$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/661f32c0-f8f7-4621-8aaf-7a270e451918.roa File: 661f32c0-f8f7-4621-8aaf-7a270e451918.roa (raw, json) Hash identifier: K2jnqmygF3i0bQaQsxLH+UTgEK33phG+QnikSzpUAUQ= Subject key identifier: CE:A6:B3:3B:5D:D2:44:88:08:1B:88:B6:A9:43:B1:D1:03:B0:7D:C7 Certificate issuer: /CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04 Certificate serial: 10B8B7527BB996A31BD079EBC59BACE498D95244 Authority key identifier: 99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/661f32c0-f8f7-4621-8aaf-7a270e451918.roa Signing time: Tue 05 Aug 2025 15:00:58 +0000 ROA not before: Tue 05 Aug 2025 15:00:58 +0000 ROA not after: Tue 09 Sep 2025 23:59:59 +0000 asID: 8987 IP address blocks: 96.127.9.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/77b56428-9b52-416f-b279-bbae14422de2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 10 Aug 2025 00:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:b8:b7:52:7b:b9:96:a3:1b:d0:79:eb:c5:9b:ac:e4:98:d9:52:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04 Validity Not Before: Aug 5 15:00:58 2025 GMT Not After : Sep 9 23:59:59 2025 GMT Subject: serialNumber=f1eceac6486c07425499de058dbd42d21db83fd9747b55144b8b144b87fb1225, CN=0099a7ea-794a-4a28-b164-49547626eb11 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:b9:e7:ef:55:b9:90:b9:0d:33:b3:4b:f1:f5: 3d:4d:f4:40:57:5c:b6:35:6a:40:a5:2b:75:28:19: a6:78:2e:44:8c:1d:f2:17:af:69:eb:38:5d:a3:3b: ef:30:01:ac:63:be:c8:ca:7f:9f:9f:cf:f7:65:95: 81:0e:a4:54:0c:92:af:e9:59:58:c3:44:97:79:a8: 6e:43:00:d8:f1:f2:b6:e3:99:22:d3:94:a7:e2:df: 43:9e:dc:bc:da:75:b1:f6:f3:6d:7e:8b:19:49:50: 19:94:ba:24:ee:c3:80:cf:5b:c7:27:4a:15:b2:40: e2:db:47:55:73:77:f7:92:75:0f:86:2a:22:f1:2d: 73:28:f1:e1:78:e6:f0:c0:3b:84:83:dc:a7:8f:0c: e2:38:12:b5:85:80:81:5e:9d:d9:7a:84:30:03:64: f7:0d:f2:22:a4:1e:cb:5c:02:4b:17:5a:0e:65:9e: 2e:d3:39:ee:be:94:e6:3e:6c:86:b3:78:76:1c:75: eb:74:ba:36:97:8e:e8:5d:6d:af:b2:29:0a:d8:9e: 5b:3b:d3:04:4a:b4:95:33:03:7c:e2:22:55:20:bc: 33:17:8e:b5:e6:9d:4f:95:3a:99:c8:7e:c6:16:e7: f1:ff:c4:f3:a6:63:24:4c:b6:e9:8e:5c:47:bd:30: b2:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:A6:B3:3B:5D:D2:44:88:08:1B:88:B6:A9:43:B1:D1:03:B0:7D:C7 X509v3 Authority Key Identifier: keyid:99:C3:54:4C:08:C9:94:54:B8:79:95:1E:FF:A4:7A:8F:63:C8:A7:77 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/77b56428-9b52-416f-b279-bbae14422de2/c05676c733fd8ccae5be63b92bddc90b7a5b74e69449c1eb04.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/661f32c0-f8f7-4621-8aaf-7a270e451918.