$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/da0d0f1f-f82d-47bb-9ac7-ee09a51b3f2c.roa File: da0d0f1f-f82d-47bb-9ac7-ee09a51b3f2c.roa (raw, json) Hash identifier: M3cCoAwYj4r6L7hqI8a2zZk5Qlh8mvNBBuG3gxlmlXM= Subject key identifier: AB:22:B7:41:D9:38:DF:DF:BE:57:2D:9A:B6:18:57:63:38:1F:1F:05 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 78BE04AF78EAD0BDDDD2AC1F2FEA0C21A171C1D9 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/da0d0f1f-f82d-47bb-9ac7-ee09a51b3f2c.roa Signing time: Tue 21 Oct 2025 13:00:04 +0000 ROA not before: Tue 21 Oct 2025 13:00:04 +0000 ROA not after: Tue 25 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:f0f0:500::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 06 Nov 2025 13:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:be:04:af:78:ea:d0:bd:dd:d2:ac:1f:2f:ea:0c:21:a1:71:c1:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Oct 21 13:00:04 2025 GMT Not After : Nov 25 23:59:59 2025 GMT Subject: serialNumber=840bec3943709816212f669d8f32552f2aa4d5246a80848cddfe2d75326bdc0b, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:49:92:05:62:f7:3b:c2:14:df:bc:f7:ce:8b: 8e:97:38:4d:87:29:24:fb:ec:e7:19:11:79:7d:da: 61:16:e7:8f:6d:d7:2c:ca:99:d5:68:37:8e:09:a1: 65:7e:48:a3:9f:0e:0b:d5:d9:0d:e9:1f:33:a3:87: 10:07:0b:02:33:2e:fc:ad:1e:55:32:f5:54:26:d9: 1a:d7:18:dd:6a:fa:4d:29:0e:47:a6:4c:82:04:64: df:d0:56:ba:18:e8:8a:68:51:ae:73:6b:d9:55:c7: 00:a2:6f:0b:fe:0d:70:9d:4c:f2:a8:d7:ed:6d:19: 31:bd:33:52:b5:98:20:e0:9d:96:a4:83:74:89:54: b2:ee:65:84:6d:f7:e6:5a:2c:1e:e3:3c:04:8a:d7: 3b:9f:6b:99:50:71:0b:ed:db:5a:56:0e:40:a2:a4: 10:f9:75:e5:07:9c:f5:04:2e:bb:0b:e1:92:62:91: a7:c3:39:04:3c:be:ac:68:59:d9:09:ab:8f:c9:a1: 5d:63:f6:a1:cc:e5:a3:b6:8e:39:51:e7:ca:2a:40: 4e:94:3e:75:74:68:dd:6c:f6:a8:a2:7f:58:c2:05: a5:ca:99:56:c7:1e:44:15:19:da:f7:69:15:3c:68: 01:7b:7f:b8:6c:47:7b:d5:46:c6:d8:f8:a3:21:54: 6b:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:22:B7:41:D9:38:DF:DF:BE:57:2D:9A:B6:18:57:63:38:1F:1F:05 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/da0d0f1f-f82d-47bb-9ac7-ee09a51b3f2c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0f0:500::/48 Signature Algorithm: sha256WithRSAEncryption 77:eb:1a:e6:e3:de:20:1f:37:45:e0:bf:22:d0:8d:66:c6:85: 5b:89:32:e4:33:44:a3:f8:5b:c9:4d:07:e3:ad:70:cb:81:45: 20:fe:0a:0d:c5:58:e5:74:4f:fe:8d:d1:b4:fe:5a:a8:4e:fc: 4c:ab:d5:43:2b:65:f2:2f:57:4b:92:51:f4:4d:f4:ee:64:71: f4:52:1b:70:2b:2a:8e:b2:90:47:c5:8b:7d:51:bc:5c:7d:65: 3d:75:f9:8b:e5:fd:00:db:8b:42:6c:f6:01:18:10:6a:f9:fc: 80:16:f2:52:eb:d2:d6:1c:2b:cc:43:fb:b4:a1:46:eb:ed:45: 72:9f:be:e0:ce:9e:43:af:c9:d4:77:51:96:da:96:71:7b:e2: a9:02:d6:8b:70:cc:20:6d:cb:2f:46:29:a4:c5:52:f4:ad:f2: 9b:7b:a2:23:1e:18:e7:4d:ce:80:1b:74:76:6f:4f:85:a9:51: 35:aa:df:02:a9:97:bc:db:1c:48:07:7c:97:79:82:72:ee:3a: a2:f9:1b:e0:e2:c0:5f:47:40:1b:20:a8:06:d2:ee:e3:57:21: a4:e0:3a:6c:84:f3:77:81:60:8a:4a:91:06:a9:87:e9:07:a7: 10:ea:a7:24:29:39:33:de:d0:3d:72:e8:80:86:53:4b:07:f6: 5c:99:72:61 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUeL4Er3jq0L3d0qwfL+oMIaFxwdkwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDIxMTMwMDA0WhcNMjUxMTI1MjM1OTU5 WjB6MUkwRwYDVQQFE0A4NDBiZWMzOTQzNzA5ODE2MjEyZjY2OWQ4ZjMyNTUyZjJh YTRkNTI0NmE4MDg0OGNkZGZlMmQ3NTMyNmJkYzBiMS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCtSZIFYvc7whTfvPfOi46XOE2HKST77OcZEXl92mEW549t 1yzKmdVoN44JoWV+SKOfDgvV2Q3pHzOjhxAHCwIzLvytHlUy9VQm2RrXGN1q+k0p DkemTIIEZN/QVroY6IpoUa5za9lVxwCibwv+DXCdTPKo1+1tGTG9M1K1mCDgnZak g3SJVLLuZYRt9+ZaLB7jPASK1zufa5lQcQvt21pWDkCipBD5deUHnPUELrsL4ZJi kafDOQQ8vqxoWdkJq4/JoV1j9qHM5aO2jjlR58oqQE6UPnV0aN1s9qiif1jCBaXK mVbHHkQVGdr3aRU8aAF7f7hsR3vVRsbY+KMhVGt3AgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUqyK3Qdk439++Vy2athhXYzgfHwUwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2L2RhMGQwZjFmLWY4MmQtNDdiYi05YWM3LWVlMDlhNTFiM2YyYy5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwAmAPDwBQAwDQYJKoZIhvcNAQELBQADggEBAHfrGubj3iAfN0XgvyLQjWbG hVuJMuQzRKP4W8lNB+OtcMuBRSD+Cg3FWOV0T/6N0bT+WqhO/Eyr1UMrZfIvV0uS UfRN9O5kcfRSG3ArKo6ykEfFi31RvFx9ZT11+Yvl/QDbi0Js9gEYEGr5/IAW8lLr 0tYcK8xD+7ShRuvtRXKfvuDOnkOvydR3UZbalnF74qkC1otwzCBtyy9GKaTFUvSt 8pt7oiMeGOdNzoAbdHZvT4WpUTWq3wKpl7zbHEgHfJd5gnLuOqL5G+DiwF9HQBsg qAbS7uNXIaTgOmyE83eBYIpKkQaph+kHpxDqpyQpOTPe0D1y6ICGU0sH9lyZcmE= -----END CERTIFICATE-----Generated at Wed Nov 5 07:47:46 2025 by rpki-client