$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/4d9dc189-6c00-4764-9c0c-c990d1727298.roa File: 4d9dc189-6c00-4764-9c0c-c990d1727298.roa (raw, json) Hash identifier: mF2UpI4CsaXl0lUeV4IPgUYSb+BH6kAfxUT9r2iAobE= Subject key identifier: 6F:02:25:18:12:8D:1A:C6:F9:4B:96:50:F5:19:4D:03:9E:01:E5:7D Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 241E65CEA1BA42F4C28E49EB3F620043F7DC8B59 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/4d9dc189-6c00-4764-9c0c-c990d1727298.roa Signing time: Tue 21 Oct 2025 13:00:07 +0000 ROA not before: Tue 21 Oct 2025 13:00:07 +0000 ROA not after: Tue 25 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:f0f0:600::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 06 Nov 2025 13:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:1e:65:ce:a1:ba:42:f4:c2:8e:49:eb:3f:62:00:43:f7:dc:8b:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Oct 21 13:00:07 2025 GMT Not After : Nov 25 23:59:59 2025 GMT Subject: serialNumber=54f31a80d8b3e2ee2bb06eeb83f6b184b6c84b4a69317bd1373ab3484c6deaa6, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:e2:c3:be:e5:4e:d5:85:12:14:ca:a6:60:6e: f4:37:38:b9:ed:35:8c:5f:32:c8:3a:b1:73:c0:0d: 0a:4b:78:53:0e:69:57:15:7c:e1:5b:d7:03:e7:5a: d5:5a:06:36:76:ad:96:96:cf:fa:c2:13:a5:ee:91: eb:82:cd:5a:e3:2d:c6:32:bd:4e:e7:c4:45:90:86: 72:7f:fe:c7:2a:88:f4:fd:cb:6a:e4:55:27:9f:e0: 35:ca:04:b0:c2:78:5e:f6:79:2b:bd:50:b5:46:61: 95:2c:75:bd:73:e8:b7:c9:c6:01:01:70:af:c0:50: 53:91:88:99:6a:0f:f6:77:57:ff:96:6c:39:d8:8a: 1e:73:6e:04:32:fa:d2:7c:dc:f7:cf:14:e1:0a:93: 1c:93:0b:9c:bd:f6:58:5f:be:c9:57:95:a5:c8:b2: b6:42:af:8b:5f:0a:ce:55:a5:68:46:2c:1b:09:f5: 24:32:95:de:07:11:2f:48:6a:f8:31:24:c4:91:5d: 96:85:1a:af:f1:c0:d8:2f:26:3f:14:b3:c1:7a:e8: 7a:54:45:87:8a:09:0e:ea:9d:83:aa:d8:b5:ee:67: 98:11:d4:db:52:a9:c6:17:a7:53:91:79:53:54:e9: 9b:e1:5b:98:ac:ba:ee:ab:87:ea:ad:52:c0:8f:5d: 89:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:02:25:18:12:8D:1A:C6:F9:4B:96:50:F5:19:4D:03:9E:01:E5:7D X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/4d9dc189-6c00-4764-9c0c-c990d1727298.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0f0:600::/48 Signature Algorithm: sha256WithRSAEncryption 86:e8:5b:04:32:5e:d0:6a:15:a7:ec:16:c8:ff:da:c7:00:e1: fc:36:32:2c:d4:ff:aa:cf:7f:88:96:08:3f:79:7b:8b:b8:75: 6f:44:93:b4:44:a9:29:8a:b8:80:d5:c6:7f:0d:1a:aa:70:80: 83:05:5e:cd:0c:fd:49:90:65:f9:65:3d:d8:39:80:46:43:e5: c9:ce:81:a3:97:f1:a1:50:5a:0d:53:6f:b6:56:cc:f8:6f:0a: 27:65:76:8a:27:a8:d7:5b:50:be:52:b5:a1:88:18:6a:42:de: 37:c6:d8:f7:fd:8e:43:cf:af:b0:52:e7:84:b3:9f:41:f0:2e: e7:f4:50:88:78:2f:c2:42:de:ff:50:cc:68:ef:b0:19:3c:c0: e4:d0:46:09:1a:78:d9:e6:dc:0f:5e:d3:1c:af:d3:a2:bd:7c: 0b:84:a1:41:63:f2:5a:65:33:c1:49:c0:7e:c0:84:4f:b4:d3: 5c:e7:21:18:03:c2:33:e2:06:8d:02:dd:78:63:33:b9:98:2b: c1:4d:33:e7:d8:c2:c6:ba:08:16:6e:34:5b:d3:29:04:40:e6: d5:48:33:30:49:dd:1e:30:31:ca:55:06:cc:e0:f1:60:e0:bb: 4a:05:ff:55:f5:6b:5f:0c:b6:a4:5e:15:00:db:f1:30:a5:05: 3a:67:97:35 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUJB5lzqG6QvTCjknrP2IAQ/fci1kwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDIxMTMwMDA3WhcNMjUxMTI1MjM1OTU5 WjB6MUkwRwYDVQQFE0A1NGYzMWE4MGQ4YjNlMmVlMmJiMDZlZWI4M2Y2YjE4NGI2 Yzg0YjRhNjkzMTdiZDEzNzNhYjM0ODRjNmRlYWE2MS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDX4sO+5U7VhRIUyqZgbvQ3OLntNYxfMsg6sXPADQpLeFMO aVcVfOFb1wPnWtVaBjZ2rZaWz/rCE6XukeuCzVrjLcYyvU7nxEWQhnJ//scqiPT9 y2rkVSef4DXKBLDCeF72eSu9ULVGYZUsdb1z6LfJxgEBcK/AUFORiJlqD/Z3V/+W bDnYih5zbgQy+tJ83PfPFOEKkxyTC5y99lhfvslXlaXIsrZCr4tfCs5VpWhGLBsJ 9SQyld4HES9IavgxJMSRXZaFGq/xwNgvJj8Us8F66HpURYeKCQ7qnYOq2LXuZ5gR 1NtSqcYXp1OReVNU6ZvhW5isuu6rh+qtUsCPXYnLAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUbwIlGBKNGsb5S5ZQ9RlNA54B5X0wHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2LzRkOWRjMTg5LTZjMDAtNDc2NC05YzBjLWM5OTBkMTcyNzI5OC5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwAmAPDwBgAwDQYJKoZIhvcNAQELBQADggEBAIboWwQyXtBqFafsFsj/2scA 4fw2MizU/6rPf4iWCD95e4u4dW9Ek7REqSmKuIDVxn8NGqpwgIMFXs0M/UmQZfll Pdg5gEZD5cnOgaOX8aFQWg1Tb7ZWzPhvCidldoonqNdbUL5StaGIGGpC3jfG2Pf9 jkPPr7BS54Szn0HwLuf0UIh4L8JC3v9QzGjvsBk8wOTQRgkaeNnm3A9e0xyv06K9 fAuEoUFj8lplM8FJwH7AhE+001znIRgDwjPiBo0C3XhjM7mYK8FNM+fYwsa6CBZu NFvTKQRA5tVIMzBJ3R4wMcpVBszg8WDgu0oF/1X1a18MtqReFQDb8TClBTpnlzU= -----END CERTIFICATE-----Generated at Wed Nov 5 07:49:10 2025 by rpki-client