$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/25c2cfc0-0999-4c50-a813-1379410017e8.roa File: 25c2cfc0-0999-4c50-a813-1379410017e8.roa (raw, json) Hash identifier: 3wDHAkT0b0hGF6S6uJ7CtdktU2mBsd7xNgSZtm/J69A= Subject key identifier: 35:9B:39:80:0E:2E:9E:B6:4D:7D:46:21:6D:37:64:80:0C:E3:81:54 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 5D33959F27439F25BE78E2AE8CDB94392A0698B5 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/25c2cfc0-0999-4c50-a813-1379410017e8.roa Signing time: Fri 26 Sep 2025 18:11:06 +0000 ROA not before: Fri 26 Sep 2025 18:11:06 +0000 ROA not after: Fri 31 Oct 2025 23:59:59 +0000 asID: 14618 IP address blocks: 2600:f0fb:e800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Fri 10 Oct 2025 22:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:33:95:9f:27:43:9f:25:be:78:e2:ae:8c:db:94:39:2a:06:98:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Sep 26 18:11:06 2025 GMT Not After : Oct 31 23:59:59 2025 GMT Subject: serialNumber=d1b6ae4211b20b62063ee02090e70b429f7f02daaadccf75178b6a55b90ce748, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:07:50:9f:32:1a:09:7a:56:72:59:b5:89:20: 73:d2:94:45:8f:88:78:e2:aa:d3:83:8e:75:21:75: f1:7e:78:7d:3b:56:55:99:e5:ca:d5:72:ef:14:1c: 9f:d6:b0:09:30:29:4e:17:52:bf:ed:62:67:aa:fb: ad:c3:53:8d:4a:86:c8:18:82:46:da:f4:15:df:ec: 79:17:6b:36:df:d8:61:c2:59:10:8b:6a:e4:6a:3c: dc:2b:94:4e:b7:2a:57:f5:71:62:88:43:dc:dd:c0: 71:2d:09:5c:55:84:da:27:3c:c0:5a:f7:a9:d4:2a: a5:47:0f:5f:fd:2f:e7:27:c2:d5:1c:af:67:2e:bb: cc:62:02:a0:bc:ef:fe:35:01:63:61:b3:8c:06:e1: ad:9d:c8:90:b1:96:90:4e:3c:6f:6f:7d:2e:4b:b3: a4:b9:19:d2:76:dc:f2:d7:7f:cf:0c:59:94:8c:7f: 31:90:41:6e:ca:ed:98:e7:77:0d:52:ff:00:57:0e: ed:50:ff:84:1d:df:ae:e8:0a:ed:a7:be:07:fc:61: 3b:f8:3a:0a:54:4c:26:a1:5e:01:83:7a:21:04:2f: e0:57:1d:65:bb:2a:2f:4e:54:f3:f6:fb:85:4d:54: f4:d0:a7:41:7a:0a:a0:87:4b:c7:0a:3f:ab:24:61: 6a:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:9B:39:80:0E:2E:9E:B6:4D:7D:46:21:6D:37:64:80:0C:E3:81:54 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/25c2cfc0-0999-4c50-a813-1379410017e8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0fb:e800::/40 Signature Algorithm: sha256WithRSAEncryption 53:0b:4e:96:c2:ba:91:81:9e:64:48:8e:5a:a0:44:9b:22:87: 6a:a4:bd:d3:db:af:19:cf:87:e8:fd:de:92:68:7f:0f:65:a4: 16:a1:a2:19:41:23:c4:d9:12:e6:49:47:bb:ce:41:ce:01:73: 62:36:31:7d:44:f5:17:9f:31:f5:1c:d9:4c:a8:78:67:12:74: 0f:c5:55:47:10:26:4e:e9:15:70:b7:88:64:b5:29:bf:bc:00: 5a:cf:8e:56:e9:7c:f2:82:24:dd:af:1f:c7:fe:f4:37:3b:04: 62:18:2c:59:a4:80:1f:44:1e:f5:13:d0:4f:d7:7b:6b:c4:5d: f1:90:f7:d1:2e:ec:f5:fa:a2:e4:fb:7a:e1:28:7a:c4:3c:3c: 39:23:ba:eb:5d:67:fe:e5:ef:2e:d8:bc:dc:57:b9:98:1c:6f: 34:aa:07:c5:e3:f6:8a:e4:75:09:d6:1e:24:f3:0f:f2:dc:f7: 56:6e:e3:a9:73:94:7d:5a:c8:de:7a:aa:72:1c:ed:ff:98:8f: 9e:31:b2:a5:87:06:dc:3d:d7:4d:5e:40:0f:60:3f:e4:e2:ef: 78:c8:d6:9f:6f:76:f5:c8:4e:d6:ce:3b:6c:69:80:54:67:e8: 45:1f:51:cf:d6:0c:c2:f7:69:3a:cb:5c:5b:89:73:93:2b:86: f5:38:fb:40 -----BEGIN CERTIFICATE----- MIIF+jCCBOKgAwIBAgIUXTOVnydDnyW+eOKujNuUOSoGmLUwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwOTI2MTgxMTA2WhcNMjUxMDMxMjM1OTU5 WjB6MUkwRwYDVQQFE0BkMWI2YWU0MjExYjIwYjYyMDYzZWUwMjA5MGU3MGI0Mjlm N2YwMmRhYWFkY2NmNzUxNzhiNmE1NWI5MGNlNzQ4MS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDcB1CfMhoJelZyWbWJIHPSlEWPiHjiqtODjnUhdfF+eH07 VlWZ5crVcu8UHJ/WsAkwKU4XUr/tYmeq+63DU41KhsgYgkba9BXf7HkXazbf2GHC WRCLauRqPNwrlE63Klf1cWKIQ9zdwHEtCVxVhNonPMBa96nUKqVHD1/9L+cnwtUc r2cuu8xiAqC87/41AWNhs4wG4a2dyJCxlpBOPG9vfS5Ls6S5GdJ23PLXf88MWZSM fzGQQW7K7Zjndw1S/wBXDu1Q/4Qd367oCu2nvgf8YTv4OgpUTCahXgGDeiEEL+BX HWW7Ki9OVPP2+4VNVPTQp0F6CqCHS8cKP6skYWqRAgMBAAGjggKzMIICrzAdBgNV HQ4EFgQUNZs5gA4unrZNfUYhbTdkgAzjgVQwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2LzI1YzJjZmMwLTA5OTktNGM1MC1hODEzLTEzNzk0MTAwMTdlOC5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAmAPD76DANBgkqhkiG9w0BAQsFAAOCAQEAUwtOlsK6kYGeZEiOWqBEmyKH aqS909uvGc+H6P3ekmh/D2WkFqGiGUEjxNkS5klHu85BzgFzYjYxfUT1F58x9RzZ TKh4ZxJ0D8VVRxAmTukVcLeIZLUpv7wAWs+OVul88oIk3a8fx/70NzsEYhgsWaSA H0Qe9RPQT9d7a8Rd8ZD30S7s9fqi5Pt64Sh6xDw8OSO6611n/uXvLti83Fe5mBxv NKoHxeP2iuR1CdYeJPMP8tz3Vm7jqXOUfVrI3nqqchzt/5iPnjGypYcG3D3XTV5A D2A/5OLveMjWn2929chO1s47bGmAVGfoRR9Rz9YMwvdpOstcW4lzkyuG9Tj7QA== -----END CERTIFICATE-----Generated at Wed Oct 8 21:19:53 2025 by rpki-client