$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cafba1e8-cd39-40c6-9b3a-6e52504dfabd.roa File: cafba1e8-cd39-40c6-9b3a-6e52504dfabd.roa (raw, json) Hash identifier: P47r4CEulcE3TnBcugJ9FFGZppOotod3wFbXkFFBwWw= Subject key identifier: D2:E9:34:DA:27:51:EA:79:7E:4C:1B:95:91:0A:07:0F:8C:10:5F:9B Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 4F07F86C2B7041908CDF17C7C168F0E5F68F9D58 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cafba1e8-cd39-40c6-9b3a-6e52504dfabd.roa Signing time: Sat 19 Jul 2025 00:50:26 +0000 ROA not before: Sat 19 Jul 2025 00:50:26 +0000 ROA not after: Sat 23 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 99.87.0.0/17 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 07 Aug 2025 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:07:f8:6c:2b:70:41:90:8c:df:17:c7:c1:68:f0:e5:f6:8f:9d:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Jul 19 00:50:26 2025 GMT Not After : Aug 23 23:59:59 2025 GMT Subject: serialNumber=0ad9441dbc50efaef507c29a2047cd2a9636569f32af9b54720ef1631fd0923a, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:60:0b:ce:2a:61:3d:8c:66:ff:07:bf:d4:89: 11:87:44:df:3f:45:5b:e5:f9:00:a8:bc:8c:16:2a: 9f:0c:2d:43:46:bb:e4:a4:5c:bd:24:22:72:5a:84: 18:cb:ec:e7:1f:fc:cb:24:cd:e1:18:cd:d1:d4:e6: 9f:0b:08:14:89:0a:64:08:a3:59:09:eb:1a:1c:93: 02:11:a9:88:9a:29:b7:cc:bf:8b:6d:72:6b:c2:55: a2:b1:4b:d2:57:83:49:cb:ad:02:8d:42:27:e5:1f: 7e:09:20:03:9d:3c:23:32:97:4b:22:e3:7d:f9:d7: ff:43:e6:79:04:f3:cc:1d:1e:5f:d3:19:16:fd:72: 2d:16:64:6d:44:ce:fd:03:eb:bd:88:71:14:d9:d3: 10:aa:8a:b4:d9:a3:6d:2b:11:b8:55:8e:85:e1:bb: 5e:90:cb:f7:a6:05:a6:47:de:7d:27:a1:fd:fb:98: 57:16:13:9a:fd:bc:e5:51:ff:58:ca:bf:1b:a3:66: fe:25:8f:ef:c2:d5:e8:38:7c:c0:07:f3:e3:3f:6e: b2:25:5b:c2:01:22:a1:1d:05:15:96:57:d9:89:ac: d2:85:77:0d:f3:f3:4c:57:89:1e:3f:ec:3b:ef:0b: 51:f7:dc:0e:ff:10:91:05:60:e7:19:d0:59:a6:68: df:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:E9:34:DA:27:51:EA:79:7E:4C:1B:95:91:0A:07:0F:8C:10:5F:9B X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/cafba1e8-cd39-40c6-9b3a-6e52504dfabd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 99.87.0.0/17 Signature Algorithm: sha256WithRSAEncryption 88:31:54:de:49:8b:fe:c6:16:e0:73:74:90:12:89:49:e1:a6: 68:d9:e2:ee:84:f1:8f:c8:d9:dc:d0:87:92:80:de:9e:dc:e8: cf:48:47:be:90:ab:b0:29:cb:fa:11:1d:13:cf:68:49:57:d7: f4:10:88:c9:6c:66:cb:5f:a1:3a:b9:56:72:af:0d:1b:f0:f0: 03:6e:ba:eb:a1:72:d8:f2:1c:53:ab:2a:ee:8d:55:75:f3:a5: 84:91:b1:ec:8c:03:15:dc:84:35:7e:e9:ca:7c:1d:19:8e:c4: cd:57:53:36:7e:9b:f0:db:9e:a0:46:8c:77:86:29:aa:f3:2a: 56:ce:b8:5e:2c:21:f4:3a:56:24:82:f9:7c:e1:d4:c1:2d:31: 2b:b1:2f:4e:6d:52:90:73:69:20:50:14:83:77:e8:a5:dc:eb: 7f:8a:e8:e8:8d:7e:79:83:91:b0:6f:ae:82:de:06:9e:7d:ad: 73:40:25:f3:c6:5c:fa:14:55:82:16:7f:53:98:8c:98:e2:0f: 4d:91:64:fd:57:49:76:6e:ff:ef:6c:d2:6d:35:45:83:a0:e6: b5:0c:23:ed:f6:73:78:a3:d3:46:f6:5f:44:eb:c2:b5:85:35: 53:58:ca:d4:c6:03:8f:39:d2:3a:cc:d5:cc:d0:0d:63:0f:8c: f3:a6:ac:4e -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUTwf4bCtwQZCM3xfHwWjw5faPnVgwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE5MDA1MDI2WhcNMjUwODIzMjM1OTU5 WjB6MUkwRwYDVQQFE0AwYWQ5NDQxZGJjNTBlZmFlZjUwN2MyOWEyMDQ3Y2QyYTk2 MzY1NjlmMzJhZjliNTQ3MjBlZjE2MzFmZDA5MjNhMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCqYAvOKmE9jGb/B7/UiRGHRN8/RVvl+QCovIwWKp8MLUNG u+SkXL0kInJahBjL7Ocf/MskzeEYzdHU5p8LCBSJCmQIo1kJ6xockwIRqYiaKbfM v4ttcmvCVaKxS9JXg0nLrQKNQiflH34JIAOdPCMyl0si43351/9D5nkE88wdHl/T GRb9ci0WZG1Ezv0D672IcRTZ0xCqirTZo20rEbhVjoXhu16Qy/emBaZH3n0nof37 mFcWE5r9vOVR/1jKvxujZv4lj+/C1eg4fMAH8+M/brIlW8IBIqEdBRWWV9mJrNKF dw3z80xXiR4/7DvvC1H33A7/EJEFYOcZ0FmmaN+nAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQU0uk02idR6nl+TBuVkQoHD4wQX5swHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyL2NhZmJhMWU4LWNkMzktNDBjNi05YjNhLTZlNTI1MDRkZmFiZC5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAdjVwAwDQYJKoZIhvcNAQELBQADggEBAIgxVN5Ji/7GFuBzdJASiUnhpmjZ 4u6E8Y/I2dzQh5KA3p7c6M9IR76Qq7Apy/oRHRPPaElX1/QQiMlsZstfoTq5VnKv DRvw8ANuuuuhctjyHFOrKu6NVXXzpYSRseyMAxXchDV+6cp8HRmOxM1XUzZ+m/Db nqBGjHeGKarzKlbOuF4sIfQ6ViSC+Xzh1MEtMSuxL05tUpBzaSBQFIN36KXc63+K 6OiNfnmDkbBvroLeBp59rXNAJfPGXPoUVYIWf1OYjJjiD02RZP1XSXZu/+9s0m01 RYOg5rUMI+32c3ij00b2X0TrwrWFNVNYytTGA4850jrM1czQDWMPjPOmrE4= -----END CERTIFICATE-----Generated at Tue Aug 5 17:08:23 2025 by rpki-client