$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/475cc5b7-0cb2-405e-b609-203b983a6087.roa File: 475cc5b7-0cb2-405e-b609-203b983a6087.roa (raw, json) Hash identifier: Ymm7MI98wVQGTGYepRcLs/viJoZ2sMv+BfYL7qh3xF4= Subject key identifier: DC:0A:AB:96:FC:6D:05:0E:A7:C0:93:1E:8D:29:81:BB:95:6C:36:72 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 392BE70AD5BC5602CA1969BD3C6334DA536D5C4C Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/475cc5b7-0cb2-405e-b609-203b983a6087.roa Signing time: Tue 21 Oct 2025 13:00:29 +0000 ROA not before: Tue 21 Oct 2025 13:00:29 +0000 ROA not after: Tue 25 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:f0fb:ed00::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 06 Nov 2025 13:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:2b:e7:0a:d5:bc:56:02:ca:19:69:bd:3c:63:34:da:53:6d:5c:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Oct 21 13:00:29 2025 GMT Not After : Nov 25 23:59:59 2025 GMT Subject: serialNumber=7759250c373675b7d356cf151749a47346c1b7ac575a9fc29af15bec97cea5e1, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:b4:ab:68:06:13:69:97:99:93:53:0b:8a:38: d4:8f:83:6d:1d:3e:32:02:00:aa:34:08:52:d5:30: 3c:f4:bf:dc:3c:2b:42:83:3c:57:e7:10:24:46:83: 38:94:4d:dc:d9:6c:a4:62:e0:dd:a2:5d:e0:a6:be: 6b:a5:0d:d2:11:92:dc:90:27:c6:e1:13:9d:e2:19: 14:48:c4:e7:40:6d:dd:fc:8a:2a:99:61:2b:da:c1: 69:3e:e8:be:74:8e:10:81:64:06:f5:bd:38:95:02: f0:50:c7:03:8b:12:90:07:cf:44:e0:78:c0:cf:85: 8c:57:a5:bf:a6:84:0d:bc:19:a3:aa:9b:ab:df:2a: 2d:f6:1e:09:32:5f:45:82:ea:43:af:c8:62:bd:7c: 6a:7d:23:bd:61:19:8f:4f:76:60:69:83:d3:14:09: 1a:98:fe:84:38:9e:5f:fc:02:34:4c:f9:9e:c8:12: cb:8d:7c:d6:bb:fb:a2:05:02:25:5b:8a:e8:76:6a: 25:90:29:0e:3c:5d:7b:d5:2b:74:f5:f7:54:a8:63: 81:ad:d6:ce:24:44:0a:b5:b0:41:cb:07:4a:f7:e0: a4:85:c3:c1:a0:82:a3:3c:92:90:e6:da:ea:cc:7e: fe:cc:5b:72:05:b9:60:e6:be:7d:8a:de:c5:db:9e: c8:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:0A:AB:96:FC:6D:05:0E:A7:C0:93:1E:8D:29:81:BB:95:6C:36:72 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/475cc5b7-0cb2-405e-b609-203b983a6087.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0fb:ed00::/40 Signature Algorithm: sha256WithRSAEncryption 08:08:09:97:c0:f4:33:db:88:cf:57:9d:95:2b:f7:a5:4c:fe: e8:c3:31:98:65:4c:76:5f:e1:8e:c3:43:3b:30:32:3a:5a:e3: db:69:bf:f2:f7:e7:36:55:59:92:d1:3e:7f:d4:3d:20:07:bb: 3b:ef:b3:4c:d2:84:6e:27:5e:4e:57:22:be:4c:87:68:f1:63: a8:b3:fb:2e:78:d2:3f:9d:39:44:ae:99:51:73:75:8b:6b:fc: 70:55:8a:a3:5b:75:90:e8:b4:88:ac:eb:d2:c6:4a:20:a4:33: 4f:63:84:2f:1e:6f:6f:a3:33:75:d9:c1:6d:a7:24:31:5c:fc: e7:57:6a:43:15:6b:8d:73:64:23:a0:02:05:8e:c0:af:31:68: d9:bc:25:21:80:5d:12:68:7c:fe:c8:e0:cc:f4:cf:57:22:d4: 26:60:6b:fd:24:a1:8b:51:ff:be:5c:b2:ba:75:48:f1:2f:a7: 92:47:0b:9b:7a:8f:f1:73:13:8b:f6:50:5a:a5:d1:cb:3f:5c: c6:2f:60:d8:7d:f5:e5:6d:68:fd:5f:f2:07:fb:cd:da:9b:ab: e7:e8:ae:6b:68:00:22:32:5c:28:17:f5:92:00:f6:07:82:be: 21:a4:bc:b8:b2:ec:ae:60:6d:96:22:1a:7d:01:5c:24:12:7b: 5c:6a:65:d0 -----BEGIN CERTIFICATE----- MIIF+jCCBOKgAwIBAgIUOSvnCtW8VgLKGWm9PGM02lNtXEwwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDIxMTMwMDI5WhcNMjUxMTI1MjM1OTU5 WjB6MUkwRwYDVQQFE0A3NzU5MjUwYzM3MzY3NWI3ZDM1NmNmMTUxNzQ5YTQ3MzQ2 YzFiN2FjNTc1YTlmYzI5YWYxNWJlYzk3Y2VhNWUxMS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCltKtoBhNpl5mTUwuKONSPg20dPjICAKo0CFLVMDz0v9w8 K0KDPFfnECRGgziUTdzZbKRi4N2iXeCmvmulDdIRktyQJ8bhE53iGRRIxOdAbd38 iiqZYSvawWk+6L50jhCBZAb1vTiVAvBQxwOLEpAHz0TgeMDPhYxXpb+mhA28GaOq m6vfKi32HgkyX0WC6kOvyGK9fGp9I71hGY9PdmBpg9MUCRqY/oQ4nl/8AjRM+Z7I EsuNfNa7+6IFAiVbiuh2aiWQKQ48XXvVK3T191SoY4Gt1s4kRAq1sEHLB0r34KSF w8GggqM8kpDm2urMfv7MW3IFuWDmvn2K3sXbnsj5AgMBAAGjggKzMIICrzAdBgNV HQ4EFgQU3AqrlvxtBQ6nwJMejSmBu5VsNnIwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2LzQ3NWNjNWI3LTBjYjItNDA1ZS1iNjA5LTIwM2I5ODNhNjA4Ny5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAmAPD77TANBgkqhkiG9w0BAQsFAAOCAQEACAgJl8D0M9uIz1edlSv3pUz+ 6MMxmGVMdl/hjsNDOzAyOlrj22m/8vfnNlVZktE+f9Q9IAe7O++zTNKEbideTlci vkyHaPFjqLP7LnjSP505RK6ZUXN1i2v8cFWKo1t1kOi0iKzr0sZKIKQzT2OELx5v b6MzddnBbackMVz851dqQxVrjXNkI6ACBY7ArzFo2bwlIYBdEmh8/sjgzPTPVyLU JmBr/SShi1H/vlyyunVI8S+nkkcLm3qP8XMTi/ZQWqXRyz9cxi9g2H315W1o/V/y B/vN2pur5+iua2gAIjJcKBf1kgD2B4K+IaS8uLLsrmBtliIafQFcJBJ7XGpl0A== -----END CERTIFICATE-----Generated at Wed Nov 5 05:50:32 2025 by rpki-client