$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a8439859-0354-4fe5-8ab0-f74d9806db74.roa File: a8439859-0354-4fe5-8ab0-f74d9806db74.roa (raw, json) Hash identifier: G0OvNVfVde6W01LSf4gHKEbdJnsJeKHihYVuuJ5nark= Subject key identifier: 49:66:81:E0:E1:F8:0C:BC:64:54:B6:F5:F0:B2:50:60:01:35:87:BB Certificate issuer: /CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476 Certificate serial: 3A32CE734923136C391BB787AD441AA21735AB8A Authority key identifier: 25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a8439859-0354-4fe5-8ab0-f74d9806db74.roa Signing time: Tue 21 Oct 2025 09:10:15 +0000 ROA not before: Tue 21 Oct 2025 09:10:15 +0000 ROA not after: Tue 25 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 54.73.0.0/16 maxlen: 16 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/851cef17-132a-4337-b7d1-bf16a52ffd03.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 06 Nov 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:32:ce:73:49:23:13:6c:39:1b:b7:87:ad:44:1a:a2:17:35:ab:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476 Validity Not Before: Oct 21 09:10:15 2025 GMT Not After : Nov 25 23:59:59 2025 GMT Subject: serialNumber=fc03bb24632d39222e0ac40e3c9fd6f3432ca2c9ced170b08f5b235cf0accbf4, CN=5f276045-5b9f-45ef-923d-f3fce24a6225 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:e2:23:c1:67:23:7f:ee:22:78:58:54:2e:b1: d5:b9:1b:90:b5:6d:64:da:c8:5f:9f:dd:69:6c:ef: 36:07:ca:a1:ae:c5:19:84:17:8a:f4:af:1b:84:dc: 71:32:b6:80:26:ea:f8:f8:00:ff:36:59:0f:e0:00: 7f:95:ec:92:17:7f:62:e9:01:59:fa:de:61:89:25: 78:8c:4f:43:40:54:59:46:c6:20:63:1c:45:95:59: 85:3d:e1:88:ce:d6:4e:21:4b:4b:dc:08:72:9b:0e: 2c:93:da:3f:2e:70:1d:10:6f:53:02:02:f9:9c:aa: 70:36:72:3b:02:30:7a:66:97:7a:93:d8:92:49:2a: 18:69:81:4d:44:66:e7:15:49:39:36:2d:2d:e1:64: 76:61:e8:66:07:b3:ab:3c:ac:04:2c:d6:7f:62:f3: 5c:4c:b4:0d:30:fe:14:37:44:82:d9:98:85:1a:b8: ec:d6:63:c1:73:f5:ff:26:41:39:f0:e1:40:fb:45: 0b:d7:8e:e1:44:ea:d4:48:cc:f9:7b:64:18:1e:33: 48:da:82:7f:44:41:04:22:a4:10:1a:62:a0:ac:f7: 32:4c:b1:4b:78:44:bd:26:67:95:5f:a0:0e:bb:3e: d5:82:00:75:d6:6f:ce:ce:47:31:5b:4b:e5:a7:48: a3:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:66:81:E0:E1:F8:0C:BC:64:54:B6:F5:F0:B2:50:60:01:35:87:BB X509v3 Authority Key Identifier: keyid:25:AD:D3:42:B0:1E:B7:A5:8E:AD:19:90:26:88:B5:4B:3F:81:F4:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/851cef17-132a-4337-b7d1-bf16a52ffd03/df6f3b3a34b6386d1a32d8f4fa3178ef31887d8b428dfaa476.