$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/2296581f-9248-4567-94d7-ea3a158d3c55.roa File: 2296581f-9248-4567-94d7-ea3a158d3c55.roa (raw, json) Hash identifier: mLVUATAuM2UdhWkWFtmsbg3/EsRTD93divocFPNxkq4= Subject key identifier: B2:A8:23:72:81:9E:B3:B6:4E:11:D1:CA:F6:5B:8C:4E:03:80:35:C5 Certificate issuer: /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c Certificate serial: 2ED8DB1E9FD4CD8CAF4927E4B32836D7ABE35FD5 Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/2296581f-9248-4567-94d7-ea3a158d3c55.roa Signing time: Thu 05 Jun 2025 14:37:07 +0000 ROA not before: Thu 05 Jun 2025 14:37:07 +0000 ROA not after: Thu 10 Jul 2025 23:59:59 +0000 asID: 16509 IP address blocks: 35.96.252.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 15 Jun 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:d8:db:1e:9f:d4:cd:8c:af:49:27:e4:b3:28:36:d7:ab:e3:5f:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c Validity Not Before: Jun 5 14:37:07 2025 GMT Not After : Jul 10 23:59:59 2025 GMT Subject: serialNumber=a4e7b571b4d81c46942f08f609060a3f4e14f1ce07fd3c5f1cb5cae363f71e2a, CN=8cd8442f-235f-4171-84e6-8e1007a64c60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:c0:79:3f:26:7f:ce:48:92:70:58:bf:88:11: b1:45:5d:e1:35:d4:46:67:42:15:14:fd:3c:dc:bb: 13:cf:15:f1:55:b7:fb:1b:ed:a0:9f:78:7c:ad:c0: 1b:4e:ac:35:09:66:c3:ec:ba:f5:2b:0e:01:23:1b: bb:c3:d0:69:f5:1c:33:ab:04:51:93:57:4a:3e:a6: 13:c6:66:ce:06:0e:df:42:f6:87:d3:b1:ef:5a:a1: 5d:42:8f:71:67:f7:d2:8b:d4:ed:da:93:91:46:bf: c3:78:9e:7e:c7:1b:25:1f:8a:47:97:cd:97:a6:09: 3f:15:1f:cb:04:41:b2:15:ef:f2:47:c6:0d:d3:8e: 5b:98:14:9b:e8:4b:bb:e0:57:6c:40:ae:56:fe:a2: af:fc:c3:9d:5b:2c:d0:08:5c:5c:52:c0:1c:7e:eb: eb:75:3b:ba:29:06:22:11:1a:38:fa:e6:27:ed:f2: 48:fb:62:2a:31:11:76:d9:f2:53:7f:55:84:e9:af: 86:c5:44:94:66:e8:b3:0a:80:23:aa:45:9e:51:8f: f2:d1:3f:bf:fd:b1:29:26:a3:9c:82:e3:0c:77:1b: df:38:9c:c7:87:9c:98:fc:84:68:4e:9a:dc:0a:17: 66:f1:de:6f:d0:55:49:70:af:e6:b3:a2:6e:fb:6c: ae:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:A8:23:72:81:9E:B3:B6:4E:11:D1:CA:F6:5B:8C:4E:03:80:35:C5 X509v3 Authority Key Identifier: keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/2296581f-9248-4567-94d7-ea3a158d3c55.