$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/828c35a4-d70a-329b-afc8-43f0c6744f3e.roa File: 828c35a4-d70a-329b-afc8-43f0c6744f3e.roa (raw, json) Hash identifier: 66ZCbTqNoMjitCCWKpU+phTH0cYKb5ztTfVb720rYUM= Subject key identifier: F0:82:16:D4:C4:E4:A1:A5:98:C9:18:2D:4E:2F:7C:62:D8:90:36:30 Certificate issuer: /CN=3b72c968-d673-4a7a-bfec-4071a7be5317 Certificate serial: 010D0C9F4328584BAA97A73D54D356B2AFF51800 Authority key identifier: D4:D0:6C:E1:8F:F9:73:1D:53:22:23:6D:36:3F:38:F6:81:03:B5:6F Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317.cer Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/828c35a4-d70a-329b-afc8-43f0c6744f3e.roa Signing time: Tue 28 Oct 2025 01:00:31 +0000 ROA not before: Tue 28 Oct 2025 01:00:31 +0000 ROA not after: Mon 26 Jan 2026 02:00:31 +0000 asID: 27589 IP address blocks: 64.59.64.0/18 maxlen: 24 66.244.144.0/20 maxlen: 24 74.206.160.0/19 maxlen: 24 99.192.128.0/17 maxlen: 24 104.193.120.0/22 maxlen: 24 162.250.76.0/22 maxlen: 24 184.94.144.0/20 maxlen: 24 199.19.200.0/21 maxlen: 24 199.59.88.0/21 maxlen: 24 199.182.104.0/21 maxlen: 24 199.241.96.0/21 maxlen: 24 208.74.148.0/22 maxlen: 24 208.122.192.0/19 maxlen: 24 2607:f5a8::/32 maxlen: 48 2607:ffb8::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/3b72c968-d673-4a7a-bfec-4071a7be5317.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/3b72c968-d673-4a7a-bfec-4071a7be5317.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 06 Nov 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:0d:0c:9f:43:28:58:4b:aa:97:a7:3d:54:d3:56:b2:af:f5:18:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b72c968-d673-4a7a-bfec-4071a7be5317 Validity Not Before: Oct 28 01:00:31 2025 GMT Not After : Jan 26 02:00:31 2026 GMT Subject: CN=2fb5e0e6-ed0f-4ac1-b330-a6b45ab9d826 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:e0:e8:89:21:c7:48:16:96:ea:e0:c7:21:40: 84:cf:72:42:9e:78:16:9b:fe:c6:d4:f1:b9:d6:51: 85:a8:ac:f3:e7:dd:71:21:17:11:24:b2:6d:31:12: 4d:51:46:c7:6c:13:c9:d3:b8:a9:d5:4f:e5:ee:26: 35:9b:4a:d2:08:90:4f:36:c0:67:5f:a7:d5:17:a4: bf:dd:ab:93:7b:87:08:4e:51:cf:ac:03:c2:b5:85: 3a:46:10:26:f6:1f:5a:c6:78:37:16:69:44:bb:01: 24:bf:13:6b:d4:22:61:b8:d1:a5:bb:5e:8f:e8:86: 81:0e:f0:92:ac:51:9b:d0:3d:53:ba:2a:68:00:5b: 7b:c5:8c:39:8e:f3:ab:d0:c6:04:3e:35:79:03:b9: af:1f:eb:3f:29:31:38:ef:11:7b:07:b7:38:10:ed: 8d:38:6c:29:a7:22:5c:af:f7:2f:fb:b4:b7:c5:43: 88:e3:54:b9:dd:bf:59:fb:86:4a:ca:4c:6b:f4:54: 0b:82:c8:a4:1b:e2:d4:34:f7:d5:df:b2:87:09:57: a5:f6:ac:9d:bb:45:fa:e1:b1:ad:c7:d0:3d:5a:47: 19:a1:1b:0d:8d:56:c5:9e:a6:e7:eb:28:45:a2:e3: 73:6f:9e:0b:c6:86:03:4e:9c:0c:f2:f8:07:b1:2e: b2:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:82:16:D4:C4:E4:A1:A5:98:C9:18:2D:4E:2F:7C:62:D8:90:36:30 Subject Information Access: Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/828c35a4-d70a-329b-afc8-43f0c6744f3e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317/3b72c968-d673-4a7a-bfec-4071a7be5317.crl X509v3 Authority Key Identifier: keyid:D4:D0:6C:E1:8F:F9:73:1D:53:22:23:6D:36:3F:38:F6:81:03:B5:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3b72c968-d673-4a7a-bfec-4071a7be5317.cer sbgp-ipAddrBlock: critical