$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/ef566134-dc37-415a-a1e3-05f23305a92b.roa File: ef566134-dc37-415a-a1e3-05f23305a92b.roa (raw, json) Hash identifier: r3l9/hd43a1Bg1Su7sXgCreB+slLiZ0LVYxb34FGBno= Subject key identifier: 7B:2A:17:8C:77:BA:35:22:16:E6:CF:36:0F:48:14:33:C3:30:AD:0E Certificate issuer: /CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d Certificate serial: 33C63A00A7C6E3299DC511BD2A5B8C98575078B1 Authority key identifier: 7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/ef566134-dc37-415a-a1e3-05f23305a92b.roa Signing time: Tue 01 Jul 2025 00:20:13 +0000 ROA not before: Tue 01 Jul 2025 00:20:13 +0000 ROA not after: Tue 05 Aug 2025 23:59:59 +0000 asID: 7224 IP address blocks: 172.96.104.0/21 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/b4e4fec5-3510-4017-90ef-8391412ecd6c.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/b4e4fec5-3510-4017-90ef-8391412ecd6c.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Tue 22 Jul 2025 21:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:c6:3a:00:a7:c6:e3:29:9d:c5:11:bd:2a:5b:8c:98:57:50:78:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d Validity Not Before: Jul 1 00:20:13 2025 GMT Not After : Aug 5 23:59:59 2025 GMT Subject: serialNumber=3d37d2ff5462e97544897dcb36aa87a354edbf15fb39838d9294df04cf91faf9, CN=b0dbbb6a-5472-4b68-ae4d-401518603039 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:cc:39:dd:68:66:b5:31:da:c8:f6:ec:7a:d7: 66:c1:33:4d:b9:6d:12:cb:57:17:a0:04:64:39:55: 0b:92:f8:28:cf:b1:d0:a3:14:5e:13:cf:90:3c:ca: 0a:b7:95:92:11:0c:65:22:50:33:e7:82:5a:0a:c5: 04:b1:2f:00:91:3c:35:85:a3:41:a2:8d:ae:5c:12: 1c:fd:b1:1a:57:b2:4c:80:e8:1c:4d:9b:9a:a4:5f: 55:81:a8:10:8b:cf:16:09:51:1f:a8:dc:b5:cb:72: 81:db:10:db:75:7b:c9:66:7e:c7:39:48:d2:9e:27: ff:05:18:b4:16:3b:d8:04:47:30:af:fa:d0:19:02: 4c:71:bf:31:7b:d3:18:46:26:72:f7:d3:bc:3d:a7: 71:4e:2e:39:ae:35:15:94:57:57:17:4f:90:55:47: ae:e4:8c:25:6b:6f:c6:4f:b8:9b:d8:70:e6:9b:87: 94:be:c3:b3:65:c3:36:94:68:68:d8:97:99:04:00: 9d:a1:d1:d4:29:dd:3e:d7:1d:38:c4:61:0c:82:a0: d2:4f:b6:a8:0c:cd:19:1e:fc:f9:53:da:77:b2:45: ec:04:6b:2e:c3:ff:61:e3:ba:15:71:e4:f4:1e:3f: a1:fe:e7:71:4d:ab:0f:5b:22:06:c1:06:fc:ee:fd: f2:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:2A:17:8C:77:BA:35:22:16:E6:CF:36:0F:48:14:33:C3:30:AD:0E X509v3 Authority Key Identifier: keyid:7D:84:47:C4:97:8A:0B:4C:73:9B:EB:F6:92:E2:4C:75:DD:3F:BC:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/b4e4fec5-3510-4017-90ef-8391412ecd6c/0ee4583d84d9b4f0824cb80ba8fc1240b4794b515071e9751d.