$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a31abf8e-abb9-416e-89b1-647842c3d07d.roa File: a31abf8e-abb9-416e-89b1-647842c3d07d.roa (raw, json) Hash identifier: 8HFuj5a5QPAsYCq2DDUTeaEIbd9aEABBOKp0DXEcNKM= Subject key identifier: 89:7D:C3:42:22:53:2C:90:C0:0C:26:6D:14:30:AA:09:D2:37:34:3E Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 0BE49F37BBD204F02CF689C77434234E470E21E7 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a31abf8e-abb9-416e-89b1-647842c3d07d.roa Signing time: Tue 08 Jul 2025 16:12:03 +0000 ROA not before: Tue 08 Jul 2025 16:12:03 +0000 ROA not after: Tue 12 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:1ffb:2000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Wed 23 Jul 2025 00:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:e4:9f:37:bb:d2:04:f0:2c:f6:89:c7:74:34:23:4e:47:0e:21:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Jul 8 16:12:03 2025 GMT Not After : Aug 12 23:59:59 2025 GMT Subject: serialNumber=1041f271a57d9baf00e546a215c3bc10d1efcb45f3a6a3443cae0f7eedc1461a, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:dd:b3:d6:11:4b:06:8e:9e:01:b9:b3:19:7d: e6:2a:ed:c2:e8:99:31:d5:42:3d:10:db:8e:fb:18: 4e:7b:53:a0:0f:51:6a:40:44:11:ba:24:fb:62:9e: a9:a2:6b:7d:60:0c:60:2f:0d:94:37:75:1d:1c:f2: 89:ee:9d:49:d0:be:96:86:4a:03:27:9c:cb:12:34: 97:dc:58:9e:e2:17:e6:63:a3:3b:30:d5:c1:f0:d8: 2f:27:5f:37:e8:f3:b2:3b:ef:ef:d3:d2:b5:88:67: b6:6a:79:61:9d:49:dc:f0:29:8d:0d:c7:c9:e1:4a: 95:46:5d:b3:52:e9:a3:39:ec:a1:29:32:77:dc:04: 22:22:b2:d1:61:4c:70:42:78:e5:bb:d7:09:3a:eb: bf:fe:6d:a2:03:d9:53:7d:8f:1d:d2:a2:4d:5d:c4: c3:e1:50:d5:14:87:82:41:76:d7:cd:a8:6a:22:dc: b0:43:d1:d8:f8:8c:46:eb:b1:b2:5d:7b:ff:0d:b9: 2c:f4:50:d2:b3:4d:18:c3:8a:f9:ae:de:f4:2f:26: ca:94:de:f7:01:cf:7a:80:55:49:80:39:83:ea:c7: 04:c6:97:7f:2a:45:28:8b:a7:c1:cb:0d:e0:ee:ac: 88:d3:5b:54:f8:d1:32:ed:44:29:e5:7a:b9:c4:3d: 4d:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:7D:C3:42:22:53:2C:90:C0:0C:26:6D:14:30:AA:09:D2:37:34:3E X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a31abf8e-abb9-416e-89b1-647842c3d07d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:1ffb:2000::/40 Signature Algorithm: sha256WithRSAEncryption ba:f3:ff:d0:4c:d6:63:a7:1e:d1:8d:fd:36:34:91:45:71:44: 21:4a:98:01:b2:f0:39:45:59:a1:85:ce:13:d8:4c:5c:a6:59: 68:7f:64:72:09:0e:e1:7e:b7:fd:a2:b5:6e:7d:8a:51:56:04: 26:0b:6a:43:1e:61:5c:3b:b6:98:5d:6f:de:f4:b7:bf:41:9a: 93:92:9e:5f:2c:37:58:e0:b9:d6:95:e0:1a:e3:50:a8:88:47: 50:25:66:a9:25:59:82:74:49:3d:f5:63:ef:b3:30:d0:56:73: b5:bb:d4:ed:99:4c:42:de:d6:1b:18:6f:3d:04:33:bc:4c:b9: ec:89:26:20:ed:5a:f8:19:e4:e3:56:f4:2e:df:cc:03:9f:17: ff:ba:32:28:2c:d0:37:bb:ba:3c:74:df:5a:54:6e:35:19:71: 0d:60:bd:b7:96:0f:94:9e:4f:3c:03:59:f2:95:87:42:a2:41: 87:ae:a9:71:89:c5:3e:6e:8d:05:70:bd:22:7c:2f:f9:0e:e5: b1:b6:b0:a8:a5:58:4b:87:e0:61:e1:17:dc:a3:48:fa:b5:7d: 38:7a:90:4d:0d:7f:06:31:cf:40:f6:02:bb:a6:d4:a2:d3:83: 1b:9d:44:ea:b5:11:45:2a:1a:cc:a0:46:57:7b:4d:10:6c:b1: 23:ca:e6:d5 -----BEGIN CERTIFICATE----- MIIF+jCCBOKgAwIBAgIUC+SfN7vSBPAs9onHdDQjTkcOIecwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA4MTYxMjAzWhcNMjUwODEyMjM1OTU5 WjB6MUkwRwYDVQQFE0AxMDQxZjI3MWE1N2Q5YmFmMDBlNTQ2YTIxNWMzYmMxMGQx ZWZjYjQ1ZjNhNmEzNDQzY2FlMGY3ZWVkYzE0NjFhMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCf3bPWEUsGjp4BubMZfeYq7cLomTHVQj0Q2477GE57U6AP UWpARBG6JPtinqmia31gDGAvDZQ3dR0c8onunUnQvpaGSgMnnMsSNJfcWJ7iF+Zj ozsw1cHw2C8nXzfo87I77+/T0rWIZ7ZqeWGdSdzwKY0Nx8nhSpVGXbNS6aM57KEp MnfcBCIistFhTHBCeOW71wk667/+baID2VN9jx3Sok1dxMPhUNUUh4JBdtfNqGoi 3LBD0dj4jEbrsbJde/8NuSz0UNKzTRjDivmu3vQvJsqU3vcBz3qAVUmAOYPqxwTG l38qRSiLp8HLDeDurIjTW1T40TLtRCnlernEPU33AgMBAAGjggKzMIICrzAdBgNV HQ4EFgQUiX3DQiJTLJDADCZtFDCqCdI3ND4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyL2EzMWFiZjhlLWFiYjktNDE2ZS04OWIxLTY0Nzg0MmMzZDA3ZC5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAmAB/7IDANBgkqhkiG9w0BAQsFAAOCAQEAuvP/0EzWY6ce0Y39NjSRRXFE IUqYAbLwOUVZoYXOE9hMXKZZaH9kcgkO4X63/aK1bn2KUVYEJgtqQx5hXDu2mF1v 3vS3v0Gak5KeXyw3WOC51pXgGuNQqIhHUCVmqSVZgnRJPfVj77Mw0FZztbvU7ZlM Qt7WGxhvPQQzvEy57IkmIO1a+Bnk41b0Lt/MA58X/7oyKCzQN7u6PHTfWlRuNRlx DWC9t5YPlJ5PPANZ8pWHQqJBh66pcYnFPm6NBXC9Inwv+Q7lsbawqKVYS4fgYeEX 3KNI+rV9OHqQTQ1/BjHPQPYCu6bUotODG51E6rURRSoazKBGV3tNEGyxI8rm1Q== -----END CERTIFICATE-----Generated at Mon Jul 21 18:14:08 2025 by rpki-client