$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/aa31a4a0-7b77-4f56-8f89-01525b506129/c1337ef0-f7e6-384f-a349-52b7ab3af9de.roa File: c1337ef0-f7e6-384f-a349-52b7ab3af9de.roa (raw, json) Hash identifier: I+CQSsU3P880CBvS3h2GWeCCCjwf21UFjcPf2klhcDY= Subject key identifier: 56:63:2D:11:35:68:12:91:0E:D9:BF:3B:25:A6:ED:67:33:AB:8C:D5 Certificate issuer: /CN=aa31a4a0-7b77-4f56-8f89-01525b506129 Certificate serial: 010D0C9F4328584B821CD7DD8A2A39AF8F12EA40 Authority key identifier: 58:89:4D:59:3D:A0:9D:73:D6:96:20:6E:85:EB:9B:B1:BA:9B:66:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/aa31a4a0-7b77-4f56-8f89-01525b506129.cer Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/aa31a4a0-7b77-4f56-8f89-01525b506129/c1337ef0-f7e6-384f-a349-52b7ab3af9de.roa Signing time: Mon 13 Oct 2025 13:00:36 +0000 ROA not before: Mon 13 Oct 2025 13:00:36 +0000 ROA not after: Sun 11 Jan 2026 14:00:36 +0000 asID: 46687 IP address blocks: 24.213.96.0/20 maxlen: 24 Validation: OK Signature path: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/aa31a4a0-7b77-4f56-8f89-01525b506129/aa31a4a0-7b77-4f56-8f89-01525b506129.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/aa31a4a0-7b77-4f56-8f89-01525b506129/aa31a4a0-7b77-4f56-8f89-01525b506129.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/aa31a4a0-7b77-4f56-8f89-01525b506129.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Tue 21 Oct 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:0d:0c:9f:43:28:58:4b:82:1c:d7:dd:8a:2a:39:af:8f:12:ea:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aa31a4a0-7b77-4f56-8f89-01525b506129 Validity Not Before: Oct 13 13:00:36 2025 GMT Not After : Jan 11 14:00:36 2026 GMT Subject: CN=1af36f2f-59c7-43ec-bc9f-c121d7404eba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:81:66:dd:11:e4:65:1a:b0:55:fc:55:37:2c:20: 46:55:b2:2b:73:06:23:05:68:e6:db:13:cf:99:96: ad:b9:92:d8:52:84:57:5c:42:ce:c1:31:cb:0a:41: 75:73:69:d8:81:60:0e:13:78:ec:e0:90:1c:a0:61: b6:d3:72:ed:cf:cd:28:bb:5c:de:c4:e2:c9:f0:98: f6:0c:67:13:46:b9:32:92:f9:5d:a5:2f:fd:92:08: 5b:35:2c:62:28:4e:31:6b:08:d9:79:c4:e6:76:c5: dd:f8:81:7e:90:3f:12:44:59:4e:4d:71:92:ed:76: b3:aa:e2:08:c6:23:f2:87:c4:a5:f6:e2:17:ae:2d: 6c:c6:7b:ce:2b:0c:4f:ac:fc:bd:a1:23:d6:dd:a2: 7b:14:f3:60:a0:b3:3b:91:51:c8:28:76:11:b7:b9: 94:5c:d1:a2:4e:d5:27:35:14:87:0b:b8:4d:b0:50: ce:24:b8:84:42:07:85:c3:57:ad:f8:8d:c5:b9:4e: c7:8e:09:b8:b0:60:d1:b5:7f:7d:c2:d1:39:45:27: 63:68:86:c2:ef:15:cc:37:36:09:54:b7:99:bb:60: f7:e4:85:e9:a1:bd:7a:bb:8d:d5:76:87:93:88:8c: e5:34:2a:12:15:33:06:b0:37:f7:25:3b:45:be:f3: db:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:63:2D:11:35:68:12:91:0E:D9:BF:3B:25:A6:ED:67:33:AB:8C:D5 Subject Information Access: Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/aa31a4a0-7b77-4f56-8f89-01525b506129/c1337ef0-f7e6-384f-a349-52b7ab3af9de.