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/ef566134-dc37-415a-a1e3-05f23305a92b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dfd7f6d3-e6e9-4987-9ae7-d052c5353898/2bTwgky4C6j8EkC0eUtRUHHpdR0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 172.96.104.0/21 Signature Algorithm: sha256WithRSAEncryption 48:0f:6d:4f:0f:5a:19:fd:fb:3d:7b:a1:e8:95:62:14:2e:59: 4b:45:f3:8c:35:59:bb:cc:13:1c:ad:83:aa:69:4f:ed:ac:a5: a5:5e:81:07:a2:e7:93:59:10:9e:e3:77:ac:68:20:3c:80:c3: ca:d9:60:3c:86:ee:99:72:6f:fd:bd:d3:3e:25:95:ba:ed:cb: 1b:e6:f0:9c:d9:cc:7a:3e:5f:0f:58:77:f2:a9:9d:dd:e3:9f: f9:8b:60:00:08:a0:1b:04:45:9d:23:63:6a:56:8f:b2:c4:f0: c0:f6:cc:ff:78:a9:87:c5:16:8b:ce:2f:86:b7:68:55:5f:b0: 25:af:92:51:4f:f5:0c:89:d9:d5:0b:fc:e3:23:d2:b0:28:6f: 97:84:c2:08:5f:bb:dc:83:90:b5:13:e3:90:0d:d1:5b:67:d6: 2c:de:b6:b5:ef:01:75:03:a7:0d:79:0f:0a:40:1d:ea:05:0b: fd:c4:bd:9f:c0:3f:e7:1b:a1:a0:25:ab:26:2c:d3:67:78:e7: 45:fd:0a:b8:f7:59:32:99:fb:38:94:7b:ea:39:a7:02:6a:32: b3:c9:a1:9e:f4:01:14:3d:36:1e:da:ba:dc:0f:78:7a:51:be: c6:96:86:d4:e7:e8:c8:0a:70:2a:79:83:8b:79:2e:f5:eb:da: 5f:95:4a:1f -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUM8Y6AKfG4ymdxRG9KluMmFdQeLEwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyMGVlNDU4M2Q4NGQ5YjRmMDgyNGNiODBiYThmYzEyNDBi NDc5NGI1MTUwNzFlOTc1MWQwHhcNMjUwNzAxMDAyMDEzWhcNMjUwODA1MjM1OTU5 WjB6MUkwRwYDVQQFE0AzZDM3ZDJmZjU0NjJlOTc1NDQ4OTdkY2IzNmFhODdhMzU0 ZWRiZjE1ZmIzOTgzOGQ5Mjk0ZGYwNGNmOTFmYWY5MS0wKwYDVQQDEyRiMGRiYmI2 YS01NDcyLTRiNjgtYWU0ZC00MDE1MTg2MDMwMzkwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQC/zDndaGa1MdrI9ux612bBM025bRLLVxegBGQ5VQuS+CjP sdCjFF4Tz5A8ygq3lZIRDGUiUDPngloKxQSxLwCRPDWFo0Gija5cEhz9sRpXskyA 6BxNm5qkX1WBqBCLzxYJUR+o3LXLcoHbENt1e8lmfsc5SNKeJ/8FGLQWO9gERzCv +tAZAkxxvzF70xhGJnL307w9p3FOLjmuNRWUV1cXT5BVR67kjCVrb8ZPuJvYcOab h5S+w7NlwzaUaGjYl5kEAJ2h0dQp3T7XHTjEYQyCoNJPtqgMzRke/PlT2neyRewE ay7D/2HjuhVx5PQeP6H+53FNqw9bIgbBBvzu/fKNAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUeyoXjHe6NSIW5s82D0gUM8MwrQ4wHwYDVR0jBBgwFoAUfYRHxJeKC0xz m+v2kuJMdd0/vK4wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz L2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS9iNGU0ZmVjNS0z NTEwLTQwMTctOTBlZi04MzkxNDEyZWNkNmMvMGVlNDU4M2Q4NGQ5YjRmMDgyNGNi ODBiYThmYzEyNDBiNDc5NGI1MTUwNzFlOTc1MWQuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvZGZkN2Y2ZDMtZTZlOS00OTg3LTlhZTctZDA1 MmM1MzUzODk4L2VmNTY2MTM0LWRjMzctNDE1YS1hMWUzLTA1ZjIzMzA1YTkyYi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2RmZDdmNmQzLWU2ZTktNDk4Ny05YWU3 LWQwNTJjNTM1Mzg5OC8yYlR3Z2t5NEM2ajhFa0MwZVV0UlVISHBkUjAuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAOsYGgwDQYJKoZIhvcNAQELBQADggEBAEgPbU8PWhn9+z17oeiVYhQuWUtF 84w1WbvMExytg6ppT+2spaVegQei55NZEJ7jd6xoIDyAw8rZYDyG7plyb/290z4l lbrtyxvm8JzZzHo+Xw9Yd/Kpnd3jn/mLYAAIoBsERZ0jY2pWj7LE8MD2zP94qYfF FovOL4a3aFVfsCWvklFP9QyJ2dUL/OMj0rAob5eEwghfu9yDkLUT45AN0Vtn1ize trXvAXUDpw15DwpAHeoFC/3EvZ/AP+cboaAlqyYs02d450X9Crj3WTKZ+ziUe+o5 pwJqMrPJoZ70ARQ9Nh7autwPeHpRvsaWhtTn6MgKcCp5g4t5LvXr2l+VSh8= -----END CERTIFICATE-----Generated at Mon Jul 21 05:50:07 2025 by rpki-client