$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/68f82465-3271-47de-9d93-ef187f7c125b.roa File: 68f82465-3271-47de-9d93-ef187f7c125b.roa (raw, json) Hash identifier: MNd7VZi8tJKGRswl5zD/pqMbsUEyOcE/gH362BbLwNM= Subject key identifier: DB:2F:E4:00:D2:54:99:5C:02:BA:28:FE:58:14:E7:7F:42:B2:89:2C Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 224B4EB86B1C4656245826BF2C874987D2C71619 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/68f82465-3271-47de-9d93-ef187f7c125b.roa Signing time: Tue 24 Feb 2026 00:20:04 +0000 ROA not before: Tue 24 Feb 2026 00:20:04 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 107.21.0.0/18 maxlen: 18 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Tue 03 Mar 2026 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:4b:4e:b8:6b:1c:46:56:24:58:26:bf:2c:87:49:87:d2:c7:16:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Feb 24 00:20:04 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=b42222f7abdb8269e4f624d10570f93af9e8ca561bf3da00ab7e5e2a9158c814, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:f9:40:e8:7a:a5:82:69:56:26:94:00:95:d1: 06:a3:fe:0c:bc:c6:00:7f:e7:a8:c6:73:5e:38:38: 2c:50:64:e6:b1:29:3b:44:b2:04:42:07:c8:0c:e1: 81:7a:24:0b:6c:60:84:88:b1:89:d6:0d:18:69:92: 9e:60:3b:ab:66:60:6c:76:35:e9:49:6e:6f:37:ba: a7:87:72:53:ac:b5:7f:88:20:6d:2e:8f:42:1e:c3: 57:f3:5c:cb:c2:8c:f1:b3:df:0b:bb:b9:7c:5d:2d: 8d:b3:2b:b4:5e:2b:e9:19:98:af:55:a8:71:9f:ea: 84:73:b0:78:0b:75:6b:b3:9d:31:d5:de:40:52:31: 48:ad:51:55:b2:fb:b9:c3:3b:f3:c9:b6:b9:53:d8: 94:e8:00:ef:88:cc:8d:5f:06:3b:e0:cc:49:49:89: 9c:ba:05:56:70:b7:9e:ca:51:8e:e4:84:02:f6:d9: bf:0c:c7:f3:47:eb:d0:2d:23:32:af:ad:a1:4d:b9: 22:04:f6:6a:2b:bc:61:bb:08:f9:d7:59:9f:ac:47: bc:93:a4:34:48:12:b8:75:8d:43:b8:ce:32:21:5c: 57:f4:8b:e9:7d:50:e4:1f:f0:86:6b:f2:db:fe:0b: 23:26:56:ee:5d:08:5c:62:b3:7b:70:f4:ba:69:8f: 0c:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:2F:E4:00:D2:54:99:5C:02:BA:28:FE:58:14:E7:7F:42:B2:89:2C X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/68f82465-3271-47de-9d93-ef187f7c125b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 107.21.0.0/18 Signature Algorithm: sha256WithRSAEncryption 9a:50:d5:ca:c4:58:f9:db:3f:e7:df:ad:4b:c5:db:d7:fa:d0: 2d:b3:29:a9:9d:2a:0d:14:8e:38:50:91:ec:ef:10:82:8e:b1: 94:4e:33:ec:02:69:e9:e2:0c:cc:e9:4e:4a:99:d6:62:0b:b1: bf:25:45:50:c7:eb:2c:0e:d9:85:bd:51:55:e5:78:97:87:2f: 81:4b:83:49:9a:60:4e:cf:98:dd:2b:89:19:38:3d:d2:23:22: 51:93:aa:8a:46:94:b9:77:62:30:9d:19:28:a0:c9:96:0a:c3: bd:24:b4:3a:c6:ab:cc:b2:a3:6e:6b:c6:d5:2e:1d:9c:e6:ab: 75:7c:ba:a4:9c:c6:40:4d:88:79:fb:05:52:a4:24:7c:7c:08: 59:e4:00:b0:f4:91:ed:a2:91:da:ac:5b:81:43:44:ea:b2:53: 80:f5:0a:71:c8:ec:67:69:f1:72:51:af:c5:c1:a1:d3:0a:b7: f8:03:0d:3a:1f:22:f3:20:a7:2e:f2:42:7f:09:7b:f2:62:0f: f0:44:d8:f4:bd:03:74:c9:ed:2f:7a:25:24:6e:73:79:e4:75: a1:14:72:78:fc:94:6b:95:b1:85:33:01:8c:a5:4e:30:e8:a9: 49:b0:3c:cc:d5:f4:7f:b6:34:a7:e8:f5:d4:3d:68:06:b3:92: a4:42:0d:ad -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUIktOuGscRlYkWCa/LIdJh9LHFhkwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjI0MDAyMDA0WhcNMjYwNTI1MjM1OTU5 WjB6MUkwRwYDVQQFE0BiNDIyMjJmN2FiZGI4MjY5ZTRmNjI0ZDEwNTcwZjkzYWY5 ZThjYTU2MWJmM2RhMDBhYjdlNWUyYTkxNThjODE0MS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDa+UDoeqWCaVYmlACV0Qaj/gy8xgB/56jGc144OCxQZOax KTtEsgRCB8gM4YF6JAtsYISIsYnWDRhpkp5gO6tmYGx2NelJbm83uqeHclOstX+I IG0uj0Iew1fzXMvCjPGz3wu7uXxdLY2zK7ReK+kZmK9VqHGf6oRzsHgLdWuznTHV 3kBSMUitUVWy+7nDO/PJtrlT2JToAO+IzI1fBjvgzElJiZy6BVZwt57KUY7khAL2 2b8Mx/NH69AtIzKvraFNuSIE9morvGG7CPnXWZ+sR7yTpDRIErh1jUO4zjIhXFf0 i+l9UOQf8IZr8tv+CyMmVu5dCFxis3tw9LppjwxRAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQU2y/kANJUmVwCuij+WBTnf0KyiSwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzY4ZjgyNDY1LTMyNzEtNDdkZS05ZDkzLWVmMTg3ZjdjMTI1Yi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAZrFQAwDQYJKoZIhvcNAQELBQADggEBAJpQ1crEWPnbP+ffrUvF29f60C2z KamdKg0UjjhQkezvEIKOsZROM+wCaeniDMzpTkqZ1mILsb8lRVDH6ywO2YW9UVXl eJeHL4FLg0maYE7PmN0riRk4PdIjIlGTqopGlLl3YjCdGSigyZYKw70ktDrGq8yy o25rxtUuHZzmq3V8uqScxkBNiHn7BVKkJHx8CFnkALD0ke2ikdqsW4FDROqyU4D1 CnHI7Gdp8XJRr8XBodMKt/gDDTofIvMgpy7yQn8Je/JiD/BE2PS9A3TJ7S96JSRu c3nkdaEUcnj8lGuVsYUzAYylTjDoqUmwPMzV9H+2NKfo9dQ9aAazkqRCDa0= -----END CERTIFICATE-----Generated at Mon Mar 2 06:35:46 2026 by rpki-client