$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/3562da89-c8ff-4159-8f92-365721d94405.roa File: 3562da89-c8ff-4159-8f92-365721d94405.roa (raw, json) Hash identifier: 9cjKetjgDFrlszzx/I+YcSk/6rMY6c7TMCEdTeiEM7M= Subject key identifier: 1D:0A:7D:68:AF:AC:B5:DA:3F:8E:32:2A:24:46:AF:D8:14:46:4E:56 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 1A9C3926A6034A96F696D18B261FBA11DAD3131E Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/3562da89-c8ff-4159-8f92-365721d94405.roa Signing time: Mon 21 Jul 2025 16:40:18 +0000 ROA not before: Mon 21 Jul 2025 16:40:18 +0000 ROA not after: Mon 25 Aug 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2600:f0fb:f030::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Mon 11 Aug 2025 22:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:9c:39:26:a6:03:4a:96:f6:96:d1:8b:26:1f:ba:11:da:d3:13:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Jul 21 16:40:18 2025 GMT Not After : Aug 25 23:59:59 2025 GMT Subject: serialNumber=04cfa95eadcb8d0278420f29cd2db13641bb562d6b17af4aee58eb4223dca515, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:20:86:27:28:95:dd:f8:b9:3e:63:aa:c1:14: 36:e3:cd:de:92:b0:f9:c6:2d:94:d6:26:59:f3:a7: 44:c2:b8:85:f6:29:59:23:ce:bb:51:7c:fe:f7:02: 79:93:2a:2d:2d:ad:16:27:1b:8e:b3:46:78:ee:bb: b9:1c:cf:e6:ff:7a:44:e6:8e:be:f1:b7:82:a7:bf: cd:5d:8c:5e:b7:24:eb:f7:c6:68:8a:7f:92:51:05: 1b:e8:70:9c:fe:b2:38:7e:3a:97:ba:08:c1:db:33: 5d:9f:52:ee:41:70:b0:3b:fe:05:85:33:9b:70:4b: a7:6e:b1:6a:22:1c:be:45:9a:c3:49:1b:00:82:30: 8e:3f:f8:dd:0e:79:af:65:2b:5b:ea:4e:14:d4:eb: 7f:f8:5c:ae:3f:1e:de:f0:0e:e8:59:8d:95:09:c0: df:be:5e:62:aa:1e:1d:d8:ee:43:ce:8d:b6:81:8d: 00:62:ff:bd:22:7c:66:c0:6a:2a:0d:f6:ca:24:7f: bd:7c:4e:9b:be:64:54:11:06:43:28:ed:52:e0:c1: 43:61:52:15:35:55:f1:3a:f3:90:0a:99:c7:48:fd: ed:50:0c:ff:ca:dc:a2:c6:55:d5:ff:9a:9e:c4:21: 60:42:c4:db:35:a0:2a:92:09:a2:ec:39:97:9f:3e: 4c:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:0A:7D:68:AF:AC:B5:DA:3F:8E:32:2A:24:46:AF:D8:14:46:4E:56 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/3562da89-c8ff-4159-8f92-365721d94405.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0fb:f030::/44 Signature Algorithm: sha256WithRSAEncryption 4d:ab:ab:21:68:fe:fe:3c:1f:d8:0d:01:71:8c:d8:89:80:87: 6a:3c:4f:0d:5d:d7:9e:30:1d:44:67:90:8e:af:84:62:34:16: d6:06:5d:8b:84:28:ca:3d:de:33:b6:21:e5:b6:70:b8:b2:07: 5b:18:7c:b1:0c:38:e6:44:c8:f5:e2:9f:3e:a9:77:a6:b0:37: d1:a7:6d:95:2c:80:d9:97:0b:01:90:9b:c9:f7:be:c9:45:e4: f1:ce:e7:b5:1c:fd:6f:d5:93:c7:35:9c:98:d4:83:30:15:37: cf:70:66:3d:4b:b6:a8:46:4f:7f:5c:48:18:ab:c4:f8:23:3b: 91:48:9d:88:e6:4c:36:7c:c4:88:b9:c3:59:f1:41:12:b7:d6: d9:48:57:2c:8e:e3:58:7a:1f:af:8d:ba:a9:c9:41:d0:e2:e1: 86:e4:ed:c9:e5:00:fb:1c:bc:cd:dd:a5:a2:f5:e3:f6:c3:69: 2a:aa:d5:60:bc:aa:7d:8f:ba:08:d0:a6:d6:f3:9d:dc:5c:15: 25:b9:90:0a:d1:4f:5c:b0:05:f6:0c:de:7d:5b:f2:c6:b5:c0: fd:6a:eb:d0:13:ab:09:ff:61:bf:9b:1b:35:df:69:69:04:64: 55:98:fb:cb:91:6c:7a:eb:b1:dd:de:f7:4d:0c:a8:5c:4a:c9: f2:2e:f8:5c -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUGpw5JqYDSpb2ltGLJh+6EdrTEx4wDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwNzIxMTY0MDE4WhcNMjUwODI1MjM1OTU5 WjB6MUkwRwYDVQQFE0AwNGNmYTk1ZWFkY2I4ZDAyNzg0MjBmMjljZDJkYjEzNjQx YmI1NjJkNmIxN2FmNGFlZTU4ZWI0MjIzZGNhNTE1MS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDUIIYnKJXd+Lk+Y6rBFDbjzd6SsPnGLZTWJlnzp0TCuIX2 KVkjzrtRfP73AnmTKi0trRYnG46zRnjuu7kcz+b/ekTmjr7xt4Knv81djF63JOv3 xmiKf5JRBRvocJz+sjh+Ope6CMHbM12fUu5BcLA7/gWFM5twS6dusWoiHL5FmsNJ GwCCMI4/+N0Oea9lK1vqThTU63/4XK4/Ht7wDuhZjZUJwN++XmKqHh3Y7kPOjbaB jQBi/70ifGbAaioN9sokf718Tpu+ZFQRBkMo7VLgwUNhUhU1VfE685AKmcdI/e1Q DP/K3KLGVdX/mp7EIWBCxNs1oCqSCaLsOZefPkyTAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUHQp9aK+stdo/jjIqJEav2BRGTlYwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2LzM1NjJkYTg5LWM4ZmYtNDE1OS04ZjkyLTM2NTcyMWQ5NDQwNS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwQmAPD78DAwDQYJKoZIhvcNAQELBQADggEBAE2rqyFo/v48H9gNAXGM2ImA h2o8Tw1d154wHURnkI6vhGI0FtYGXYuEKMo93jO2IeW2cLiyB1sYfLEMOOZEyPXi nz6pd6awN9GnbZUsgNmXCwGQm8n3vslF5PHO57Uc/W/Vk8c1nJjUgzAVN89wZj1L tqhGT39cSBirxPgjO5FInYjmTDZ8xIi5w1nxQRK31tlIVyyO41h6H6+NuqnJQdDi 4Ybk7cnlAPscvM3dpaL14/bDaSqq1WC8qn2PugjQptbzndxcFSW5kArRT1ywBfYM 3n1b8sa1wP1q69ATqwn/Yb+bGzXfaWkEZFWY+8uRbHrrsd3e900MqFxKyfIu+Fw= -----END CERTIFICATE-----Generated at Sat Aug 9 23:14:55 2025 by rpki-client