IPv4: 64.59.64.0/18 66.244.144.0/20 74.206.160.0/19 99.192.128.0/17 104.193.120.0/22 162.250.76.0/22 184.94.144.0/20 199.19.200.0/21 199.59.88.0/21 199.182.104.0/21 199.241.96.0/21 208.74.148.0/22 208.122.192.0/19 IPv6: 2607:f5a8::/32 2607:ffb8::/32 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.arin.net/resources/rpki/cps.html Signature Algorithm: sha256WithRSAEncryption 9c:48:69:a1:0d:c5:a3:98:c8:56:9d:b3:f3:6c:21:85:ab:39: 69:1f:e1:ec:0c:ee:f8:93:1f:c8:32:af:c3:1c:55:92:f3:ae: 67:88:2a:7e:7d:26:cc:ae:07:55:98:12:a9:e0:f8:65:15:ef: f9:68:21:92:e2:bf:df:8b:19:04:bc:1a:8f:b4:5b:cd:f4:18: 15:38:3b:0c:37:d5:8a:73:02:4f:ae:4f:ed:45:1e:ca:19:84: 33:48:07:55:82:cb:97:2e:e3:7c:26:98:d7:b2:54:eb:0b:ba: b1:57:1a:9a:d6:39:40:99:e0:2a:f7:ca:f7:6c:ca:a0:60:ef: a8:bf:b9:64:6c:ac:7e:80:96:ae:c7:ca:ee:02:af:4f:31:49: f5:1c:79:ad:bd:6d:01:68:c8:4a:6a:17:e3:2f:eb:8b:3c:87: 24:a2:82:32:68:59:bf:92:d1:d4:48:d6:db:10:bf:98:83:11: d6:8a:0e:7d:ac:a8:17:a6:00:7f:16:32:dc:da:47:ca:e0:43: 82:d6:bd:54:90:1b:c3:bf:83:c6:0d:98:4d:02:12:ce:76:b6: c4:de:94:b0:b9:f1:f0:a9:56:c6:e6:b7:52:3b:be:68:a7:b6: ff:9f:83:93:4e:6f:e7:20:68:8f:be:b6:51:07:d0:31:5d:aa: 24:7d:43:fb -----BEGIN CERTIFICATE----- MIIGoTCCBYmgAwIBAgIUAQ0Mn0MoWEuql6c9VNNWsq/1GAAwDQYJKoZIhvcNAQEL BQAwLzEtMCsGA1UEAxMkM2I3MmM5NjgtZDY3My00YTdhLWJmZWMtNDA3MWE3YmU1 MzE3MB4XDTI1MTAyODAxMDAzMVoXDTI2MDEyNjAyMDAzMVowLzEtMCsGA1UEAxMk MmZiNWUwZTYtZWQwZi00YWMxLWIzMzAtYTZiNDVhYjlkODI2MIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+DoiSHHSBaW6uDHIUCEz3JCnngWm/7G1PG5 1lGFqKzz591xIRcRJLJtMRJNUUbHbBPJ07ip1U/l7iY1m0rSCJBPNsBnX6fVF6S/ 3auTe4cITlHPrAPCtYU6RhAm9h9axng3FmlEuwEkvxNr1CJhuNGlu16P6IaBDvCS rFGb0D1TuipoAFt7xYw5jvOr0MYEPjV5A7mvH+s/KTE47xF7B7c4EO2NOGwppyJc r/cv+7S3xUOI41S53b9Z+4ZKykxr9FQLgsikG+LUNPfV37KHCVel9qydu0X64bGt x9A9WkcZoRsNjVbFnqbn6yhFouNzb54LxoYDTpwM8vgHsS6yYwIDAQABo4IDszCC A68wHQYDVR0OBBYEFPCCFtTE5KGlmMkYLU4vfGLYkDYwMIHlBggrBgEFBQcBCwSB 2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8zYjcy Yzk2OC1kNjczLTRhN2EtYmZlYy00MDcxYTdiZTUzMTcvODI4YzM1YTQtZDcwYS0z MjliLWFmYzgtNDNmMGM2NzQ0ZjNlLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvM2I3MmM5NjgtZDY3My00YTdhLWJm ZWMtNDA3MWE3YmU1MzE3LzNiNzJjOTY4LWQ2NzMtNGE3YS1iZmVjLTQwNzFhN2Jl NTMxNy5jcmwwHwYDVR0jBBgwFoAU1NBs4Y/5cx1TIiNtNj849oEDtW8wDgYDVR0P AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2 Yy1iYTA1LTg3MTg3ZjAwOTliMi8zYjcyYzk2OC1kNjczLTRhN2EtYmZlYy00MDcx YTdiZTUzMTcuY2VyMH0GCCsGAQUFBwEHAQH/BG4wbDBUBAIAATBOAwQGQDtAAwQE QvSQAwQFSs6gAwQHY8CAAwQCaMF4AwQCovpMAwQEuF6QAwQDxxPIAwQDxztYAwQD x7ZoAwQDx/FgAwQC0EqUAwQF0HrAMBQEAgACMA4DBQAmB/WoAwUAJgf/uDBUBgNV HSABAf8ESjBIMEYGCCsGAQUFBw4CMDowOAYIKwYBBQUHAgEWLGh0dHBzOi8vd3d3 LmFyaW4ubmV0L3Jlc291cmNlcy9ycGtpL2Nwcy5odG1sMA0GCSqGSIb3DQEBCwUA A4IBAQCcSGmhDcWjmMhWnbPzbCGFqzlpH+HsDO74kx/IMq/DHFWS865niCp+fSbM rgdVmBKp4PhlFe/5aCGS4r/fixkEvBqPtFvN9BgVODsMN9WKcwJPrk/tRR7KGYQz SAdVgsuXLuN8JpjXslTrC7qxVxqa1jlAmeAq98r3bMqgYO+ov7lkbKx+gJaux8ru Aq9PMUn1HHmtvW0BaMhKahfjL+uLPIckooIyaFm/ktHUSNbbEL+YgxHWig59rKgX pgB/FjLc2kfK4EOC1r1UkBvDv4PGDZhNAhLOdrbE3pSwufHwqVbG5rdSO75op7b/ n4OTTm/nIGiPvrZRB9AxXaokfUP7 -----END CERTIFICATE-----Generated at Wed Nov 5 11:09:55 2025 by rpki-client