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 35.96.252.0/24 Signature Algorithm: sha256WithRSAEncryption 61:d6:c7:c8:ca:32:dd:45:98:44:32:ff:cf:27:74:23:e1:90: 9a:da:4d:08:73:01:a2:1d:e8:d9:dd:be:a7:6d:e3:4c:f0:e5: 72:ec:2a:cd:1b:34:5a:20:42:4d:86:f6:1d:17:36:9f:08:e4: 97:b6:e7:c8:37:3f:a1:3f:0d:9f:2f:91:e5:bc:50:18:d6:f1: b6:22:e9:3d:a4:0a:c8:54:88:ae:1c:d4:0a:21:35:20:33:c3: 85:e8:4a:2e:74:b7:de:36:32:a1:a6:72:c7:a2:a1:11:c5:8a: ae:da:fe:1e:59:2c:f3:58:11:48:f8:83:8b:cb:34:cb:2a:78: dc:bd:b7:7c:60:d6:0f:d1:c3:5b:4f:e9:bc:0a:7c:d7:92:c8: 9e:63:25:b5:a6:8f:50:ef:44:2b:9d:3a:c6:d5:3f:ab:fb:42: 20:1c:b1:66:19:2b:84:3f:3c:60:bb:ef:d2:64:1a:25:64:d5: 8f:ab:de:e3:a9:11:39:3d:97:de:57:09:34:fe:78:a3:1f:81: b7:96:bf:1b:cf:8e:1e:d5:7d:64:ef:9e:6f:91:bf:4a:56:69: ee:41:c0:2d:33:43:8d:3c:6a:24:c9:f5:33:e9:a6:9a:dd:93: 0d:a5:15:f9:ac:cd:39:17:37:10:c6:49:64:0f:fb:6c:cf:a5: a0:d9:a0:1c -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIULtjbHp/UzYyvSSfksyg216vjX9UwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUwNjA1MTQzNzA3WhcNMjUwNzEwMjM1OTU5 WjB6MUkwRwYDVQQFE0BhNGU3YjU3MWI0ZDgxYzQ2OTQyZjA4ZjYwOTA2MGEzZjRl MTRmMWNlMDdmZDNjNWYxY2I1Y2FlMzYzZjcxZTJhMS0wKwYDVQQDEyQ4Y2Q4NDQy Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCWwHk/Jn/OSJJwWL+IEbFFXeE11EZnQhUU/TzcuxPPFfFV t/sb7aCfeHytwBtOrDUJZsPsuvUrDgEjG7vD0Gn1HDOrBFGTV0o+phPGZs4GDt9C 9ofTse9aoV1Cj3Fn99KL1O3ak5FGv8N4nn7HGyUfikeXzZemCT8VH8sEQbIV7/JH xg3TjluYFJvoS7vgV2xArlb+oq/8w51bLNAIXFxSwBx+6+t1O7opBiIRGjj65ift 8kj7YioxEXbZ8lN/VYTpr4bFRJRm6LMKgCOqRZ5Rj/LRP7/9sSkmo5yC4wx3G984 nMeHnJj8hGhOmtwKF2bx3m/QVUlwr+azom77bK4rAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUsqgjcoGes7ZOEdHK9luMTgOANcUwHwYDVR0jBBgwFoAUasw+faLnbZkR D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00 NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1 Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx MTI5ODY2MzYyLzIyOTY1ODFmLTkyNDgtNDU2Ny05NGQ3LWVhM2ExNThkM2M1NS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4 LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAAjYPwwDQYJKoZIhvcNAQELBQADggEBAGHWx8jKMt1FmEQy/88ndCPhkJra TQhzAaId6Nndvqdt40zw5XLsKs0bNFogQk2G9h0XNp8I5Je258g3P6E/DZ8vkeW8 UBjW8bYi6T2kCshUiK4c1AohNSAzw4XoSi50t942MqGmcseioRHFiq7a/h5ZLPNY EUj4g4vLNMsqeNy9t3xg1g/Rw1tP6bwKfNeSyJ5jJbWmj1DvRCudOsbVP6v7QiAc sWYZK4Q/PGC779JkGiVk1Y+r3uOpETk9l95XCTT+eKMfgbeWvxvPjh7VfWTvnm+R v0pWae5BwC0zQ408aiTJ9TPppprdkw2lFfmszTkXNxDGSWQP+2zPpaDZoBw= -----END CERTIFICATE-----Generated at Sat Jun 14 07:08:03 2025 by rpki-client