBcZHc3gIAcqD PjdfNshPhNbiYKxNjerTXbujUuUvv5np7eRVM4Q0g+r0BN9QvesJtCTIiqglIXPG wvEIVUE50hFSdOxQZIz1xERpPSLeik0imkRoYV8Kw50MsWnlmcNxeefaZBRxbt+F VT7gGBf7fHSEM1vpgKdlKNl/oH9M+kbUE5q7woFWopOmwMWmMpdam66oNw== -----END CERTIFICATE-----Generated at Mon Oct 20 06:07:25 2025 by rpki-client