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/a8439859-0354-4fe5-8ab0-f74d9806db74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/f703696e-e47b-4c20-bd93-6f80904e42d2/tjhtGjLY9PoxeO8xiH2LQo36pHY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 54.73.0.0/16 Signature Algorithm: sha256WithRSAEncryption 01:af:be:73:23:fc:4e:ed:a3:0f:48:6d:7a:56:bc:c8:01:14: e4:89:1c:e3:bb:7f:84:ce:af:b3:d1:40:bd:6c:87:41:52:be: f9:27:77:10:40:0f:02:86:2c:61:42:5d:f9:94:1a:74:95:62: 62:d9:03:73:7f:49:da:c4:f6:86:d6:28:f3:e4:39:29:62:4d: 07:e7:d3:50:f0:9f:b8:6f:73:d6:f3:85:41:ad:02:70:89:5c: cb:ed:cb:ae:1a:fa:7d:96:5b:99:23:34:b7:3d:5b:de:cc:3c: e4:19:d3:87:18:67:86:b8:22:fb:d6:6c:94:30:1a:7f:f1:a8: f9:ba:7b:11:be:52:41:01:3e:f9:44:74:2f:99:af:60:f9:05: 6d:2f:63:b1:2a:9f:d8:59:02:e2:f7:b7:30:f7:b2:be:74:a8: 22:b3:af:09:f4:50:b8:4d:57:f6:d9:eb:86:38:d8:49:21:61: 02:cd:35:8e:ab:c1:cc:ab:74:d1:f4:73:52:25:52:66:66:0c: b6:36:12:76:8d:2f:2b:f8:94:09:6d:14:53:c2:96:b8:fc:c5: 83:f2:ff:0a:3b:80:c4:ad:a8:ef:69:61:7f:35:a2:ac:68:5d: 72:96:54:30:3a:40:2b:89:ad:5e:3d:a5:17:60:67:01:43:73: 5c:56:f9:d1 -----BEGIN CERTIFICATE----- MIIF9zCCBN+gAwIBAgIUOjLOc0kjE2w5G7eHrUQaohc1q4owDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJkOGY0ZmEzMTc4ZWYz MTg4N2Q4YjQyOGRmYWE0NzYwHhcNMjUxMDIxMDkxMDE1WhcNMjUxMTI1MjM1OTU5 WjB6MUkwRwYDVQQFE0BmYzAzYmIyNDYzMmQzOTIyMmUwYWM0MGUzYzlmZDZmMzQz MmNhMmM5Y2VkMTcwYjA4ZjViMjM1Y2YwYWNjYmY0MS0wKwYDVQQDEyQ1ZjI3NjA0 NS01YjlmLTQ1ZWYtOTIzZC1mM2ZjZTI0YTYyMjUwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQC04iPBZyN/7iJ4WFQusdW5G5C1bWTayF+f3Wls7zYHyqGu xRmEF4r0rxuE3HEytoAm6vj4AP82WQ/gAH+V7JIXf2LpAVn63mGJJXiMT0NAVFlG xiBjHEWVWYU94YjO1k4hS0vcCHKbDiyT2j8ucB0Qb1MCAvmcqnA2cjsCMHpml3qT 2JJJKhhpgU1EZucVSTk2LS3hZHZh6GYHs6s8rAQs1n9i81xMtA0w/hQ3RILZmIUa uOzWY8Fz9f8mQTnw4UD7RQvXjuFE6tRIzPl7ZBgeM0jagn9EQQQipBAaYqCs9zJM sUt4RL0mZ5VfoA67PtWCAHXWb87ORzFbS+WnSKNZAgMBAAGjggKwMIICrDAdBgNV HQ4EFgQUSWaB4OH4DLxkVLb18LJQYAE1h7swHwYDVR0jBBgwFoAUJa3TQrAet6WO rRmQJoi1Sz+B9LgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi84NTFjZWYxNy0x MzJhLTQzMzctYjdkMS1iZjE2YTUyZmZkMDMvZGY2ZjNiM2EzNGI2Mzg2ZDFhMzJk OGY0ZmEzMTc4ZWYzMTg4N2Q4YjQyOGRmYWE0NzYuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvZjcwMzY5NmUtZTQ3Yi00YzIwLWJkOTMtNmY4 MDkwNGU0MmQyL2E4NDM5ODU5LTAzNTQtNGZlNS04YWIwLWY3NGQ5ODA2ZGI3NC5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2Y3MDM2OTZlLWU0N2ItNGMyMC1iZDkz LTZmODA5MDRlNDJkMi90amh0R2pMWTlQb3hlTzh4aUgyTFFvMzZwSFkuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB MAUDAwA2STANBgkqhkiG9w0BAQsFAAOCAQEAAa++cyP8Tu2jD0htela8yAEU5Ikc 47t/hM6vs9FAvWyHQVK++Sd3EEAPAoYsYUJd+ZQadJViYtkDc39J2sT2htYo8+Q5 KWJNB+fTUPCfuG9z1vOFQa0CcIlcy+3Lrhr6fZZbmSM0tz1b3sw85BnThxhnhrgi +9ZslDAaf/Go+bp7Eb5SQQE++UR0L5mvYPkFbS9jsSqf2FkC4ve3MPeyvnSoIrOv CfRQuE1X9tnrhjjYSSFhAs01jqvBzKt00fRzUiVSZmYMtjYSdo0vK/iUCW0UU8KW uPzFg/L/CjuAxK2o72lhfzWirGhdcpZUMDpAK4mtXj2lF2BnAUNzXFb50Q== -----END CERTIFICATE-----Generated at Wed Nov 5 01:56:12 2025 by rpki-client