$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/daa8bdf2-31df-4e1e-bcf3-96d6c5800faa/bdaa1236-db49-323d-8634-b5c7b8224fda.roa File: bdaa1236-db49-323d-8634-b5c7b8224fda.roa (raw, json) Hash identifier: 9Jj+EeGMJoetPqB6IShx07b9k+FmouBKOFyDK6h5NMU= Subject key identifier: D3:97:EE:AC:16:39:48:12:26:97:6B:A1:59:25:E3:34:2E:08:80:6D Certificate issuer: /CN=daa8bdf2-31df-4e1e-bcf3-96d6c5800faa Certificate serial: 010D0C9F4328584AF7EBD8E6A5E36E2413A30200 Authority key identifier: C8:21:6A:53:54:33:76:13:DB:FB:F3:B4:60:95:5E:18:1E:6A:D3:C5 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/daa8bdf2-31df-4e1e-bcf3-96d6c5800faa.cer Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/daa8bdf2-31df-4e1e-bcf3-96d6c5800faa/bdaa1236-db49-323d-8634-b5c7b8224fda.roa Signing time: Mon 25 Aug 2025 01:00:33 +0000 ROA not before: Mon 25 Aug 2025 01:00:33 +0000 ROA not after: Sun 23 Nov 2025 02:00:33 +0000 asID: 398210 IP address blocks: 168.220.172.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/daa8bdf2-31df-4e1e-bcf3-96d6c5800faa/daa8bdf2-31df-4e1e-bcf3-96d6c5800faa.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/daa8bdf2-31df-4e1e-bcf3-96d6c5800faa/daa8bdf2-31df-4e1e-bcf3-96d6c5800faa.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/daa8bdf2-31df-4e1e-bcf3-96d6c5800faa.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Tue 21 Oct 2025 13:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:0d:0c:9f:43:28:58:4a:f7:eb:d8:e6:a5:e3:6e:24:13:a3:02:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=daa8bdf2-31df-4e1e-bcf3-96d6c5800faa Validity Not Before: Aug 25 01:00:33 2025 GMT Not After : Nov 23 02:00:33 2025 GMT Subject: CN=93e4f621-93c3-4331-bf47-0b12022b282c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:41:f2:27:df:86:2a:0e:96:9f:0c:6f:fc:46: b0:df:6b:37:a1:df:46:b4:f0:b1:d5:d5:45:23:63: 97:e9:e2:a0:4b:c9:6e:82:19:2d:4d:32:bc:61:fb: 9d:a1:45:00:95:16:c7:d8:0f:31:db:0e:e9:0c:64: 2e:f9:c3:36:0b:fb:59:ec:ef:bb:c0:61:50:09:e9: 10:4f:1e:b9:a6:10:b9:ff:ca:1f:d6:6c:f5:c9:f3: 95:63:ad:6b:c2:f1:1d:da:2f:9d:e4:99:7a:4b:fc: b6:b4:6c:34:ad:16:6d:a4:3d:7f:36:c2:e2:34:33: 97:5b:c2:e1:23:e4:9d:e9:31:ec:0c:a9:78:69:3d: 12:1b:5c:b8:cb:f0:a3:81:44:49:bc:ee:b6:27:fe: 49:d0:89:0c:1a:fc:1c:3d:39:6d:ad:2a:fc:64:be: 52:07:34:62:dc:37:ae:9a:4b:88:f6:bc:4a:b1:e7: d4:3e:77:3c:c0:14:51:64:d0:31:de:8c:73:6e:34: 55:a3:96:c1:d8:8d:81:b0:1c:0a:8b:ef:ad:35:b4: 31:89:10:c0:f0:0d:f6:f5:4b:02:0a:17:57:ef:66: 4e:f1:12:6e:e8:b0:5f:e7:27:19:a0:51:76:90:5c: 63:ed:31:a8:c5:1a:f8:92:08:15:4e:11:55:63:69: 84:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:97:EE:AC:16:39:48:12:26:97:6B:A1:59:25:E3:34:2E:08:80:6D Subject Information Access: Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/daa8bdf2-31df-4e1e-bcf3-96d6c5800faa/bdaa1236-db49-323d-8634-b5c7b8224fda.