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/42582c67-dd3f-4bc5-ba60-e97e552c6e35/_YzK5b5juSvdyQt6W3TmlEnB6wQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 96.127.9.0/24 Signature Algorithm: sha256WithRSAEncryption 60:06:8c:79:73:be:69:33:25:34:15:25:0c:1c:4f:32:3d:fb: 56:99:36:0e:a1:19:07:7d:e1:68:db:40:6e:a6:a4:21:a4:a0: d7:92:1b:4c:52:1d:a9:63:00:2f:5e:3c:77:b3:34:d7:2b:59: c9:80:3a:77:f3:9e:f4:de:cc:1a:d5:9f:df:19:73:6a:2f:21: 32:49:5d:4a:9c:90:a6:69:68:88:96:99:c3:01:5d:c9:4c:13: b3:08:d6:db:3b:73:83:9d:70:12:1e:4a:e1:74:c3:35:08:6a: 3c:d8:6d:e3:a0:68:1f:53:21:5d:96:08:8b:3a:26:90:8b:31: 85:15:41:e9:a4:d5:6e:ff:70:cd:db:cf:4f:4a:e7:1a:be:b7: 62:1d:87:8a:06:78:ac:5e:aa:dc:82:71:3b:a0:53:4f:30:d4: bf:fb:ea:a0:65:5d:17:49:28:3a:73:70:6a:19:b4:aa:ef:25: 80:ca:17:af:bc:fb:65:b0:a3:6e:15:a4:92:5e:4c:27:8d:42: 25:fc:25:cc:58:3d:04:43:54:5f:9c:b5:96:9e:4d:04:cd:68: c0:30:a9:89:bb:ec:b9:b3:e2:20:4c:aa:57:0f:fd:b7:2b:4d: 56:79:dd:84:bb:fd:41:7e:dd:16:01:37:57:bc:7a:33:5c:81: 04:32:c6:5c -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUELi3Unu5lqMb0HnrxZus5JjZUkQwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYzA1Njc2YzczM2ZkOGNjYWU1YmU2M2I5MmJkZGM5MGI3 YTViNzRlNjk0NDljMWViMDQwHhcNMjUwODA1MTUwMDU4WhcNMjUwOTA5MjM1OTU5 WjB6MUkwRwYDVQQFE0BmMWVjZWFjNjQ4NmMwNzQyNTQ5OWRlMDU4ZGJkNDJkMjFk YjgzZmQ5NzQ3YjU1MTQ0YjhiMTQ0Yjg3ZmIxMjI1MS0wKwYDVQQDEyQwMDk5YTdl YS03OTRhLTRhMjgtYjE2NC00OTU0NzYyNmViMTEwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCauefvVbmQuQ0zs0vx9T1N9EBXXLY1akClK3UoGaZ4LkSM HfIXr2nrOF2jO+8wAaxjvsjKf5+fz/dllYEOpFQMkq/pWVjDRJd5qG5DANjx8rbj mSLTlKfi30Oe3LzadbH2821+ixlJUBmUuiTuw4DPW8cnShWyQOLbR1Vzd/eSdQ+G KiLxLXMo8eF45vDAO4SD3KePDOI4ErWFgIFendl6hDADZPcN8iKkHstcAksXWg5l ni7TOe6+lOY+bIazeHYcdet0ujaXjuhdba+yKQrYnls70wRKtJUzA3ziIlUgvDMX jrXmnU+VOpnIfsYW5/H/xPOmYyRMtumOXEe9MLK7AgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUzqazO13SRIgIG4i2qUOx0QOwfccwHwYDVR0jBBgwFoAUmcNUTAjJlFS4 eZUe/6R6j2PIp3cwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi83N2I1NjQyOC05 YjUyLTQxNmYtYjI3OS1iYmFlMTQ0MjJkZTIvYzA1Njc2YzczM2ZkOGNjYWU1YmU2 M2I5MmJkZGM5MGI3YTViNzRlNjk0NDljMWViMDQuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNDI1ODJjNjctZGQzZi00YmM1LWJhNjAtZTk3 ZTU1MmM2ZTM1LzY2MWYzMmMwLWY4ZjctNDYyMS04YWFmLTdhMjcwZTQ1MTkxOC5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzQyNTgyYzY3LWRkM2YtNGJjNS1iYTYw LWU5N2U1NTJjNmUzNS9fWXpLNWI1anVTdmR5UXQ2VzNUbWxFbkI2d1EuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBABgfwkwDQYJKoZIhvcNAQELBQADggEBAGAGjHlzvmkzJTQVJQwcTzI9+1aZ Ng6hGQd94WjbQG6mpCGkoNeSG0xSHaljAC9ePHezNNcrWcmAOnfznvTezBrVn98Z c2ovITJJXUqckKZpaIiWmcMBXclME7MI1ts7c4OdcBIeSuF0wzUIajzYbeOgaB9T IV2WCIs6JpCLMYUVQemk1W7/cM3bz09K5xq+t2Idh4oGeKxeqtyCcTugU08w1L/7 6qBlXRdJKDpzcGoZtKrvJYDKF6+8+2Wwo24VpJJeTCeNQiX8JcxYPQRDVF+ctZae TQTNaMAwqYm77Lmz4iBMqlcP/bcrTVZ53YS7/UF+3RYBN1e8ejNcgQQyxlw= -----END CERTIFICATE-----Generated at Fri Aug 8 10:22:30 2025 by rpki-client