$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/5d6508ce-47a1-4002-b03b-9ce21b16cf60.roa File: 5d6508ce-47a1-4002-b03b-9ce21b16cf60.roa (raw, json) Hash identifier: pKbnmUZtK45s7UMRuC4ueAxprJzIsuab5N79C2+jd08= Subject key identifier: B2:2F:A0:1D:7C:60:91:C0:EA:7C:08:6B:DB:24:04:D8:B1:5E:D5:50 Certificate issuer: /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c Certificate serial: 3D56192F492DCAF45CB4BB45FDF3D4B1638FF7A6 Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/5d6508ce-47a1-4002-b03b-9ce21b16cf60.roa Signing time: Tue 21 Oct 2025 12:20:00 +0000 ROA not before: Tue 21 Oct 2025 12:20:00 +0000 ROA not after: Tue 25 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 35.96.14.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Fri 07 Nov 2025 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:56:19:2f:49:2d:ca:f4:5c:b4:bb:45:fd:f3:d4:b1:63:8f:f7:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c Validity Not Before: Oct 21 12:20:00 2025 GMT Not After : Nov 25 23:59:59 2025 GMT Subject: serialNumber=e760f0bc356331b3c4f76424d57699a21b24c274de968f053b03fd8dbe2cc4b4, CN=8cd8442f-235f-4171-84e6-8e1007a64c60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:11:c6:07:cf:5d:6d:bd:88:34:f9:cc:8c:c2: 59:7e:04:0d:ed:49:ac:e9:55:77:b1:95:55:2e:92: b1:51:13:4e:60:d1:9f:e5:17:70:cb:f4:5b:9f:96: e4:ec:72:95:42:66:41:f8:58:a1:fd:71:9d:87:2c: 4b:3f:05:4d:25:56:b9:0d:78:69:79:30:83:05:81: a1:91:24:91:82:da:ab:db:28:15:b1:a0:93:49:31: 41:b0:33:e4:71:02:55:8b:06:67:60:ba:97:c1:7e: 31:80:06:0d:23:1c:7b:08:4d:5d:4e:30:04:76:05: c1:83:66:d2:06:20:50:bd:e3:4c:2a:aa:b6:30:1f: f9:d0:ab:b3:23:51:2d:c0:b1:55:83:b3:aa:de:f8: 75:04:4e:8a:6c:02:19:57:94:21:cc:8b:1b:34:30: 72:4e:ee:54:dc:45:70:e5:49:9e:ba:87:11:45:51: 7c:a3:27:76:91:94:d9:2b:5d:28:43:74:a7:a5:8e: 37:a8:eb:7a:16:f2:4b:b3:b8:8e:6d:98:60:bf:25: 13:e2:52:05:58:f3:bb:b5:17:1b:df:39:bf:e4:7e: 66:b2:36:25:50:60:ed:cf:9b:b2:92:2b:49:a4:ba: b9:bc:c5:23:b1:f7:db:87:9c:48:32:f6:0a:32:ec: af:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:2F:A0:1D:7C:60:91:C0:EA:7C:08:6B:DB:24:04:D8:B1:5E:D5:50 X509v3 Authority Key Identifier: keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/5d6508ce-47a1-4002-b03b-9ce21b16cf60.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 35.96.14.0/24 Signature Algorithm: sha256WithRSAEncryption 7a:a9:a6:ce:86:1c:ec:22:32:a0:07:16:1c:d4:a9:2f:fd:4d: 1e:56:34:04:4c:a9:16:4a:58:51:83:61:3c:48:89:ae:37:21: f2:c2:29:65:7d:e2:69:a9:a8:35:89:9e:46:c3:6b:8c:b6:5d: 68:86:63:ac:c1:5b:e1:ee:54:16:f0:f2:7f:4a:e9:e0:6b:4f: e9:ee:7f:75:ea:e4:44:24:14:9a:2d:4f:87:88:b5:ca:88:e1: 12:23:cb:5c:80:a7:2b:32:71:0b:8b:7f:62:e9:3d:87:8d:23: f0:7e:1f:c2:20:37:5f:0f:d3:74:ad:93:e5:50:dc:57:1d:a1: 62:60:e5:2e:e1:2e:56:25:8c:38:ea:93:30:7b:09:3e:48:f9: 4b:e4:c8:ea:2c:5c:b6:5c:15:a9:8b:d3:bc:2f:db:23:f4:b3: 27:f4:ea:9b:9f:4e:c1:e1:f0:11:41:f9:74:53:c5:16:ce:5a: f1:90:55:af:cf:7d:f5:da:48:04:21:7c:72:b3:b0:0e:ee:aa: 96:9a:80:ce:f9:2d:2f:a7:fb:54:be:e3:fa:94:71:2d:ae:cd: 30:ff:de:28:c1:29:49:37:fc:d5:ec:e3:8c:0d:d7:39:c6:34: 50:81:0e:56:c8:f5:4d:82:dd:8d:3f:ea:77:44:86:93:cc:28: 96:e5:dc:fb -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUPVYZL0ktyvRctLtF/fPUsWOP96YwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUxMDIxMTIyMDAwWhcNMjUxMTI1MjM1OTU5 WjB6MUkwRwYDVQQFE0BlNzYwZjBiYzM1NjMzMWIzYzRmNzY0MjRkNTc2OTlhMjFi MjRjMjc0ZGU5NjhmMDUzYjAzZmQ4ZGJlMmNjNGI0MS0wKwYDVQQDEyQ4Y2Q4NDQy Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCiEcYHz11tvYg0+cyMwll+BA3tSazpVXexlVUukrFRE05g 0Z/lF3DL9FufluTscpVCZkH4WKH9cZ2HLEs/BU0lVrkNeGl5MIMFgaGRJJGC2qvb KBWxoJNJMUGwM+RxAlWLBmdgupfBfjGABg0jHHsITV1OMAR2BcGDZtIGIFC940wq qrYwH/nQq7MjUS3AsVWDs6re+HUETopsAhlXlCHMixs0MHJO7lTcRXDlSZ66hxFF UXyjJ3aRlNkrXShDdKeljjeo63oW8kuzuI5tmGC/JRPiUgVY87u1FxvfOb/kfmay NiVQYO3Pm7KSK0mkurm8xSOx99uHnEgy9goy7K8BAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUsi+gHXxgkcDqfAhr2yQE2LFe1VAwHwYDVR0jBBgwFoAUasw+faLnbZkR D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00 NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1 Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx MTI5ODY2MzYyLzVkNjUwOGNlLTQ3YTEtNDAwMi1iMDNiLTljZTIxYjE2Y2Y2MC5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4 LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAAjYA4wDQYJKoZIhvcNAQELBQADggEBAHqpps6GHOwiMqAHFhzUqS/9TR5W NARMqRZKWFGDYTxIia43IfLCKWV94mmpqDWJnkbDa4y2XWiGY6zBW+HuVBbw8n9K 6eBrT+nuf3Xq5EQkFJotT4eItcqI4RIjy1yApysycQuLf2LpPYeNI/B+H8IgN18P 03Stk+VQ3FcdoWJg5S7hLlYljDjqkzB7CT5I+UvkyOosXLZcFamL07wv2yP0syf0 6pufTsHh8BFB+XRTxRbOWvGQVa/PffXaSAQhfHKzsA7uqpaagM75LS+n+1S+4/qU cS2uzTD/3ijBKUk3/NXs44wN1znGNFCBDlbI9U2C3Y0/6ndEhpPMKJbl3Ps= -----END CERTIFICATE-----Generated at Wed Nov 5 21:41:23 2025 by rpki-client