$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2db5e928-de62-49bc-a803-dc9b3ce29b28.roa File: 2db5e928-de62-49bc-a803-dc9b3ce29b28.roa (raw, json) Hash identifier: Z9NCi+n7JQAMzK3NuqJ25/0302p2LqR4/QxYGVzDgJg= Subject key identifier: 00:40:9E:D5:F9:C5:FC:1C:02:D5:2C:51:F8:36:6D:32:EF:8D:A8:42 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 4D345644BEEE926B7B999B237DB5FD2699F88BD6 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2db5e928-de62-49bc-a803-dc9b3ce29b28.roa Signing time: Fri 01 Aug 2025 16:41:23 +0000 ROA not before: Fri 01 Aug 2025 16:41:23 +0000 ROA not after: Fri 05 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:1f38:60c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 10 Aug 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:34:56:44:be:ee:92:6b:7b:99:9b:23:7d:b5:fd:26:99:f8:8b:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Aug 1 16:41:23 2025 GMT Not After : Sep 5 23:59:59 2025 GMT Subject: serialNumber=fde030490a4768502419b2068f74b2bec5d2f7950138a8c88d0e140dd1a02c4a, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:71:5d:a1:12:64:7a:07:fa:3d:0f:ec:72:2b: 18:90:dd:52:2c:a7:d3:04:65:b5:f8:ee:cc:01:96: c8:2e:e0:50:7b:1d:63:d1:c8:f9:0a:3e:2d:7f:b3: 6c:ea:68:92:c7:9c:72:aa:a6:65:4a:52:76:0b:86: 7f:9d:01:c0:4a:d3:6f:bf:44:27:88:72:df:f6:42: f5:b8:6c:7e:5e:0c:eb:b8:13:3b:c5:4b:50:00:db: fa:90:da:f2:72:a1:22:74:98:27:11:24:05:81:3e: d7:ca:db:07:d8:70:cf:98:d7:22:bd:67:b7:b6:20: 26:09:22:da:2f:9e:a3:21:c2:1c:8a:d6:ee:ae:4f: e1:49:b4:2f:c7:32:f7:60:66:43:03:6c:b7:85:01: ef:13:e2:46:d3:b2:b2:67:94:32:ee:62:43:24:6b: 22:ca:73:55:ca:aa:af:10:1d:a8:b3:16:3c:ea:c4: 87:6e:8a:3a:b6:60:90:00:e7:4f:75:e9:cb:0b:a0: 60:da:24:1b:18:c8:5e:58:95:6f:0c:0c:74:2e:bf: 82:32:28:45:71:fa:3a:96:ce:05:59:36:4f:18:6b: a6:b0:a2:cc:f5:32:12:f4:68:10:1e:d7:98:1c:ba: f3:51:44:63:41:b0:9d:a8:01:61:85:46:9e:bb:c6: d6:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:40:9E:D5:F9:C5:FC:1C:02:D5:2C:51:F8:36:6D:32:EF:8D:A8:42 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2db5e928-de62-49bc-a803-dc9b3ce29b28.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:1f38:60c0::/48 Signature Algorithm: sha256WithRSAEncryption cd:04:f9:bd:c9:b6:b8:c2:74:13:da:14:db:38:c0:d0:7f:ec: 2e:fb:2c:10:47:f0:f5:37:fb:dc:28:5a:a0:94:ef:3d:7e:d0: 72:f8:54:37:77:67:40:10:af:b2:2a:60:e0:eb:b5:f3:90:e7: ea:bd:f9:d2:d7:26:b2:9a:9a:e0:c2:ab:be:24:40:3e:d9:9e: 58:82:93:57:2e:a3:ab:2b:f5:e9:2e:94:a5:fc:85:d6:dc:4f: 87:a3:65:87:83:73:5c:ba:28:ce:d4:7b:3a:41:7d:51:61:1b: 98:35:7a:54:31:49:ad:33:94:51:b2:4d:c7:67:76:01:e3:30: a9:1f:ab:12:03:4a:6d:f1:15:70:ee:fd:48:7f:58:54:4c:57: 0f:74:d3:91:5d:9b:d2:2f:7e:ca:05:af:64:fe:c7:c3:95:cd: fa:2b:cc:08:e1:09:da:f6:05:a2:74:23:87:7b:81:ef:c6:4f: 7d:bc:45:13:0d:4c:60:02:47:f9:21:af:84:e5:c3:3a:ff:9f: 18:90:37:3d:6f:d4:d4:82:df:43:2f:96:2d:01:60:ec:30:e1: a5:e5:9e:94:c0:72:f1:45:27:2a:58:98:04:dc:7d:9a:24:83: 33:a1:9b:bb:a7:32:a6:34:69:b4:eb:00:80:c7:42:9f:12:3e: a3:e1:9e:b5 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUTTRWRL7ukmt7mZsjfbX9Jpn4i9YwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODAxMTY0MTIzWhcNMjUwOTA1MjM1OTU5 WjB6MUkwRwYDVQQFE0BmZGUwMzA0OTBhNDc2ODUwMjQxOWIyMDY4Zjc0YjJiZWM1 ZDJmNzk1MDEzOGE4Yzg4ZDBlMTQwZGQxYTAyYzRhMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCOcV2hEmR6B/o9D+xyKxiQ3VIsp9MEZbX47swBlsgu4FB7 HWPRyPkKPi1/s2zqaJLHnHKqpmVKUnYLhn+dAcBK02+/RCeIct/2QvW4bH5eDOu4 EzvFS1AA2/qQ2vJyoSJ0mCcRJAWBPtfK2wfYcM+Y1yK9Z7e2ICYJItovnqMhwhyK 1u6uT+FJtC/HMvdgZkMDbLeFAe8T4kbTsrJnlDLuYkMkayLKc1XKqq8QHaizFjzq xIduijq2YJAA50916csLoGDaJBsYyF5YlW8MDHQuv4IyKEVx+jqWzgVZNk8Ya6aw osz1MhL0aBAe15gcuvNRRGNBsJ2oAWGFRp67xtbdAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUAECe1fnF/BwC1SxR+DZtMu+NqEIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzJkYjVlOTI4LWRlNjItNDliYy1hODAzLWRjOWIzY2UyOWIyOC5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwAmAB84YMAwDQYJKoZIhvcNAQELBQADggEBAM0E+b3JtrjCdBPaFNs4wNB/ 7C77LBBH8PU3+9woWqCU7z1+0HL4VDd3Z0AQr7IqYODrtfOQ5+q9+dLXJrKamuDC q74kQD7ZnliCk1cuo6sr9ekulKX8hdbcT4ejZYeDc1y6KM7UezpBfVFhG5g1elQx Sa0zlFGyTcdndgHjMKkfqxIDSm3xFXDu/Uh/WFRMVw9005Fdm9IvfsoFr2T+x8OV zforzAjhCdr2BaJ0I4d7ge/GT328RRMNTGACR/khr4Tlwzr/nxiQNz1v1NSC30Mv li0BYOww4aXlnpTAcvFFJypYmATcfZokgzOhm7unMqY0abTrAIDHQp8SPqPhnrU= -----END CERTIFICATE-----Generated at Sat Aug 9 15:09:49 2025 by rpki-client