$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/0668f39a-0950-45e9-b174-8f7a83ff26e9.roa File: 0668f39a-0950-45e9-b174-8f7a83ff26e9.roa (raw, json) Hash identifier: flYIa0wcKoDIgYsdx9ZobmQAPVZy4dQGppZZalyoH/A= Subject key identifier: 95:3C:2B:4F:2B:D3:40:38:45:69:5E:1E:E9:59:8A:8C:6F:55:12:A7 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 4E778A23ED26FC7FFD08A9D729EBB6305C8B5842 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/0668f39a-0950-45e9-b174-8f7a83ff26e9.roa Signing time: Tue 21 Oct 2025 13:00:01 +0000 ROA not before: Tue 21 Oct 2025 13:00:01 +0000 ROA not after: Tue 25 Nov 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2600:f0f0:1000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 06 Nov 2025 13:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:77:8a:23:ed:26:fc:7f:fd:08:a9:d7:29:eb:b6:30:5c:8b:58:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Oct 21 13:00:01 2025 GMT Not After : Nov 25 23:59:59 2025 GMT Subject: serialNumber=368112ac5ee5eecbd7f01e3343a5ff95aad570843616e4806cd9c0bb07d2a694, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:25:38:ff:df:ad:6e:69:f8:c2:5a:a5:db:c2: 31:d2:b0:bc:54:42:00:d9:fc:55:6f:f1:9a:1a:01: 1e:76:73:26:86:12:0c:9a:5c:db:00:2b:6a:f5:7c: ad:b5:8f:e2:03:18:0a:61:40:9e:5b:a4:81:d5:07: d7:f6:3f:46:4c:d5:91:1b:bb:9b:ea:6c:2b:f8:6a: 73:3d:5a:b9:f1:f9:3c:9d:ee:b5:51:82:84:00:cf: 70:01:8e:32:45:e3:f1:a1:11:51:93:a4:37:19:fd: 09:b5:f8:4e:39:05:8e:d2:8f:21:d8:e3:bf:88:0a: c9:21:1c:46:8c:0e:03:1a:90:ac:ae:76:c2:37:11: c7:c2:69:ea:37:c6:4e:b1:9e:b7:5e:2e:1e:8b:ac: 13:db:1e:86:42:f1:7c:b7:ed:a8:30:e7:36:23:cd: af:01:26:62:37:4d:b9:59:2c:c8:4f:13:79:53:6c: cf:6a:b8:9e:a3:a1:31:29:44:c0:77:06:20:b8:18: 79:52:fe:ee:65:bb:08:67:86:d4:be:79:5e:ff:c3: d3:41:53:cd:10:1b:92:f1:03:d3:46:0d:cd:57:46: a1:28:42:70:30:3c:b1:48:73:af:17:7a:06:d8:2a: 96:79:87:dd:3f:c7:c7:5f:aa:c0:b2:b4:68:9f:bc: 32:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:3C:2B:4F:2B:D3:40:38:45:69:5E:1E:E9:59:8A:8C:6F:55:12:A7 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/0668f39a-0950-45e9-b174-8f7a83ff26e9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0f0:1000::/48 Signature Algorithm: sha256WithRSAEncryption 3f:83:29:ba:0d:7e:71:63:78:54:c9:07:5c:0e:ce:69:aa:0b: 9c:5f:51:9c:3d:80:1b:a9:73:37:42:e0:22:63:f0:af:bf:8f: a4:de:49:52:a8:16:d4:89:e8:41:f4:ce:f6:67:25:8a:98:b4: 73:b4:f4:25:1d:99:e8:07:9e:75:4b:3b:4d:83:d1:16:1a:76: 41:72:06:59:3f:57:da:35:9d:f2:2d:10:90:03:61:bd:21:71: f9:fb:df:6f:14:a6:62:ba:1b:61:68:fa:e6:bd:17:af:38:26: b1:ed:fc:89:51:54:34:dc:87:01:18:ad:e2:20:61:49:3f:15: 4e:06:36:60:22:b1:ae:9a:f4:e8:7a:f7:92:6f:49:38:8f:3f: 84:80:2f:7c:ef:5a:86:7d:dd:e4:ce:b2:a0:58:1e:32:0c:41: d4:c4:1e:ab:53:e8:8b:40:7e:2c:31:11:d8:32:de:59:1b:a4: 37:c9:c7:76:7a:a8:3a:e8:e4:6b:66:2a:48:f3:bd:2c:0d:01: 0a:c9:29:4e:8c:94:c7:7e:b7:16:73:1e:72:18:5e:7b:0c:4d: e6:05:12:da:f0:4c:20:3d:1e:de:42:8e:44:07:5e:1c:d7:7f: a8:ad:d9:64:c1:bf:43:fe:f6:d1:01:a3:e4:1a:2b:aa:c8:d5: f5:04:4f:4e -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUTneKI+0m/H/9CKnXKeu2MFyLWEIwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDIxMTMwMDAxWhcNMjUxMTI1MjM1OTU5 WjB6MUkwRwYDVQQFE0AzNjgxMTJhYzVlZTVlZWNiZDdmMDFlMzM0M2E1ZmY5NWFh ZDU3MDg0MzYxNmU0ODA2Y2Q5YzBiYjA3ZDJhNjk0MS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDCJTj/361uafjCWqXbwjHSsLxUQgDZ/FVv8ZoaAR52cyaG EgyaXNsAK2r1fK21j+IDGAphQJ5bpIHVB9f2P0ZM1ZEbu5vqbCv4anM9Wrnx+Tyd 7rVRgoQAz3ABjjJF4/GhEVGTpDcZ/Qm1+E45BY7SjyHY47+ICskhHEaMDgMakKyu dsI3EcfCaeo3xk6xnrdeLh6LrBPbHoZC8Xy37agw5zYjza8BJmI3TblZLMhPE3lT bM9quJ6joTEpRMB3BiC4GHlS/u5luwhnhtS+eV7/w9NBU80QG5LxA9NGDc1XRqEo QnAwPLFIc68XegbYKpZ5h90/x8dfqsCytGifvDKnAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUlTwrTyvTQDhFaV4e6VmKjG9VEqcwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2LzA2NjhmMzlhLTA5NTAtNDVlOS1iMTc0LThmN2E4M2ZmMjZlOS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwAmAPDwEAAwDQYJKoZIhvcNAQELBQADggEBAD+DKboNfnFjeFTJB1wOzmmq C5xfUZw9gBupczdC4CJj8K+/j6TeSVKoFtSJ6EH0zvZnJYqYtHO09CUdmegHnnVL O02D0RYadkFyBlk/V9o1nfItEJADYb0hcfn7328UpmK6G2Fo+ua9F684JrHt/IlR VDTchwEYreIgYUk/FU4GNmAisa6a9Oh695JvSTiPP4SAL3zvWoZ93eTOsqBYHjIM QdTEHqtT6ItAfiwxEdgy3lkbpDfJx3Z6qDro5GtmKkjzvSwNAQrJKU6MlMd+txZz HnIYXnsMTeYFEtrwTCA9Ht5CjkQHXhzXf6it2WTBv0P+9tEBo+QaK6rI1fUET04= -----END CERTIFICATE-----Generated at Wed Nov 5 05:47:15 2025 by rpki-client