$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f504ccce-2eee-4202-842d-dad59cabe141.roa File: f504ccce-2eee-4202-842d-dad59cabe141.roa (raw, json) Hash identifier: sQI9YkKhA+o5+ZS1MYEV+vr+LibyhSJwzD3iMPaLq6Y= Subject key identifier: 43:46:CA:66:4D:12:F2:09:86:9E:40:D1:F7:20:36:3F:87:2D:67:C4 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 65C6E976F505DD4C81FF6E65080AB8E69582EA90 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f504ccce-2eee-4202-842d-dad59cabe141.roa Signing time: Tue 21 Oct 2025 13:10:37 +0000 ROA not before: Tue 21 Oct 2025 13:10:37 +0000 ROA not after: Tue 25 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:f0fb:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 06 Nov 2025 13:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:c6:e9:76:f5:05:dd:4c:81:ff:6e:65:08:0a:b8:e6:95:82:ea:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Oct 21 13:10:37 2025 GMT Not After : Nov 25 23:59:59 2025 GMT Subject: serialNumber=1f34c42aa33aa8250c06ce7ad3c7bfd8159d78befe9a8fef42610d6e03930103, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:ec:b5:eb:35:d4:36:4a:f1:2c:c5:f2:88:a5: 75:47:53:d7:cc:ae:9d:4c:e8:9b:0e:2b:0d:2a:21: 40:0e:3f:91:2d:0f:73:e1:6f:4d:2f:f9:65:86:1f: 3b:e7:c9:0d:56:76:80:b9:e8:71:ae:9e:e0:29:21: 7b:34:db:6a:39:3b:55:9a:b6:aa:fe:98:13:7a:0e: bb:45:5d:c1:f7:65:41:82:39:45:f0:ba:fe:9c:29: d9:c0:72:37:cc:f8:9f:c6:08:01:c7:1f:36:2b:f4: 4d:9e:8c:b3:1e:cc:58:bc:ae:53:54:c1:c2:f5:01: 5b:0b:8f:40:ae:86:63:e6:7b:c1:0b:04:ac:61:75: 72:9a:4d:22:f9:60:e7:99:70:8a:4d:91:00:82:24: 6b:54:77:4d:66:22:1a:28:da:e3:f9:f0:85:b3:83: ba:be:67:82:27:e2:82:d1:dd:1e:ed:88:9c:ee:18: 3b:16:81:ec:ef:36:9f:8b:24:98:7a:8d:6a:e1:62: 23:96:51:17:55:43:3b:28:2b:96:c1:40:c8:c9:17: 42:ce:75:8b:e8:42:37:90:64:99:3b:9f:8e:5d:a5: 9e:87:66:81:3e:5e:01:d8:1c:d7:c1:96:7a:b7:c5: 6a:9b:94:c8:a5:2a:34:43:64:d4:8a:b0:52:98:7f: b6:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:46:CA:66:4D:12:F2:09:86:9E:40:D1:F7:20:36:3F:87:2D:67:C4 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f504ccce-2eee-4202-842d-dad59cabe141.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0fb:8000::/40 Signature Algorithm: sha256WithRSAEncryption 1a:6c:f0:f6:09:f2:b5:15:a2:07:2c:81:78:b7:d5:40:26:99: cd:5e:dc:f3:44:20:6b:01:36:8f:6b:e5:39:62:7e:c1:1b:c2: 59:55:5c:50:15:0e:09:d0:72:ec:e3:f4:e8:1b:20:ad:f0:9b: 05:a6:85:4d:a0:4e:ef:8a:1e:e8:42:6c:76:48:ad:f8:4f:16: c6:cc:7a:72:5d:0f:7a:9c:0d:8b:2f:c9:b2:3e:c2:76:75:36: c6:dd:26:f7:bd:2a:bd:40:67:e0:0d:f3:7e:97:64:b2:70:de: 43:9f:74:5f:fa:47:43:7c:78:86:ec:d3:14:40:bc:77:44:6a: a9:d3:d3:83:b9:8f:15:78:39:48:e0:7a:2f:e1:b3:70:b9:58: f8:df:74:6a:bb:06:e5:d8:ff:c1:18:89:5e:21:0c:44:73:1b: a2:2c:47:de:95:d5:11:79:d4:b7:6a:25:4f:23:3d:2c:26:d4: 51:73:40:29:0a:f7:ff:73:aa:2f:1b:19:1d:88:b8:bd:80:c6: 6d:f2:df:13:19:d1:31:49:79:24:7f:74:49:df:24:9d:95:8e: 21:b7:88:cd:46:10:03:41:9b:dd:f4:0b:54:37:a0:09:b8:6d: f4:51:f4:04:e5:af:12:a2:c6:f5:b7:32:3e:a8:f9:52:18:53: 00:31:bc:7c -----BEGIN CERTIFICATE----- MIIF+jCCBOKgAwIBAgIUZcbpdvUF3UyB/25lCAq45pWC6pAwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDIxMTMxMDM3WhcNMjUxMTI1MjM1OTU5 WjB6MUkwRwYDVQQFE0AxZjM0YzQyYWEzM2FhODI1MGMwNmNlN2FkM2M3YmZkODE1 OWQ3OGJlZmU5YThmZWY0MjYxMGQ2ZTAzOTMwMTAzMS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDW7LXrNdQ2SvEsxfKIpXVHU9fMrp1M6JsOKw0qIUAOP5Et D3Phb00v+WWGHzvnyQ1WdoC56HGunuApIXs022o5O1Watqr+mBN6DrtFXcH3ZUGC OUXwuv6cKdnAcjfM+J/GCAHHHzYr9E2ejLMezFi8rlNUwcL1AVsLj0CuhmPme8EL BKxhdXKaTSL5YOeZcIpNkQCCJGtUd01mIhoo2uP58IWzg7q+Z4In4oLR3R7tiJzu GDsWgezvNp+LJJh6jWrhYiOWURdVQzsoK5bBQMjJF0LOdYvoQjeQZJk7n45dpZ6H ZoE+XgHYHNfBlnq3xWqblMilKjRDZNSKsFKYf7aRAgMBAAGjggKzMIICrzAdBgNV HQ4EFgQUQ0bKZk0S8gmGnkDR9yA2P4ctZ8QwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2L2Y1MDRjY2NlLTJlZWUtNDIwMi04NDJkLWRhZDU5Y2FiZTE0MS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAmAPD7gDANBgkqhkiG9w0BAQsFAAOCAQEAGmzw9gnytRWiByyBeLfVQCaZ zV7c80QgawE2j2vlOWJ+wRvCWVVcUBUOCdBy7OP06BsgrfCbBaaFTaBO74oe6EJs dkit+E8Wxsx6cl0PepwNiy/Jsj7CdnU2xt0m970qvUBn4A3zfpdksnDeQ590X/pH Q3x4huzTFEC8d0RqqdPTg7mPFXg5SOB6L+GzcLlY+N90arsG5dj/wRiJXiEMRHMb oixH3pXVEXnUt2olTyM9LCbUUXNAKQr3/3OqLxsZHYi4vYDGbfLfExnRMUl5JH90 Sd8knZWOIbeIzUYQA0Gb3fQLVDegCbht9FH0BOWvEqLG9bcyPqj5UhhTADG8fA== -----END CERTIFICATE-----Generated at Wed Nov 5 09:32:13 2025 by rpki-client