$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2f4d1e5f-1483-4011-a7b3-0353a2c74128.roa File: 2f4d1e5f-1483-4011-a7b3-0353a2c74128.roa (raw, json) Hash identifier: //klosel8p4nBiSlIiibM2uCM1Un6l1RG0oHjwRH1SE= Subject key identifier: 34:81:80:A8:EA:B2:96:E6:42:93:54:0E:D5:D7:87:EC:BC:A8:91:83 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 5A047220C417CA2E09EF5718330A92E7C5EB2FF2 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2f4d1e5f-1483-4011-a7b3-0353a2c74128.roa Signing time: Tue 28 Apr 2026 00:21:04 +0000 ROA not before: Tue 28 Apr 2026 00:21:04 +0000 ROA not after: Mon 27 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 155.40.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 30 Apr 2026 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:04:72:20:c4:17:ca:2e:09:ef:57:18:33:0a:92:e7:c5:eb:2f:f2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Apr 28 00:21:04 2026 GMT Not After : Jul 27 23:59:59 2026 GMT Subject: serialNumber=492cd171d9cbc6661fadd7370dbc8ae8c262f606029f36e7ff0373f8b3654d4d, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:8f:ec:03:13:c7:b5:d4:0a:f2:4a:be:8c:bf: 49:30:94:b9:be:a7:f3:05:5c:21:74:f1:46:ae:f7: d8:70:61:31:78:1e:43:85:cd:91:c5:58:a4:62:f7: 66:f1:b9:eb:be:02:aa:b5:05:c1:fe:ef:9f:75:05: 2c:51:e5:f4:9e:69:b7:29:52:5b:70:a4:d6:4b:33: 33:3f:86:9c:fd:d3:df:23:c8:30:71:ea:b0:ef:a8: 0b:2f:07:81:e0:b3:5b:6e:84:8e:ac:af:11:a1:ce: 0c:2e:e9:29:05:dc:e6:d1:8d:88:d6:74:f9:22:89: 65:b0:e9:4f:ff:3c:70:bf:64:35:5a:28:8d:28:90: 3d:bb:e0:1f:91:4e:c6:66:ca:ea:fa:e0:91:a8:9f: 1f:a7:a5:42:df:79:ec:0b:10:9a:aa:33:41:31:73: da:5a:b6:d6:fd:be:d0:d1:14:53:a4:24:5d:76:4e: f1:aa:87:71:87:62:03:1f:bb:6b:33:43:96:55:e0: e9:3c:7d:0c:74:d1:7f:27:00:3f:ed:88:7c:a0:0b: b7:e7:5a:d3:fe:06:c1:65:93:11:5a:e9:48:10:23: 66:84:78:e6:70:35:fa:aa:5e:29:9c:d6:f9:c8:a5: 59:23:7a:32:d5:31:a0:04:0a:65:c6:dc:87:4e:d6: b1:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:81:80:A8:EA:B2:96:E6:42:93:54:0E:D5:D7:87:EC:BC:A8:91:83 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2f4d1e5f-1483-4011-a7b3-0353a2c74128.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 155.40.0.0/16 Signature Algorithm: sha256WithRSAEncryption 79:c8:b0:ba:95:02:eb:bf:4f:b3:05:23:9b:8b:f4:41:b9:c1: 65:ee:67:c0:a0:3f:be:b1:7f:93:c2:5a:ea:3b:ec:30:17:10: 02:cf:38:6b:13:68:6c:29:31:02:27:a9:6d:85:72:44:52:7b: a3:25:40:83:f5:40:8a:a2:bc:fe:83:78:83:95:05:29:19:d0: 29:95:c8:10:17:15:c8:d6:01:4f:18:18:a8:ef:55:13:7f:79: d6:76:92:0b:32:39:45:d3:e5:aa:a0:b7:c8:2c:a6:8b:6f:c6: a9:22:e5:e5:88:d7:0e:a5:cc:f7:d7:59:f9:9d:45:a0:95:e1: 66:7a:9f:d7:a4:2a:67:16:ef:d9:b5:90:c7:c0:a9:9d:5e:f6: 74:62:46:7b:8f:b7:93:d3:ee:4f:1b:eb:27:91:e5:db:17:86: 8f:13:1f:a3:58:72:f5:35:87:d8:5f:01:4a:f4:b1:5d:cc:09: d4:14:37:9c:4a:11:44:d1:bd:88:ad:15:cb:24:e7:c5:4e:a3: ad:6b:af:ca:88:08:e9:d3:ad:82:d2:d0:8d:99:28:ea:b3:16: 4b:ad:c8:d7:ba:d3:a9:c9:61:bb:18:5a:76:c5:9c:bc:53:0f: 6e:ec:f6:7e:c1:91:3f:fd:2d:0c:a7:2a:63:e8:cf:77:f3:d7: a6:50:c3:52 -----BEGIN CERTIFICATE----- MIIF9zCCBN+gAwIBAgIUWgRyIMQXyi4J71cYMwqS58XrL/IwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjYwNDI4MDAyMTA0WhcNMjYwNzI3MjM1OTU5 WjB6MUkwRwYDVQQFE0A0OTJjZDE3MWQ5Y2JjNjY2MWZhZGQ3MzcwZGJjOGFlOGMy NjJmNjA2MDI5ZjM2ZTdmZjAzNzNmOGIzNjU0ZDRkMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDBj+wDE8e11ArySr6Mv0kwlLm+p/MFXCF08Uau99hwYTF4 HkOFzZHFWKRi92bxueu+Aqq1BcH+7591BSxR5fSeabcpUltwpNZLMzM/hpz9098j yDBx6rDvqAsvB4Hgs1tuhI6srxGhzgwu6SkF3ObRjYjWdPkiiWWw6U//PHC/ZDVa KI0okD274B+RTsZmyur64JGonx+npULfeewLEJqqM0Exc9pattb9vtDRFFOkJF12 TvGqh3GHYgMfu2szQ5ZV4Ok8fQx00X8nAD/tiHygC7fnWtP+BsFlkxFa6UgQI2aE eOZwNfqqXimc1vnIpVkjejLVMaAECmXG3IdO1rFDAgMBAAGjggKwMIICrDAdBgNV HQ4EFgQUNIGAqOqyluZCk1QO1deH7LyokYMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyLzJmNGQxZTVmLTE0ODMtNDAxMS1hN2IzLTAzNTNhMmM3NDEyOC5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB MAUDAwCbKDANBgkqhkiG9w0BAQsFAAOCAQEAeciwupUC679PswUjm4v0QbnBZe5n wKA/vrF/k8Ja6jvsMBcQAs84axNobCkxAiepbYVyRFJ7oyVAg/VAiqK8/oN4g5UF KRnQKZXIEBcVyNYBTxgYqO9VE3951naSCzI5RdPlqqC3yCymi2/GqSLl5YjXDqXM 99dZ+Z1FoJXhZnqf16QqZxbv2bWQx8CpnV72dGJGe4+3k9PuTxvrJ5Hl2xeGjxMf o1hy9TWH2F8BSvSxXcwJ1BQ3nEoRRNG9iK0VyyTnxU6jrWuvyogI6dOtgtLQjZko 6rMWS63I17rTqclhuxhadsWcvFMPbuz2fsGRP/0tDKcqY+jPd/PXplDDUg== -----END CERTIFICATE-----Generated at Wed Apr 29 12:47:15 2026 by rpki-client