$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/825bfb63-e691-44c3-91b1-ef9cfe07ece2.roa File: 825bfb63-e691-44c3-91b1-ef9cfe07ece2.roa (raw, json) Hash identifier: XSpjlUfkhp0IAcZ9u2JWeIrmKwGm1fPxywfs9tWEwQA= Subject key identifier: D9:8E:58:AC:CB:64:1D:92:E5:C3:E7:0B:01:22:F3:4E:4C:85:88:31 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 323BFF3DB14253D8BA05F7A33EE20A593C747F Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/825bfb63-e691-44c3-91b1-ef9cfe07ece2.roa Signing time: Fri 11 Jul 2025 00:30:20 +0000 ROA not before: Fri 11 Jul 2025 00:30:20 +0000 ROA not after: Fri 15 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 56.29.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Fri 25 Jul 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:3b:ff:3d:b1:42:53:d8:ba:05:f7:a3:3e:e2:0a:59:3c:74:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Jul 11 00:30:20 2025 GMT Not After : Aug 15 23:59:59 2025 GMT Subject: serialNumber=ed95e7b56a4894236504893f43c403529c190e5c22f8eca13acb8b0ccec4d59c, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:62:34:67:91:37:b5:fc:e9:50:06:56:ef:35: 6f:1f:e6:96:87:8c:d1:8a:f2:ee:69:3e:2c:2a:de: 47:fa:c3:7f:d8:bb:5b:c4:b9:0c:70:1d:59:b2:68: 18:21:80:e4:09:4c:ff:12:d3:6f:4f:33:bf:31:a6: fa:1c:ad:46:14:a7:40:df:bf:28:32:ee:97:a2:9f: b7:6f:9b:ac:6b:00:90:8d:48:58:55:0d:c3:d8:c9: 79:33:6a:f7:c8:af:33:19:22:83:6d:de:14:6f:d7: 40:2b:eb:44:50:ec:5e:21:b8:13:31:b3:df:e3:63: 7f:76:d6:23:3a:aa:0d:49:81:70:3a:93:94:f6:7a: eb:76:96:03:07:56:80:4b:67:d6:f1:9d:59:28:4d: dc:3b:59:17:d0:12:6c:c1:44:5b:67:51:4f:58:1b: f5:0d:d4:8b:39:4e:35:72:7b:76:2b:22:df:ca:ef: d2:6b:68:b0:30:18:8f:ad:14:d5:45:c0:a7:63:2e: b7:6e:85:31:81:a5:64:97:3a:2d:25:34:b5:d7:d6: 93:72:42:b8:e8:c4:f0:76:98:39:03:e8:dd:db:a3: 84:72:d7:ce:f3:cc:8c:09:31:e5:7c:cd:ff:f8:8f: 3c:76:e0:f0:37:e8:ca:13:40:1e:e8:e9:fa:f4:a0: fa:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:8E:58:AC:CB:64:1D:92:E5:C3:E7:0B:01:22:F3:4E:4C:85:88:31 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/825bfb63-e691-44c3-91b1-ef9cfe07ece2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 56.29.0.0/16 Signature Algorithm: sha256WithRSAEncryption 85:e4:7f:1b:0b:9f:28:eb:c8:09:62:85:d2:65:d6:5e:cc:d8: 62:d2:a6:29:ab:d5:29:aa:b8:53:fa:99:63:3c:f6:fd:1c:31: 5f:95:98:0b:32:ea:b0:12:17:6e:6f:2e:1f:31:5f:b6:7a:d5: 80:64:4d:e6:ba:eb:c5:fd:4e:13:a1:15:24:8a:f8:04:cd:43: 6f:70:c8:09:3d:40:68:0f:02:aa:36:c9:81:e0:3a:e5:64:15: ad:e4:cd:9d:3a:b8:56:9d:f0:c6:34:4a:bb:d7:6f:4d:8b:cb: 11:1f:71:14:69:5e:7e:68:c3:aa:7e:f7:37:00:0a:5d:ba:0f: 93:d6:86:c5:5e:85:a9:f3:c9:10:19:3b:52:c0:20:1c:3f:9b: 5b:26:aa:91:a8:60:85:15:c8:30:33:b8:fb:d1:f1:77:c1:64: 94:4f:fc:03:a6:de:0f:22:18:c3:5b:d4:33:b3:b4:ae:9a:29: 1d:23:e2:1a:fa:42:9b:ac:4f:ad:2d:08:cd:7c:0d:4d:9e:c9: 35:d0:8b:ca:56:88:17:70:43:37:34:94:f9:2a:e0:fc:b1:00: 9e:49:01:38:ff:e3:b4:2f:aa:8e:47:76:80:35:64:bb:19:06: a3:09:34:a6:0d:a3:5d:fc:c1:38:25:24:20:6b:e4:b0:f9:6a: 16:e4:b4:e4 -----BEGIN CERTIFICATE----- MIIF9jCCBN6gAwIBAgITMjv/PbFCU9i6BfejPuIKWTx0fzANBgkqhkiG9w0BAQsF ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz NzEwN2RiZThjYjcxZDBhNzAeFw0yNTA3MTEwMDMwMjBaFw0yNTA4MTUyMzU5NTla MHoxSTBHBgNVBAUTQGVkOTVlN2I1NmE0ODk0MjM2NTA0ODkzZjQzYzQwMzUyOWMx OTBlNWMyMmY4ZWNhMTNhY2I4YjBjY2VjNGQ1OWMxLTArBgNVBAMTJGIyNWM5NzBm LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBAI1iNGeRN7X86VAGVu81bx/mloeM0Yry7mk+LCreR/rDf9i7 W8S5DHAdWbJoGCGA5AlM/xLTb08zvzGm+hytRhSnQN+/KDLul6Kft2+brGsAkI1I WFUNw9jJeTNq98ivMxkig23eFG/XQCvrRFDsXiG4EzGz3+Njf3bWIzqqDUmBcDqT lPZ663aWAwdWgEtn1vGdWShN3DtZF9ASbMFEW2dRT1gb9Q3UizlONXJ7disi38rv 0mtosDAYj60U1UXAp2Mut26FMYGlZJc6LSU0tdfWk3JCuOjE8HaYOQPo3dujhHLX zvPMjAkx5XzN//iPPHbg8DfoyhNAHujp+vSg+mkCAwEAAaOCArAwggKsMB0GA1Ud DgQWBBTZjlisy2QdkuXD5wsBIvNOTIWIMTAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy NWMwNDI5NDIvODI1YmZiNjMtZTY5MS00NGMzLTkxYjEtZWY5Y2ZlMDdlY2UyLnJv YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0 LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw BQMDADgdMA0GCSqGSIb3DQEBCwUAA4IBAQCF5H8bC58o68gJYoXSZdZezNhi0qYp q9UpqrhT+pljPPb9HDFflZgLMuqwEhduby4fMV+2etWAZE3muuvF/U4ToRUkivgE zUNvcMgJPUBoDwKqNsmB4DrlZBWt5M2dOrhWnfDGNEq7129Ni8sRH3EUaV5+aMOq fvc3AApdug+T1obFXoWp88kQGTtSwCAcP5tbJqqRqGCFFcgwM7j70fF3wWSUT/wD pt4PIhjDW9Qzs7SumikdI+Ia+kKbrE+tLQjNfA1Nnsk10IvKVogXcEM3NJT5KuD8 sQCeSQE4/+O0L6qOR3aANWS7GQajCTSmDaNd/ME4JSQga+Sw+WoW5LTk -----END CERTIFICATE-----Generated at Thu Jul 24 08:28:47 2025 by rpki-client