$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/436af8e8-480b-485b-a232-f1503410322c.roa File: 436af8e8-480b-485b-a232-f1503410322c.roa (raw, json) Hash identifier: fN50LBbAHAzVERauy59nSwfGuurACS6ufEMTyZnWG3U= Subject key identifier: 2C:B0:0D:2D:62:9F:88:C3:3E:D4:8D:A4:05:3E:84:CE:A5:5E:9D:EC Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 49E0775A50EF984AB1BA8BD8E90DD4519C914D3E Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/436af8e8-480b-485b-a232-f1503410322c.roa Signing time: Tue 24 Feb 2026 01:10:09 +0000 ROA not before: Tue 24 Feb 2026 01:10:09 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 107.20.128.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Tue 03 Mar 2026 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:e0:77:5a:50:ef:98:4a:b1:ba:8b:d8:e9:0d:d4:51:9c:91:4d:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Feb 24 01:10:09 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=96d474e297cded935ca9b80a86157bea39541c45b107f91d2199766c5d8d9f79, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:e4:bf:41:1e:5a:b7:f6:37:58:c7:f1:85:95: c6:a2:bd:df:be:2e:4a:bc:af:40:8c:87:aa:9d:a9: 1d:8b:fc:ec:de:1d:71:ad:9c:26:16:ab:1c:1c:de: cc:f4:ff:41:0e:f5:52:52:16:4e:e6:00:d2:a0:f3: 37:b8:b0:c0:a3:ff:6b:36:ab:61:5a:a0:e7:88:47: d5:be:58:04:8a:88:78:90:59:05:fd:ed:46:41:0a: 98:f1:fe:1a:66:3e:83:fb:c1:27:1f:19:b5:05:46: 83:f4:e0:f9:59:68:c4:b8:3a:ee:98:99:ba:69:f6: 17:cc:74:3c:46:b5:1d:ec:8a:ca:e2:47:10:c4:7f: 59:cc:5d:db:03:e2:ec:7f:d6:c4:98:83:47:2f:18: dc:a3:fd:31:b4:f3:02:6e:c4:eb:09:dd:73:cd:89: 13:05:db:25:ec:3f:ae:38:e9:71:02:cf:a3:34:7e: 9b:f3:d3:75:ec:07:3d:f5:8a:08:c2:de:a6:7f:59: 84:21:7d:06:dd:3f:b8:a2:d5:0d:54:8f:b1:81:95: 5a:60:10:bb:ef:5c:6c:47:a7:e9:85:9f:56:14:36: 30:21:75:e9:4f:a2:eb:b8:1d:59:e8:63:12:ee:36: 3e:f2:8d:aa:84:be:e2:86:1c:1a:c6:fd:56:b5:83: 31:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:B0:0D:2D:62:9F:88:C3:3E:D4:8D:A4:05:3E:84:CE:A5:5E:9D:EC X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/436af8e8-480b-485b-a232-f1503410322c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 107.20.128.0/22 Signature Algorithm: sha256WithRSAEncryption 75:92:83:d9:1e:11:17:8f:5c:89:61:1b:2c:20:61:0f:af:56: 39:7c:bc:3b:8d:8f:38:31:46:37:2c:cc:0e:f1:2d:bf:61:a9: 34:8b:c8:93:09:ee:0d:0b:e7:c1:65:f9:bf:7b:a0:81:46:86: 7f:d6:64:09:97:72:ee:14:fd:9c:b1:49:51:91:09:1b:e3:4a: b0:0a:16:08:8d:71:91:01:23:fb:61:b6:58:2c:15:c5:6a:10: 57:98:10:36:0e:a8:38:0f:17:68:78:11:97:5b:55:28:f5:36: 1d:11:10:54:90:5b:8c:e5:86:c0:38:ce:27:9c:83:51:4d:90: 35:da:24:cf:9f:86:7d:9b:da:39:a8:97:6d:29:4f:87:43:e5: db:e3:fb:5c:2c:68:9a:22:e4:19:5b:d2:7b:e1:c6:82:34:05: 1a:50:c1:43:55:9e:6b:f8:34:22:a2:18:75:2b:af:62:89:87: 56:ba:5e:09:a8:15:8f:d1:bb:b5:2b:4a:ec:30:6b:5e:25:a4: 0f:b9:3e:4a:b5:08:f1:81:f8:a0:3d:96:93:22:12:60:4d:85: ed:a5:6b:e4:47:21:85:5c:c6:47:8f:86:3b:35:d3:48:54:53: d6:b6:94:21:69:31:cd:8d:f3:d8:5e:77:12:42:f8:bb:fe:fd: f1:6a:64:79 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUSeB3WlDvmEqxuovY6Q3UUZyRTT4wDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjI0MDExMDA5WhcNMjYwNTI1MjM1OTU5 WjB6MUkwRwYDVQQFE0A5NmQ0NzRlMjk3Y2RlZDkzNWNhOWI4MGE4NjE1N2JlYTM5 NTQxYzQ1YjEwN2Y5MWQyMTk5NzY2YzVkOGQ5Zjc5MS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCd5L9BHlq39jdYx/GFlcaivd++Lkq8r0CMh6qdqR2L/Oze HXGtnCYWqxwc3sz0/0EO9VJSFk7mANKg8ze4sMCj/2s2q2FaoOeIR9W+WASKiHiQ WQX97UZBCpjx/hpmPoP7wScfGbUFRoP04PlZaMS4Ou6Ymbpp9hfMdDxGtR3sisri RxDEf1nMXdsD4ux/1sSYg0cvGNyj/TG08wJuxOsJ3XPNiRMF2yXsP6446XECz6M0 fpvz03XsBz31igjC3qZ/WYQhfQbdP7ii1Q1Uj7GBlVpgELvvXGxHp+mFn1YUNjAh delPouu4HVnoYxLuNj7yjaqEvuKGHBrG/Va1gzFbAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQULLANLWKfiMM+1I2kBT6EzqVenewwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzQzNmFmOGU4LTQ4MGItNDg1Yi1hMjMyLWYxNTAzNDEwMzIyYy5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAJrFIAwDQYJKoZIhvcNAQELBQADggEBAHWSg9keERePXIlhGywgYQ+vVjl8 vDuNjzgxRjcszA7xLb9hqTSLyJMJ7g0L58Fl+b97oIFGhn/WZAmXcu4U/ZyxSVGR CRvjSrAKFgiNcZEBI/thtlgsFcVqEFeYEDYOqDgPF2h4EZdbVSj1Nh0REFSQW4zl hsA4ziecg1FNkDXaJM+fhn2b2jmol20pT4dD5dvj+1wsaJoi5Blb0nvhxoI0BRpQ wUNVnmv4NCKiGHUrr2KJh1a6XgmoFY/Ru7UrSuwwa14lpA+5Pkq1CPGB+KA9lpMi EmBNhe2la+RHIYVcxkePhjs100hUU9a2lCFpMc2N89hedxJC+Lv+/fFqZHk= -----END CERTIFICATE-----Generated at Sun Mar 1 22:41:09 2026 by rpki-client