$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f504ccce-2eee-4202-842d-dad59cabe141.roa File: f504ccce-2eee-4202-842d-dad59cabe141.roa (raw, json) Hash identifier: /VcqWUX56secY/bdKOQn45TwQMMQbRDummmkNmIJQZo= Subject key identifier: FC:6A:FF:A5:D2:12:05:12:76:7D:45:65:E2:00:09:6B:38:8A:26:A1 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 0838762AB0431FE587F93E35B88EDDB331BDA8A1 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f504ccce-2eee-4202-842d-dad59cabe141.roa Signing time: Tue 05 Aug 2025 18:30:50 +0000 ROA not before: Tue 05 Aug 2025 18:30:50 +0000 ROA not after: Tue 09 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:f0fb:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 07 Aug 2025 22:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:38:76:2a:b0:43:1f:e5:87:f9:3e:35:b8:8e:dd:b3:31:bd:a8:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Aug 5 18:30:50 2025 GMT Not After : Sep 9 23:59:59 2025 GMT Subject: serialNumber=dcfe6b303065211e36ab4ce81cde3fd689576767359439d9941c8993667b8bf1, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:d1:84:c9:b5:b1:10:a7:af:59:f1:77:92:2f: c6:ae:84:f1:96:ff:4f:fd:1a:85:68:64:51:31:e4: d8:a5:55:cd:4d:d3:37:97:db:13:8d:99:1b:6d:74: a0:8e:2b:8c:35:49:e4:bb:88:13:76:42:f9:24:04: 66:f5:24:40:ce:ca:5c:dc:92:78:f9:dd:f1:f1:c4: a0:41:29:3b:86:a3:51:bf:c4:ab:44:27:a9:2a:57: a7:8a:8e:86:22:7b:b4:ba:57:46:f8:ba:fd:21:74: e4:5f:62:f3:56:73:09:b5:f2:53:12:68:53:3b:ec: da:7a:97:7b:27:60:a3:74:f8:53:72:36:77:a0:10: b1:5f:2f:16:1d:12:5f:0c:97:af:d3:e2:e2:97:d0: 69:12:97:1f:6a:3c:58:4a:e1:3c:d8:92:d3:f5:27: 1e:97:60:a7:84:52:dc:79:45:a1:c4:a1:a5:3e:d9: 2d:a0:56:41:0c:7a:c2:b6:56:32:5f:f0:3b:62:38: ba:85:7f:22:c7:e8:05:8b:11:34:1b:a2:39:73:0d: a3:f0:a2:3e:34:d7:0c:73:dd:dd:a8:65:43:d1:c0: 7f:6f:b5:98:82:a1:8d:cb:48:29:06:c5:54:99:37: 0c:65:d5:2e:0d:75:22:0a:79:75:a7:24:b6:3b:69: 11:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:6A:FF:A5:D2:12:05:12:76:7D:45:65:E2:00:09:6B:38:8A:26:A1 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/f504ccce-2eee-4202-842d-dad59cabe141.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0fb:8000::/40 Signature Algorithm: sha256WithRSAEncryption 9e:d4:f8:70:d1:4e:15:3f:e9:1f:97:c5:fc:21:a8:a6:c7:30: 18:2b:b7:5c:3f:70:67:04:52:73:9c:3b:a2:ae:52:79:2b:34: e8:c7:e4:d8:cf:bd:97:d4:63:56:0f:c0:45:c3:82:aa:4e:d2: db:0a:06:d9:73:b8:71:ed:5e:bb:eb:cd:96:2d:e8:84:07:c1: 6e:cb:2f:cd:f3:b3:67:82:0a:d7:14:5b:d0:92:36:e9:bd:66: d6:6f:7b:56:db:4b:4c:f6:a6:81:1a:5c:c3:69:08:5a:ab:ed: c6:c8:a2:2c:67:84:8d:5d:f4:8b:57:65:9b:5c:3d:d5:41:47: 2f:0a:de:fa:60:b7:ad:38:78:57:62:5f:25:28:81:8b:f2:9c: 6c:90:16:97:38:58:82:6c:29:a9:2f:0c:b7:86:aa:f9:e2:35: af:2d:88:77:1e:b9:60:3d:98:8a:0b:f6:52:cc:16:72:fc:57: f2:7a:c5:95:80:03:57:7e:1b:08:ad:9e:66:73:e6:1a:35:75: d8:51:30:bf:6a:80:bf:16:48:ea:f4:33:c9:d6:b2:36:54:f1: a7:a7:9d:dc:b1:2d:5e:fb:39:40:34:04:b1:6c:b9:38:f7:6a: 37:aa:b4:0d:ab:e5:c3:5e:b4:40:d1:fe:9e:57:87:30:88:47: af:77:6b:26 -----BEGIN CERTIFICATE----- MIIF+jCCBOKgAwIBAgIUCDh2KrBDH+WH+T41uI7dszG9qKEwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwODA1MTgzMDUwWhcNMjUwOTA5MjM1OTU5 WjB6MUkwRwYDVQQFE0BkY2ZlNmIzMDMwNjUyMTFlMzZhYjRjZTgxY2RlM2ZkNjg5 NTc2NzY3MzU5NDM5ZDk5NDFjODk5MzY2N2I4YmYxMS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCJ0YTJtbEQp69Z8XeSL8auhPGW/0/9GoVoZFEx5NilVc1N 0zeX2xONmRttdKCOK4w1SeS7iBN2QvkkBGb1JEDOylzcknj53fHxxKBBKTuGo1G/ xKtEJ6kqV6eKjoYie7S6V0b4uv0hdORfYvNWcwm18lMSaFM77Np6l3snYKN0+FNy NnegELFfLxYdEl8Ml6/T4uKX0GkSlx9qPFhK4TzYktP1Jx6XYKeEUtx5RaHEoaU+ 2S2gVkEMesK2VjJf8DtiOLqFfyLH6AWLETQbojlzDaPwoj401wxz3d2oZUPRwH9v tZiCoY3LSCkGxVSZNwxl1S4NdSIKeXWnJLY7aRFLAgMBAAGjggKzMIICrzAdBgNV HQ4EFgQU/Gr/pdISBRJ2fUVl4gAJaziKJqEwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2L2Y1MDRjY2NlLTJlZWUtNDIwMi04NDJkLWRhZDU5Y2FiZTE0MS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAmAPD7gDANBgkqhkiG9w0BAQsFAAOCAQEAntT4cNFOFT/pH5fF/CGopscw GCu3XD9wZwRSc5w7oq5SeSs06Mfk2M+9l9RjVg/ARcOCqk7S2woG2XO4ce1eu+vN li3ohAfBbssvzfOzZ4IK1xRb0JI26b1m1m97VttLTPamgRpcw2kIWqvtxsiiLGeE jV30i1dlm1w91UFHLwre+mC3rTh4V2JfJSiBi/KcbJAWlzhYgmwpqS8Mt4aq+eI1 ry2Idx65YD2Yigv2UswWcvxX8nrFlYADV34bCK2eZnPmGjV12FEwv2qAvxZI6vQz ydayNlTxp6ed3LEtXvs5QDQEsWy5OPdqN6q0Davlw160QNH+nleHMIhHr3drJg== -----END CERTIFICATE-----Generated at Wed Aug 6 16:09:51 2025 by rpki-client