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/aa31a4a0-7b77-4f56-8f89-01525b506129/aa31a4a0-7b77-4f56-8f89-01525b506129.crl X509v3 Authority Key Identifier: keyid:58:89:4D:59:3D:A0:9D:73:D6:96:20:6E:85:EB:9B:B1:BA:9B:66:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d9d1572f-6cbb-4cf7-b599-e9d0e981d9bf/aa31a4a0-7b77-4f56-8f89-01525b506129.cer sbgp-ipAddrBlock: critical IPv4: 24.213.96.0/20 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.arin.net/resources/rpki/cps.html Signature Algorithm: sha256WithRSAEncryption 6e:38:0f:fa:67:cd:00:a8:bc:d4:bd:c0:77:b0:0e:ff:09:e8: d5:5d:dc:f0:6f:28:30:1e:6c:89:fc:24:70:37:71:a0:33:21: b4:0e:5d:34:98:23:66:c7:5a:2d:ab:72:3d:3f:24:54:57:b2: f7:3d:92:e8:5a:da:7a:3e:35:77:20:bd:fe:a4:c4:54:ca:b0: 7e:e5:a8:20:bf:9d:cd:a3:4d:4a:f7:9d:83:6b:8a:16:b0:39: 26:0b:4c:fe:0b:46:cf:03:4a:08:16:e5:ac:2f:07:15:36:11: 5d:6b:de:21:92:f7:ae:5c:e0:af:26:b0:c8:7c:3b:6a:8f:6e: b6:22:66:2d:1a:5b:7d:59:fe:b4:fb:c4:6b:1b:4c:e7:5b:0b: 88:1f:7e:be:61:de:bb:94:4e:13:00:cd:9e:18:8c:6e:8d:43: 63:08:8b:1f:34:53:d2:d1:a9:79:9d:c8:d9:3c:fe:77:aa:23: 5e:e6:03:c9:9d:64:2c:92:05:ff:97:a2:9f:f5:47:ac:44:74: 5c:ee:1c:c4:05:9e:1d:fb:19:10:32:ef:3e:0b:2a:b4:f3:2c: 9a:2d:27:54:17:ac:4a:ed:03:38:e8:3a:f0:9d:c8:cb:07:82: e9:22:34:a5:2c:0f:cb:ff:bf:f1:75:2c:99:92:bb:ba:60:da: 8a:ff:8c:b1 -----BEGIN CERTIFICATE----- MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEuCHNfdiio5r48S6kAwDQYJKoZIhvcNAQEL BQAwLzEtMCsGA1UEAxMkYWEzMWE0YTAtN2I3Ny00ZjU2LThmODktMDE1MjViNTA2 MTI5MB4XDTI1MTAxMzEzMDAzNloXDTI2MDExMTE0MDAzNlowLzEtMCsGA1UEAxMk MWFmMzZmMmYtNTljNy00M2VjLWJjOWYtYzEyMWQ3NDA0ZWJhMIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWbdEeRlGrBV/FU3LCBGVbIrcwYjBWjm2xPP mZatuZLYUoRXXELOwTHLCkF1c2nYgWAOE3js4JAcoGG203Ltz80ou1zexOLJ8Jj2 DGcTRrkykvldpS/9kghbNSxiKE4xawjZecTmdsXd+IF+kD8SRFlOTXGS7XazquII xiPyh8Sl9uIXri1sxnvOKwxPrPy9oSPW3aJ7FPNgoLM7kVHIKHYRt7mUXNGiTtUn NRSHC7hNsFDOJLiEQgeFw1et+I3FuU7Hjgm4sGDRtX99wtE5RSdjaIbC7xXMNzYJ VLeZu2D35IXpob16u43VdoeTiIzlNCoSFTMGsDf3JTtFvvPbCwIDAQABo4IDVTCC A1EwHQYDVR0OBBYEFFZjLRE1aBKRDtm/OyWm7Wczq4zVMIHlBggrBgEFBQcBCwSB 2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh MjE1N2QzL2Q5ZDE1NzJmLTZjYmItNGNmNy1iNTk5LWU5ZDBlOTgxZDliZi9hYTMx YTRhMC03Yjc3LTRmNTYtOGY4OS0wMTUyNWI1MDYxMjkvYzEzMzdlZjAtZjdlNi0z ODRmLWEzNDktNTJiN2FiM2FmOWRlLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9kOWQxNTcyZi02 Y2JiLTRjZjctYjU5OS1lOWQwZTk4MWQ5YmYvYWEzMWE0YTAtN2I3Ny00ZjU2LThm ODktMDE1MjViNTA2MTI5L2FhMzFhNGEwLTdiNzctNGY1Ni04Zjg5LTAxNTI1YjUw NjEyOS5jcmwwHwYDVR0jBBgwFoAUWIlNWT2gnXPWliBuheubsbqbZj0wDgYDVR0P AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Q5ZDE1NzJmLTZjYmItNGNm Ny1iNTk5LWU5ZDBlOTgxZDliZi9hYTMxYTRhMC03Yjc3LTRmNTYtOGY4OS0wMTUy NWI1MDYxMjkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEGNVgMFQG A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93 d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL BQADggEBAG44D/pnzQCovNS9wHewDv8J6NVd3PBvKDAebIn8JHA3caAzIbQOXTSY I2bHWi2rcj0/JFRXsvc9kuha2no+NXcgvf6kxFTKsH7lqCC/nc2jTUr3nYNrihaw OSYLTP4LRs8DSggW5awvBxU2EV1r3iGS965c4K8msMh8O2qPbrYiZi0aW31Z/rT7 xGsbTOdbC4gffr5h3ruUThMAzZ4YjG6NQ2MIix80U9LRqXmdyNk8/neqI17mA8md ZCySBf+Xop/1R6xEdFzuHMQFnh37GRAy7z4LKrTzLJotJ1QXrErtAzjoOvCdyMsH gukiNKUsD8v/v/F1LJmSu7pg2or/jLE= -----END CERTIFICATE-----Generated at Mon Oct 20 11:05:51 2025 by rpki-client