$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3e7c3721-b1a3-4a25-bf48-db620d09215a.roa File: 3e7c3721-b1a3-4a25-bf48-db620d09215a.roa (raw, json) Hash identifier: 5qRTBDrqHMt5dtvQNr+NWx2mLdogOGq0WMiPA3Rz+0Q= Subject key identifier: C5:DF:7C:C2:3B:B9:90:6B:B6:00:69:82:4A:6F:92:8D:D5:12:B0:13 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 3E25477CBC90BBD6AE5AFBD69B2533305E51E34F Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3e7c3721-b1a3-4a25-bf48-db620d09215a.roa Signing time: Mon 14 Jul 2025 15:01:31 +0000 ROA not before: Mon 14 Jul 2025 15:01:31 +0000 ROA not after: Mon 18 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 203.119.12.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Tue 22 Jul 2025 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:25:47:7c:bc:90:bb:d6:ae:5a:fb:d6:9b:25:33:30:5e:51:e3:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Jul 14 15:01:31 2025 GMT Not After : Aug 18 23:59:59 2025 GMT Subject: serialNumber=7de80af86d2f4cd035d804ecec351bf1c4253cfe1a529f19975b4620f6b08ce4, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:cd:e3:4e:58:8d:51:f9:d7:11:30:12:c8:7b: 14:31:bb:7c:30:9b:a4:55:54:b5:be:90:83:ed:1e: f8:94:73:b3:b4:25:a1:94:9c:00:93:3a:49:5e:c4: ea:6d:c9:e8:a6:ca:74:75:3d:2d:4e:8b:1e:57:8c: 64:0b:47:44:83:74:ff:36:68:1e:89:b2:3a:6e:1f: 36:76:29:b1:fe:ce:ba:9b:13:e6:31:1e:0b:de:cf: 68:9f:c4:89:b5:75:96:f9:3c:24:0f:81:fb:29:af: 9a:96:a1:34:25:51:d6:28:a4:1e:44:20:0d:7f:13: 30:40:bc:29:18:d4:91:65:bd:3c:e5:18:b7:11:89: 0c:f8:b1:f1:bf:dd:15:54:cd:0e:5a:b3:b9:fa:c7: 21:29:4b:ea:83:70:eb:d8:16:9a:a8:3b:9f:ec:fa: 53:eb:bc:4b:6d:2f:b5:19:a2:bf:3c:60:1a:90:aa: 6e:50:49:21:15:47:ee:bd:c0:a6:15:6e:39:ea:8d: 17:d2:da:97:32:fe:e9:b1:da:37:bc:d5:24:05:ba: fb:a5:56:37:2b:53:e5:6b:32:97:55:c7:6d:bb:08: 3f:6a:c7:91:c0:b6:21:ed:30:c0:1c:58:16:b3:a1: ae:ad:b6:4d:97:1f:17:a5:f2:92:62:15:95:af:c4: e7:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:DF:7C:C2:3B:B9:90:6B:B6:00:69:82:4A:6F:92:8D:D5:12:B0:13 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3e7c3721-b1a3-4a25-bf48-db620d09215a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 203.119.12.0/24 Signature Algorithm: sha256WithRSAEncryption be:b7:65:c6:31:dc:06:aa:68:1b:62:38:af:19:91:6e:76:77: b0:58:f1:ea:4a:4f:22:f8:32:b1:9f:81:58:c8:d0:ad:89:00: 9e:fd:80:ee:a1:40:26:c1:3d:c5:a7:16:c3:8a:59:28:b9:bc: 89:07:ab:5a:1d:4a:e5:77:89:42:b8:2a:7f:48:3a:b0:57:23: f0:ff:ea:80:84:fc:44:d3:02:a5:6c:61:2e:ea:1c:fd:87:0c: f9:2f:af:40:5c:af:11:7a:ca:b8:42:a3:ef:b1:88:9e:49:03: 28:58:fb:61:3d:99:ea:00:3b:0c:66:53:80:50:e7:53:80:d3: 3c:36:c1:7e:a3:03:3a:fb:d0:b8:06:5a:cf:c1:6b:71:5b:22: 10:8a:37:36:2c:1a:09:04:10:c9:2e:90:45:ca:d0:42:a7:4b: d4:26:e8:e1:b6:b2:c1:6f:9c:2f:8c:72:ab:0c:95:38:46:0d: d9:c1:11:59:f8:29:66:69:0a:15:ca:34:94:a1:c8:50:c7:1b: 81:42:fb:fb:29:a3:e2:7a:8f:b6:98:76:ea:82:83:60:13:38: 55:0a:3a:32:8b:40:94:c6:11:ed:c8:98:5f:da:87:2e:18:72: 1d:e5:55:3e:b2:f0:fb:4f:fa:aa:45:d4:50:78:1e:15:6c:bd: 25:32:55:c1 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUPiVHfLyQu9auWvvWmyUzMF5R408wDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE0MTUwMTMxWhcNMjUwODE4MjM1OTU5 WjB6MUkwRwYDVQQFE0A3ZGU4MGFmODZkMmY0Y2QwMzVkODA0ZWNlYzM1MWJmMWM0 MjUzY2ZlMWE1MjlmMTk5NzViNDYyMGY2YjA4Y2U0MS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQC2zeNOWI1R+dcRMBLIexQxu3wwm6RVVLW+kIPtHviUc7O0 JaGUnACTOklexOptyeimynR1PS1Oix5XjGQLR0SDdP82aB6JsjpuHzZ2KbH+zrqb E+YxHgvez2ifxIm1dZb5PCQPgfspr5qWoTQlUdYopB5EIA1/EzBAvCkY1JFlvTzl GLcRiQz4sfG/3RVUzQ5as7n6xyEpS+qDcOvYFpqoO5/s+lPrvEttL7UZor88YBqQ qm5QSSEVR+69wKYVbjnqjRfS2pcy/umx2je81SQFuvulVjcrU+VrMpdVx227CD9q x5HAtiHtMMAcWBazoa6ttk2XHxel8pJiFZWvxOfBAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUxd98wju5kGu2AGmCSm+SjdUSsBMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzNlN2MzNzIxLWIxYTMtNGEyNS1iZjQ4LWRiNjIwZDA5MjE1YS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBADLdwwwDQYJKoZIhvcNAQELBQADggEBAL63ZcYx3AaqaBtiOK8ZkW52d7BY 8epKTyL4MrGfgVjI0K2JAJ79gO6hQCbBPcWnFsOKWSi5vIkHq1odSuV3iUK4Kn9I OrBXI/D/6oCE/ETTAqVsYS7qHP2HDPkvr0BcrxF6yrhCo++xiJ5JAyhY+2E9meoA OwxmU4BQ51OA0zw2wX6jAzr70LgGWs/Ba3FbIhCKNzYsGgkEEMkukEXK0EKnS9Qm 6OG2ssFvnC+McqsMlThGDdnBEVn4KWZpChXKNJShyFDHG4FC+/spo+J6j7aYduqC g2ATOFUKOjKLQJTGEe3ImF/ahy4Ych3lVT6y8PtP+qpF1FB4HhVsvSUyVcE= -----END CERTIFICATE-----Generated at Mon Jul 21 18:04:01 2025 by rpki-client