$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ca331992-fd02-44e6-b6f8-92e7f46278f2.roa File: ca331992-fd02-44e6-b6f8-92e7f46278f2.roa (raw, json) Hash identifier: cjMASQzLLcL37/AOlnJUtZCaWBBEigphP2yeH9GYY88= Subject key identifier: E6:22:6E:49:DB:31:97:96:F3:23:5D:0F:67:1D:C4:27:51:A4:97:95 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 654BAA5930E68557D4DB1DFB1F607118B58C250B Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ca331992-fd02-44e6-b6f8-92e7f46278f2.roa Signing time: Fri 11 Jul 2025 15:00:15 +0000 ROA not before: Fri 11 Jul 2025 15:00:15 +0000 ROA not after: Fri 15 Aug 2025 23:59:59 +0000 asID: 16509 IP address blocks: 98.80.0.0/12 maxlen: 12 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Wed 23 Jul 2025 00:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:4b:aa:59:30:e6:85:57:d4:db:1d:fb:1f:60:71:18:b5:8c:25:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Jul 11 15:00:15 2025 GMT Not After : Aug 15 23:59:59 2025 GMT Subject: serialNumber=91e34592f5faf4991448ae8e4bb23db100ab5a858e8408dbfdabd8ed0622c70a, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:54:b8:20:80:d0:d3:40:cb:96:7b:5e:66:3a: 2e:9f:e2:67:a1:b7:64:23:e4:4f:4a:59:7c:09:02: 99:cd:38:71:e3:39:0c:fa:e7:61:b2:d9:2c:d1:fc: 71:1a:01:c9:08:3b:28:2c:ee:f0:17:cf:fa:01:60: 26:ff:1d:d0:53:24:ef:b8:91:b8:fc:37:55:e5:3a: ba:cf:51:32:5d:c3:88:ad:bc:af:70:fd:6d:d1:5b: f1:09:a5:d8:c4:9b:c9:7a:89:6a:6d:1e:99:69:33: 9e:9e:8c:39:56:16:9b:c2:32:f2:56:cf:6b:bc:c0: e4:fb:62:72:b0:d5:36:1a:5c:a1:f1:a4:2b:31:75: e6:fe:cb:b5:05:9d:ee:fb:2f:28:41:0e:13:ad:93: db:cb:9f:9e:c0:da:d5:01:ad:a0:a7:c1:bb:78:ad: 45:d2:a4:20:8d:a5:5a:71:b7:68:04:b7:9a:a6:63: 06:6e:81:a3:d6:0c:29:f2:29:de:e3:d0:aa:02:3e: 0e:ca:d6:3d:d2:c4:ed:21:f9:1a:09:ef:22:b4:ed: 14:e0:5d:4e:7a:a8:d8:63:8a:e1:68:c5:f2:79:44: 15:77:6d:e0:c0:b4:f6:1f:7f:38:cc:d0:b9:cb:1c: a0:80:ce:99:71:8a:8d:a6:4e:fb:c8:43:5c:af:1c: c7:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:22:6E:49:DB:31:97:96:F3:23:5D:0F:67:1D:C4:27:51:A4:97:95 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/ca331992-fd02-44e6-b6f8-92e7f46278f2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 98.80.0.0/12 Signature Algorithm: sha256WithRSAEncryption 72:8d:a8:b3:be:85:3e:ad:33:fa:44:cf:6c:22:c2:e9:41:61: df:a8:df:34:a5:80:3d:77:83:15:c1:c7:47:fd:18:92:f1:f9: 9e:9a:f9:4f:2b:87:88:50:00:2a:ba:a5:58:7a:cb:20:ed:80: 81:a9:1e:80:12:87:e9:b8:fd:97:99:57:fa:01:6a:ef:ea:ff: 0b:dd:e6:ab:81:09:71:2d:06:a6:09:a9:6b:1b:fe:d9:88:fa: 90:3a:a7:49:44:69:7b:5d:4d:e1:c5:dc:67:5f:64:9c:d7:46: 92:e9:e7:f9:f2:1c:da:1f:5c:8b:81:32:16:f3:92:31:a7:77: 16:4d:40:31:2b:77:3b:31:0c:fb:77:9e:8d:6c:f1:0f:1c:70: ac:ff:82:84:64:c8:89:c0:5a:07:25:74:fc:ed:95:a1:51:4c: 3f:ab:c2:33:91:34:34:7b:c1:ae:de:13:cc:b6:4c:1d:bc:82: c7:7a:e7:58:58:c8:e7:39:52:df:f0:c1:4b:b5:0c:75:a0:0e: 84:f2:eb:12:67:21:e7:d9:82:7a:9f:c6:cc:a7:b3:b3:08:b8: 18:83:22:b7:bf:c5:5b:1a:83:ff:66:7d:84:ab:e4:ce:2c:8f: 5f:6d:ff:a7:12:6b:6d:ce:74:f8:db:17:f1:4f:97:6f:d4:00: 0b:22:30:95 -----BEGIN CERTIFICATE----- MIIF9zCCBN+gAwIBAgIUZUuqWTDmhVfU2x37H2BxGLWMJQswDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzExMTUwMDE1WhcNMjUwODE1MjM1OTU5 WjB6MUkwRwYDVQQFE0A5MWUzNDU5MmY1ZmFmNDk5MTQ0OGFlOGU0YmIyM2RiMTAw YWI1YTg1OGU4NDA4ZGJmZGFiZDhlZDA2MjJjNzBhMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCeVLgggNDTQMuWe15mOi6f4meht2Qj5E9KWXwJApnNOHHj OQz652Gy2SzR/HEaAckIOygs7vAXz/oBYCb/HdBTJO+4kbj8N1XlOrrPUTJdw4it vK9w/W3RW/EJpdjEm8l6iWptHplpM56ejDlWFpvCMvJWz2u8wOT7YnKw1TYaXKHx pCsxdeb+y7UFne77LyhBDhOtk9vLn57A2tUBraCnwbt4rUXSpCCNpVpxt2gEt5qm YwZugaPWDCnyKd7j0KoCPg7K1j3SxO0h+RoJ7yK07RTgXU56qNhjiuFoxfJ5RBV3 beDAtPYffzjM0LnLHKCAzplxio2mTvvIQ1yvHMdzAgMBAAGjggKwMIICrDAdBgNV HQ4EFgQU5iJuSdsxl5bzI10PZx3EJ1Gkl5UwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyL2NhMzMxOTkyLWZkMDItNDRlNi1iNmY4LTkyZTdmNDYyNzhmMi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB MAUDAwRiUDANBgkqhkiG9w0BAQsFAAOCAQEAco2os76FPq0z+kTPbCLC6UFh36jf NKWAPXeDFcHHR/0YkvH5npr5TyuHiFAAKrqlWHrLIO2AgakegBKH6bj9l5lX+gFq 7+r/C93mq4EJcS0Gpgmpaxv+2Yj6kDqnSURpe11N4cXcZ19knNdGkunn+fIc2h9c i4EyFvOSMad3Fk1AMSt3OzEM+3eejWzxDxxwrP+ChGTIicBaByV0/O2VoVFMP6vC M5E0NHvBrt4TzLZMHbyCx3rnWFjI5zlS3/DBS7UMdaAOhPLrEmch59mCep/GzKez swi4GIMit7/FWxqD/2Z9hKvkziyPX23/pxJrbc50+NsX8U+Xb9QACyIwlQ== -----END CERTIFICATE-----Generated at Mon Jul 21 23:25:43 2025 by rpki-client