$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a86ce653-a267-4a99-b0c5-99b2a3c45792.roa File: a86ce653-a267-4a99-b0c5-99b2a3c45792.roa (raw, json) Hash identifier: RelcMKdiQtYN5KEPcvFtLwa74ECqNfoITSaipBO2P8c= Subject key identifier: A4:BF:BF:E2:7B:7C:15:C2:3A:36:C1:B8:E4:31:60:5E:86:7E:50:76 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 38F5404CDA8C9F3490380B3CC0A0632679881355 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a86ce653-a267-4a99-b0c5-99b2a3c45792.roa Signing time: Wed 25 Feb 2026 01:00:09 +0000 ROA not before: Wed 25 Feb 2026 01:00:09 +0000 ROA not after: Tue 26 May 2026 23:59:59 +0000 asID: 14618 IP address blocks: 23.21.0.0/19 maxlen: 19 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Tue 03 Mar 2026 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:f5:40:4c:da:8c:9f:34:90:38:0b:3c:c0:a0:63:26:79:88:13:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Feb 25 01:00:09 2026 GMT Not After : May 26 23:59:59 2026 GMT Subject: serialNumber=0c65da1cd818cf81ea54d73363829210d100dd4592da13cca39d848e57379fbb, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:02:6e:af:67:c7:f3:5b:a4:00:00:cf:f3:92: 0d:54:4c:9e:e5:0e:79:ef:31:5d:d6:e8:35:b4:05: 01:d3:df:79:b6:2c:72:ff:c7:58:b5:f0:32:c6:62: e1:25:9e:f6:cb:11:d2:4e:67:5c:86:2d:ac:de:e2: e0:1f:bf:cb:84:09:45:5f:2b:2c:df:51:0a:d3:8d: 78:b6:ce:d2:25:95:35:59:4e:d0:bb:12:85:93:03: e2:04:d2:a9:16:8e:20:28:a3:20:10:e3:41:19:35: 67:cd:80:ec:c5:f2:75:01:7e:bc:86:29:5e:86:57: 14:c9:46:eb:f9:15:cf:f0:92:0d:41:79:18:bb:2c: f5:90:f8:d8:73:ab:33:d7:ed:92:83:b3:8e:ba:06: 46:7e:44:a2:15:d1:46:a7:05:79:ac:37:13:1a:cd: c4:4a:11:bc:97:ba:b8:4c:51:9c:c8:ab:1d:0c:ab: d2:77:ef:4f:fa:e2:c5:cf:de:c1:88:be:65:b9:6d: 35:6b:ef:21:17:69:2d:41:ba:fc:76:15:6c:52:d6: e5:d3:17:d7:af:9a:4d:a7:6a:a0:1b:de:a6:06:f9: fa:8c:ce:a3:92:7d:74:3c:22:ef:15:d6:9b:16:90: 9e:80:da:01:c7:c0:2b:b2:0b:c6:60:a4:4c:cb:86: cd:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:BF:BF:E2:7B:7C:15:C2:3A:36:C1:B8:E4:31:60:5E:86:7E:50:76 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a86ce653-a267-4a99-b0c5-99b2a3c45792.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 23.21.0.0/19 Signature Algorithm: sha256WithRSAEncryption c0:4e:a0:97:ce:25:05:89:7c:5a:0a:b4:a5:cc:be:56:35:44: 08:45:ef:1a:fd:a9:9c:88:b6:cc:59:76:79:9e:07:a2:f6:2e: 89:9d:b0:66:e6:a2:03:b2:a0:c7:d7:a4:c4:8c:89:4a:02:74: 13:ef:d3:66:a1:aa:64:e8:17:a2:bf:9c:dc:fb:d1:07:3e:90: f4:49:ca:d7:a3:d9:87:c7:e0:fe:6f:1c:24:49:07:f2:ea:e4: 12:a4:8f:b4:72:fe:9a:d0:02:81:8a:7d:85:74:30:14:c8:bc: ca:2e:f4:80:c9:0d:dd:cc:fb:7b:00:81:43:62:87:15:7a:ca: 88:bc:69:5f:f3:f6:3c:d5:cf:93:79:df:fc:2a:49:89:2a:1f: 9f:fa:88:a6:27:fb:4b:01:44:c3:d1:39:3c:d2:48:59:eb:9b: 6b:94:ce:21:95:c1:6a:a3:38:8d:d0:3f:ae:5a:74:86:9e:d4: 71:2c:89:d1:18:2c:bc:03:13:64:7f:6a:15:7b:72:51:4a:b0: ef:b4:25:5a:b4:79:74:47:32:e9:4b:04:e8:23:59:f4:7b:59: ba:d3:dd:3d:1a:94:00:cc:41:51:56:61:f8:ad:13:6a:67:09: 90:56:99:4f:2b:ee:16:10:65:26:b0:1b:9c:ec:a8:0f:ed:36: 95:91:3e:d7 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUOPVATNqMnzSQOAs8wKBjJnmIE1UwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwMjI1MDEwMDA5WhcNMjYwNTI2MjM1OTU5 WjB6MUkwRwYDVQQFE0AwYzY1ZGExY2Q4MThjZjgxZWE1NGQ3MzM2MzgyOTIxMGQx MDBkZDQ1OTJkYTEzY2NhMzlkODQ4ZTU3Mzc5ZmJiMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCKAm6vZ8fzW6QAAM/zkg1UTJ7lDnnvMV3W6DW0BQHT33m2 LHL/x1i18DLGYuElnvbLEdJOZ1yGLaze4uAfv8uECUVfKyzfUQrTjXi2ztIllTVZ TtC7EoWTA+IE0qkWjiAooyAQ40EZNWfNgOzF8nUBfryGKV6GVxTJRuv5Fc/wkg1B eRi7LPWQ+NhzqzPX7ZKDs466BkZ+RKIV0UanBXmsNxMazcRKEbyXurhMUZzIqx0M q9J370/64sXP3sGIvmW5bTVr7yEXaS1Buvx2FWxS1uXTF9evmk2naqAb3qYG+fqM zqOSfXQ8Iu8V1psWkJ6A2gHHwCuyC8ZgpEzLhs3DAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUpL+/4nt8FcI6NsG45DFgXoZ+UHYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyL2E4NmNlNjUzLWEyNjctNGE5OS1iMGM1LTk5YjJhM2M0NTc5Mi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAUXFQAwDQYJKoZIhvcNAQELBQADggEBAMBOoJfOJQWJfFoKtKXMvlY1RAhF 7xr9qZyItsxZdnmeB6L2LomdsGbmogOyoMfXpMSMiUoCdBPv02ahqmToF6K/nNz7 0Qc+kPRJytej2YfH4P5vHCRJB/Lq5BKkj7Ry/prQAoGKfYV0MBTIvMou9IDJDd3M +3sAgUNihxV6yoi8aV/z9jzVz5N53/wqSYkqH5/6iKYn+0sBRMPROTzSSFnrm2uU ziGVwWqjOI3QP65adIae1HEsidEYLLwDE2R/ahV7clFKsO+0JVq0eXRHMulLBOgj WfR7WbrT3T0alADMQVFWYfitE2pnCZBWmU8r7hYQZSawG5zsqA/tNpWRPtc= -----END CERTIFICATE-----Generated at Mon Mar 2 00:11:50 2026 by rpki-client