$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9dfe9c23-3390-44e3-853d-2a5c92562a64.roa File: 9dfe9c23-3390-44e3-853d-2a5c92562a64.roa (raw, json) Hash identifier: SYT5NXdNlt/an0jUNxR+dqFHDywUwpOVPqxm2BNKQZg= Subject key identifier: 61:30:03:7B:E5:98:D7:F6:47:6B:BA:DB:1A:7F:FF:F5:1C:EB:52:3F Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 6E1CB5CC46ABCB63B8B720CE092B70FBE1DDA87B Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9dfe9c23-3390-44e3-853d-2a5c92562a64.roa Signing time: Wed 16 Jul 2025 00:01:37 +0000 ROA not before: Wed 16 Jul 2025 00:01:37 +0000 ROA not after: Wed 20 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 16.118.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 24 Jul 2025 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:1c:b5:cc:46:ab:cb:63:b8:b7:20:ce:09:2b:70:fb:e1:dd:a8:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Jul 16 00:01:37 2025 GMT Not After : Aug 20 23:59:59 2025 GMT Subject: serialNumber=209ba26e79b21bc15124f434d2877e149bf6f58001d28261098661c880eb19c0, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:15:80:a4:0b:28:6a:32:e4:f5:09:aa:40:3c: e5:6d:78:df:03:5f:2b:77:1f:01:22:68:58:df:b0: 49:e5:fa:8c:1b:22:bb:97:e3:ae:54:57:91:be:ef: 69:fa:05:43:e7:db:65:29:76:52:1a:14:6b:65:59: 41:51:8f:ea:07:e3:5a:00:17:c6:09:8b:ac:f3:8a: 05:92:f9:f1:ae:d8:a7:38:c2:b9:d1:6b:04:fe:7a: a5:35:bc:f1:e9:28:ef:0c:3b:4a:c0:dd:ba:b9:d7: c7:b6:27:fb:4a:66:61:27:fa:82:23:4d:55:4c:23: cb:98:62:a9:9e:fd:90:e2:c7:e9:43:4d:55:73:04: f8:c9:c1:64:a2:46:fe:6b:69:d3:d4:74:8a:fd:ba: a1:5a:d0:3c:2b:07:19:47:70:c7:6e:a4:1a:bf:b8: 17:da:c0:de:1f:4b:d6:e3:fc:dd:a9:31:ae:40:81: 9d:a0:24:5e:6b:70:94:16:29:1c:87:8e:60:42:ea: cf:0b:46:c0:19:54:22:52:6f:af:3a:80:06:85:e2: f0:98:47:da:63:c9:f3:c0:c5:e6:8d:c0:a4:3e:ca: 85:84:b8:85:ed:40:0e:32:16:0e:62:25:f1:fc:e0: 0f:98:9a:40:13:d8:fa:26:34:ac:5e:80:7e:29:1c: c9:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:30:03:7B:E5:98:D7:F6:47:6B:BA:DB:1A:7F:FF:F5:1C:EB:52:3F X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9dfe9c23-3390-44e3-853d-2a5c92562a64.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 16.118.0.0/16 Signature Algorithm: sha256WithRSAEncryption 2f:ee:97:4b:9e:86:de:7a:a0:26:b8:0a:f8:e5:73:71:af:11: 7f:72:a4:d5:b9:23:33:3c:54:09:eb:4f:b3:21:44:41:5d:5c: af:ab:ad:73:39:89:a4:ae:4e:9c:5c:f6:44:48:c6:21:43:a3: e5:4e:62:7b:a8:7a:55:18:9c:18:60:01:dd:80:cd:71:a5:4e: d5:22:d3:5a:e2:49:27:ee:ef:62:70:db:45:ea:5c:99:d1:37: de:22:b4:ef:77:f6:e4:b3:9e:c3:df:13:42:8c:e7:92:29:9b: 5a:0f:4a:fc:eb:5e:94:8f:34:77:b9:c5:d6:0a:73:38:2c:7a: df:d7:58:ab:cd:e7:da:ba:24:78:9f:4d:c7:a1:91:20:64:eb: bd:44:63:7f:92:98:98:01:cd:62:3c:f1:b0:a8:63:5d:bc:c0: 74:9b:6d:68:ef:62:1a:21:d8:0d:4f:9f:c2:d3:89:f7:e7:79: 8b:12:f5:e0:e5:63:a3:0e:4c:83:3f:61:2f:c4:61:3b:34:fb: b6:5b:1b:9e:6a:72:c8:88:75:41:6b:81:e0:7e:ae:72:cb:e0: 26:8b:5d:47:15:bf:c5:11:38:9f:b2:d6:52:c0:5c:99:12:2f: eb:9c:d6:c2:ae:7b:f2:6c:d8:4f:d1:16:26:40:68:ce:f8:6a: c7:97:83:6e -----BEGIN CERTIFICATE----- MIIF9zCCBN+gAwIBAgIUbhy1zEary2O4tyDOCStw++HdqHswDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzE2MDAwMTM3WhcNMjUwODIwMjM1OTU5 WjB6MUkwRwYDVQQFE0AyMDliYTI2ZTc5YjIxYmMxNTEyNGY0MzRkMjg3N2UxNDli ZjZmNTgwMDFkMjgyNjEwOTg2NjFjODgwZWIxOWMwMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCOFYCkCyhqMuT1CapAPOVteN8DXyt3HwEiaFjfsEnl+owb IruX465UV5G+72n6BUPn22UpdlIaFGtlWUFRj+oH41oAF8YJi6zzigWS+fGu2Kc4 wrnRawT+eqU1vPHpKO8MO0rA3bq518e2J/tKZmEn+oIjTVVMI8uYYqme/ZDix+lD TVVzBPjJwWSiRv5radPUdIr9uqFa0DwrBxlHcMdupBq/uBfawN4fS9bj/N2pMa5A gZ2gJF5rcJQWKRyHjmBC6s8LRsAZVCJSb686gAaF4vCYR9pjyfPAxeaNwKQ+yoWE uIXtQA4yFg5iJfH84A+YmkAT2PomNKxegH4pHMnDAgMBAAGjggKwMIICrDAdBgNV HQ4EFgQUYTADe+WY1/ZHa7rbGn//9RzrUj8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzlkZmU5YzIzLTMzOTAtNDRlMy04NTNkLTJhNWM5MjU2MmE2NC5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB MAUDAwAQdjANBgkqhkiG9w0BAQsFAAOCAQEAL+6XS56G3nqgJrgK+OVzca8Rf3Kk 1bkjMzxUCetPsyFEQV1cr6utczmJpK5OnFz2REjGIUOj5U5ie6h6VRicGGAB3YDN caVO1SLTWuJJJ+7vYnDbRepcmdE33iK073f25LOew98TQoznkimbWg9K/OtelI80 d7nF1gpzOCx639dYq83n2rokeJ9Nx6GRIGTrvURjf5KYmAHNYjzxsKhjXbzAdJtt aO9iGiHYDU+fwtOJ9+d5ixL14OVjow5Mgz9hL8RhOzT7tlsbnmpyyIh1QWuB4H6u csvgJotdRxW/xRE4n7LWUsBcmRIv65zWwq578mzYT9EWJkBozvhqx5eDbg== -----END CERTIFICATE-----Generated at Wed Jul 23 02:22:46 2025 by rpki-client