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/daa8bdf2-31df-4e1e-bcf3-96d6c5800faa/daa8bdf2-31df-4e1e-bcf3-96d6c5800faa.crl X509v3 Authority Key Identifier: keyid:C8:21:6A:53:54:33:76:13:DB:FB:F3:B4:60:95:5E:18:1E:6A:D3:C5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/daa8bdf2-31df-4e1e-bcf3-96d6c5800faa.cer sbgp-ipAddrBlock: critical IPv4: 168.220.172.0/23 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.arin.net/resources/rpki/cps.html Signature Algorithm: sha256WithRSAEncryption 74:af:9e:80:0d:67:35:31:1f:3b:f9:e5:16:57:ed:8f:e6:f3: 38:a8:e6:e0:34:e6:21:b4:1e:1e:61:11:1d:d7:f0:07:9d:18: f9:6e:27:73:c4:25:6d:71:43:38:11:03:56:a3:5c:96:e4:66: 54:67:a5:5e:91:65:5e:a0:91:94:45:82:9e:6f:81:b2:d2:b7: c9:46:3f:47:ab:69:c7:e9:85:36:ae:49:30:d3:54:5f:a0:05: dd:13:75:70:a4:b4:3a:31:a5:0e:84:45:d7:fa:c8:05:e8:c5: 80:a8:fa:a3:9b:4c:22:f6:cc:1d:76:7f:12:89:20:ea:a3:bc: 90:a8:67:73:68:ea:8d:41:48:0d:02:95:e2:a0:49:98:2c:9d: bd:2e:40:79:3c:46:a4:cc:7f:4e:a0:da:91:0d:33:8f:f5:f7: 73:07:9d:cf:48:f0:7a:89:b4:fd:bb:59:09:26:a3:93:25:6b: 49:9c:14:f9:07:57:2a:5c:4a:0b:5e:09:87:4f:f4:7d:c1:41: 60:e6:07:69:76:53:ad:63:c1:de:e9:56:4b:30:15:95:13:b6: 11:3d:0e:e3:96:3c:75:5b:de:a1:59:eb:1a:d2:15:d8:ce:13: 0b:88:5d:d1:9a:e6:bf:20:4f:94:d6:8e:e2:63:0b:d2:39:49: 91:7a:66:fc -----BEGIN CERTIFICATE----- MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEr369jmpeNuJBOjAgAwDQYJKoZIhvcNAQEL BQAwLzEtMCsGA1UEAxMkZGFhOGJkZjItMzFkZi00ZTFlLWJjZjMtOTZkNmM1ODAw ZmFhMB4XDTI1MDgyNTAxMDAzM1oXDTI1MTEyMzAyMDAzM1owLzEtMCsGA1UEAxMk OTNlNGY2MjEtOTNjMy00MzMxLWJmNDctMGIxMjAyMmIyODJjMIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikHyJ9+GKg6Wnwxv/Eaw32s3od9GtPCx1dVF I2OX6eKgS8lughktTTK8YfudoUUAlRbH2A8x2w7pDGQu+cM2C/tZ7O+7wGFQCekQ Tx65phC5/8of1mz1yfOVY61rwvEd2i+d5Jl6S/y2tGw0rRZtpD1/NsLiNDOXW8Lh I+Sd6THsDKl4aT0SG1y4y/CjgURJvO62J/5J0IkMGvwcPTltrSr8ZL5SBzRi3Deu mkuI9rxKsefUPnc8wBRRZNAx3oxzbjRVo5bB2I2BsBwKi++tNbQxiRDA8A329UsC ChdX72ZO8RJu6LBf5ycZoFF2kFxj7TGoxRr4kggVThFVY2mE9wIDAQABo4IDVTCC A1EwHQYDVR0OBBYEFNOX7qwWOUgSJpdroVkl4zQuCIBtMIHlBggrBgEFBQcBCwSB 2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy9kYWE4 YmRmMi0zMWRmLTRlMWUtYmNmMy05NmQ2YzU4MDBmYWEvYmRhYTEyMzYtZGI0OS0z MjNkLTg2MzQtYjVjN2I4MjI0ZmRhLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05 NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvZGFhOGJkZjItMzFkZi00ZTFlLWJj ZjMtOTZkNmM1ODAwZmFhL2RhYThiZGYyLTMxZGYtNGUxZS1iY2YzLTk2ZDZjNTgw MGZhYS5jcmwwHwYDVR0jBBgwFoAUyCFqU1QzdhPb+/O0YJVeGB5q08UwDgYDVR0P AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk OS1hY2NlLTEzNzIyN2U5NzFhYy9kYWE4YmRmMi0zMWRmLTRlMWUtYmNmMy05NmQ2 YzU4MDBmYWEuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBqNysMFQG A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93 d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL BQADggEBAHSvnoANZzUxHzv55RZX7Y/m8zio5uA05iG0Hh5hER3X8AedGPluJ3PE JW1xQzgRA1ajXJbkZlRnpV6RZV6gkZRFgp5vgbLSt8lGP0eracfphTauSTDTVF+g Bd0TdXCktDoxpQ6ERdf6yAXoxYCo+qObTCL2zB12fxKJIOqjvJCoZ3No6o1BSA0C leKgSZgsnb0uQHk8RqTMf06g2pENM4/193MHnc9I8HqJtP27WQkmo5Mla0mcFPkH VypcSgteCYdP9H3BQWDmB2l2U61jwd7pVkswFZUTthE9DuOWPHVb3qFZ6xrSFdjO EwuIXdGa5r8gT5TWjuJjC9I5SZF6Zvw= -----END CERTIFICATE-----Generated at Mon Oct 20 05:06:09 2025 by rpki-client