$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/9a96c02c-ad61-40ce-b5aa-def693953ba1.roa File: 9a96c02c-ad61-40ce-b5aa-def693953ba1.roa (raw, json) Hash identifier: TtpTrsTjkAxm3Z0/k+W3yCg5iWBUPA3DyOJhGt6G7v0= Subject key identifier: 37:B2:E5:60:D3:5B:D7:13:C0:A3:49:F4:22:27:70:E1:B8:17:80:65 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 162210CBCC657C5C9A497574FF0FE1362DB86B3C Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/9a96c02c-ad61-40ce-b5aa-def693953ba1.roa Signing time: Wed 22 Oct 2025 00:40:04 +0000 ROA not before: Wed 22 Oct 2025 00:40:04 +0000 ROA not after: Wed 26 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:f0f3:f000::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 06 Nov 2025 13:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:22:10:cb:cc:65:7c:5c:9a:49:75:74:ff:0f:e1:36:2d:b8:6b:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Oct 22 00:40:04 2025 GMT Not After : Nov 26 23:59:59 2025 GMT Subject: serialNumber=314ee8ec7c14ff8c9e4e631a7d979dd8c0cbb3d2ed6143aec87b49b572ba501d, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:ac:cd:a5:55:cc:1a:e7:ba:1a:f2:e4:e4:ed: ab:0d:ae:2c:8d:d0:58:1e:fd:7e:7a:4b:a7:98:ac: 60:32:52:9a:81:e3:63:79:40:c3:0d:be:df:d3:bd: 0c:55:50:35:71:55:8d:c5:c4:4f:39:1c:ce:69:e1: 69:df:c7:34:4c:95:f6:e9:64:60:74:98:10:3a:63: e3:bc:d2:ef:dd:7b:6a:b8:b1:03:9e:aa:1e:81:ae: 74:d2:4f:d1:df:37:de:76:17:0e:2b:b8:b3:c0:cb: 29:0c:ab:74:c7:f0:a0:cd:f7:e5:0e:e8:86:a8:30: 98:35:4a:1f:c5:73:2d:09:20:8d:f6:6b:e9:9c:8b: f8:aa:1d:a2:d6:25:5d:36:c3:1f:d1:52:4e:69:4f: de:55:80:42:84:bd:4d:f4:00:89:ae:8b:2f:02:32: 36:d2:b7:d0:05:cc:10:a9:1c:23:41:13:84:c4:26: 86:76:0d:38:27:f8:9c:be:d3:e8:fa:dd:44:4e:68: 6a:75:35:6a:15:aa:03:35:4f:c4:f3:2f:21:b6:49: bf:5d:6f:c3:a4:72:6c:f8:3c:f3:42:13:19:ed:5f: 2f:d9:3d:96:b0:bf:bd:fd:d3:cd:5f:87:16:63:f9: 63:6b:f3:7b:65:2f:23:74:c5:ca:6f:20:f9:2d:25: 2a:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:B2:E5:60:D3:5B:D7:13:C0:A3:49:F4:22:27:70:E1:B8:17:80:65 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/9a96c02c-ad61-40ce-b5aa-def693953ba1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0f3:f000::/44 Signature Algorithm: sha256WithRSAEncryption 13:91:a0:c8:2c:75:a9:fc:40:f9:64:4e:fa:07:96:d6:3a:16: fc:a5:9c:9f:cf:5b:aa:62:50:2a:e6:f8:5f:8a:f4:ae:9f:8f: 0f:85:d2:e7:35:27:a2:37:50:4c:08:be:9b:dd:b2:43:4e:17: e6:a2:d7:c9:20:20:8e:c1:71:fc:38:b8:bb:a2:a4:f4:b5:67: ec:a1:e2:cf:8a:04:25:bb:95:16:66:fd:8e:4e:c2:a7:b3:c0: 31:37:79:64:c5:b1:a1:9a:29:87:e4:5b:6c:a3:e9:bc:17:8a: 6c:e5:f0:18:3d:67:56:a0:94:e4:e7:13:8f:22:0e:9f:6e:2a: 9f:6b:28:34:52:7f:01:da:f7:49:70:d8:a2:13:8a:6c:62:6e: b2:1f:1b:eb:54:6a:9b:ea:b5:58:9c:8d:d7:bf:03:08:88:d0: c2:d5:ee:6d:40:86:2a:9f:ef:59:51:e8:47:06:8e:05:d7:60: d6:88:be:b0:74:97:00:92:b5:96:40:c9:3d:a2:d9:ce:ab:c9: aa:3b:1d:8f:5b:aa:ba:13:11:53:fd:bf:1d:8c:8e:8d:7f:e2: a3:f5:29:1c:87:b3:33:f3:39:ae:2a:db:da:3d:dc:1b:2d:05: 96:cb:4e:f2:76:67:65:06:2b:38:45:f3:6b:a5:b3:6b:aa:a6: c7:8f:55:43 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUFiIQy8xlfFyaSXV0/w/hNi24azwwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDIyMDA0MDA0WhcNMjUxMTI2MjM1OTU5 WjB6MUkwRwYDVQQFE0AzMTRlZThlYzdjMTRmZjhjOWU0ZTYzMWE3ZDk3OWRkOGMw Y2JiM2QyZWQ2MTQzYWVjODdiNDliNTcyYmE1MDFkMS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDPrM2lVcwa57oa8uTk7asNriyN0Fge/X56S6eYrGAyUpqB 42N5QMMNvt/TvQxVUDVxVY3FxE85HM5p4WnfxzRMlfbpZGB0mBA6Y+O80u/de2q4 sQOeqh6BrnTST9HfN952Fw4ruLPAyykMq3TH8KDN9+UO6IaoMJg1Sh/Fcy0JII32 a+mci/iqHaLWJV02wx/RUk5pT95VgEKEvU30AImuiy8CMjbSt9AFzBCpHCNBE4TE JoZ2DTgn+Jy+0+j63UROaGp1NWoVqgM1T8TzLyG2Sb9db8Okcmz4PPNCExntXy/Z PZawv739081fhxZj+WNr83tlLyN0xcpvIPktJSpxAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUN7LlYNNb1xPAo0n0Iidw4bgXgGUwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2LzlhOTZjMDJjLWFkNjEtNDBjZS1iNWFhLWRlZjY5Mzk1M2JhMS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwQmAPDz8AAwDQYJKoZIhvcNAQELBQADggEBABORoMgsdan8QPlkTvoHltY6 FvylnJ/PW6piUCrm+F+K9K6fjw+F0uc1J6I3UEwIvpvdskNOF+ai18kgII7Bcfw4 uLuipPS1Z+yh4s+KBCW7lRZm/Y5OwqezwDE3eWTFsaGaKYfkW2yj6bwXimzl8Bg9 Z1aglOTnE48iDp9uKp9rKDRSfwHa90lw2KITimxibrIfG+tUapvqtVicjde/AwiI 0MLV7m1Ahiqf71lR6EcGjgXXYNaIvrB0lwCStZZAyT2i2c6ryao7HY9bqroTEVP9 vx2Mjo1/4qP1KRyHszPzOa4q29o93BstBZbLTvJ2Z2UGKzhF82uls2uqpsePVUM= -----END CERTIFICATE-----Generated at Wed Nov 5 11:49:24 2025 by rpki-client