$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9bd43449-a30d-4de9-ac10-41448aff1c4a.roa File: 9bd43449-a30d-4de9-ac10-41448aff1c4a.roa (raw, json) Hash identifier: /UW71dE5NRTwQ5MVa5wxCTMBdzOYxgd7Ovln7Q4dOK8= Subject key identifier: 0D:90:8A:E7:B9:F1:30:EB:A3:A3:D7:59:C9:AF:D2:DA:B9:20:0B:37 Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: EEF8186EA0D3FDBF51338DCB84678A2A6910 Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9bd43449-a30d-4de9-ac10-41448aff1c4a.roa Signing time: Mon 01 Sep 2025 15:41:08 +0000 ROA not before: Mon 01 Sep 2025 15:41:08 +0000 ROA not after: Mon 06 Oct 2025 23:59:59 +0000 asID: 16509 IP address blocks: 88.104.0.0/15 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sun 07 Sep 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: ee:f8:18:6e:a0:d3:fd:bf:51:33:8d:cb:84:67:8a:2a:69:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Sep 1 15:41:08 2025 GMT Not After : Oct 6 23:59:59 2025 GMT Subject: serialNumber=1b1501fa655ebbfeecc00882ad2cef2188f5161bb997300d364e638693d55845, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:10:49:08:e8:a2:45:47:59:a3:d0:c2:5d:d3: e8:02:a3:cf:f8:da:33:66:1f:ea:e0:1e:4c:82:6d: cb:8b:f4:1a:92:f0:86:50:e1:da:cf:8d:c5:ec:4d: 6a:df:a9:24:dc:4f:24:95:28:4c:ce:dd:24:c3:f2: 06:f6:91:06:ad:57:cd:78:d3:f3:47:cc:4e:4e:33: be:60:a4:fd:fc:62:7c:72:4c:20:3c:49:1d:f2:4f: 38:c9:4e:e4:97:d2:6d:7c:24:2c:46:11:28:bc:a3: 12:37:5d:fc:fd:ca:df:00:af:ec:a0:e2:0b:49:1f: 86:74:14:74:6b:86:88:c4:7c:c9:9e:1f:81:1d:eb: 90:da:23:1d:a2:8b:36:c3:07:cc:5b:1b:65:87:70: fa:e7:a2:07:3e:b8:95:69:22:88:d8:40:bf:7f:09: b5:82:dd:2f:3f:80:06:c2:5c:cf:d2:3f:6e:59:09: 74:a1:39:1e:ad:b3:f0:bb:4c:2e:18:43:58:48:ef: 4f:c6:d0:85:db:bc:0d:be:95:cc:9a:67:49:ad:fb: 6d:f7:73:ee:e9:df:d1:ea:5f:66:2d:47:1e:84:2d: 83:0b:fa:61:ba:84:db:3e:19:79:8b:2a:36:c0:fb: a1:ba:83:87:08:f4:09:f4:1d:31:2f:0e:14:25:ee: b7:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:90:8A:E7:B9:F1:30:EB:A3:A3:D7:59:C9:AF:D2:DA:B9:20:0B:37 X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9bd43449-a30d-4de9-ac10-41448aff1c4a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 88.104.0.0/15 Signature Algorithm: sha256WithRSAEncryption 7b:d9:f5:87:8d:8f:20:99:4c:32:f3:b4:ec:ce:a0:21:ae:ed: 48:cb:1e:d8:5e:2c:f9:db:97:87:18:cb:dd:77:a0:13:34:f8: c8:32:f4:eb:48:cc:c5:a1:fa:21:fc:28:a9:f9:25:da:d1:e8: 6a:1a:87:26:ef:bb:19:a7:77:53:f5:6c:54:43:ef:3a:84:5c: 04:42:f4:01:29:fc:82:b8:dc:80:15:de:2d:66:9c:6f:7f:e6: c8:ca:7d:90:97:be:8b:32:82:36:9c:f2:56:7a:cb:af:14:ee: c3:78:90:18:e0:a6:97:5f:17:7e:6f:7d:5f:06:81:68:57:7f: 1a:60:02:e8:20:c0:03:b1:fc:bc:53:40:43:ae:70:82:63:39: fe:77:4f:69:87:fb:ce:76:60:49:cd:c9:a8:23:fe:65:da:ef: 79:46:a4:21:57:0f:1e:a6:2e:5d:96:2d:89:68:30:2d:c3:ce: 3b:b6:3e:c9:99:39:e1:75:11:34:de:04:9e:b6:23:83:26:49: 87:c7:e2:c0:1d:ad:77:a3:f7:e1:e4:75:19:7d:c9:96:6d:d6: 64:fd:f7:71:eb:6a:99:dc:2d:ab:78:3e:0b:74:ce:c3:94:75: 69:f6:6b:4a:20:7a:6c:34:d5:f3:f9:5e:3e:fc:0f:d0:02:cb: df:dd:2e:93 -----BEGIN CERTIFICATE----- MIIF9jCCBN6gAwIBAgITAO74GG6g0/2/UTONy4RniippEDANBgkqhkiG9w0BAQsF ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz NzEwN2RiZThjYjcxZDBhNzAeFw0yNTA5MDExNTQxMDhaFw0yNTEwMDYyMzU5NTla MHoxSTBHBgNVBAUTQDFiMTUwMWZhNjU1ZWJiZmVlY2MwMDg4MmFkMmNlZjIxODhm NTE2MWJiOTk3MzAwZDM2NGU2Mzg2OTNkNTU4NDUxLTArBgNVBAMTJGIyNWM5NzBm LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBAMEQSQjookVHWaPQwl3T6AKjz/jaM2Yf6uAeTIJty4v0GpLw hlDh2s+NxexNat+pJNxPJJUoTM7dJMPyBvaRBq1XzXjT80fMTk4zvmCk/fxifHJM IDxJHfJPOMlO5JfSbXwkLEYRKLyjEjdd/P3K3wCv7KDiC0kfhnQUdGuGiMR8yZ4f gR3rkNojHaKLNsMHzFsbZYdw+ueiBz64lWkiiNhAv38JtYLdLz+ABsJcz9I/blkJ dKE5Hq2z8LtMLhhDWEjvT8bQhdu8Db6VzJpnSa37bfdz7unf0epfZi1HHoQtgwv6 YbqE2z4ZeYsqNsD7obqDhwj0CfQdMS8OFCXut30CAwEAAaOCArAwggKsMB0GA1Ud DgQWBBQNkIrnufEw66Oj11nJr9LauSALNzAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy NWMwNDI5NDIvOWJkNDM0NDktYTMwZC00ZGU5LWFjMTAtNDE0NDhhZmYxYzRhLnJv YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0 LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw BQMDAVhoMA0GCSqGSIb3DQEBCwUAA4IBAQB72fWHjY8gmUwy87TszqAhru1Iyx7Y Xiz525eHGMvdd6ATNPjIMvTrSMzFofoh/Cip+SXa0ehqGocm77sZp3dT9WxUQ+86 hFwEQvQBKfyCuNyAFd4tZpxvf+bIyn2Ql76LMoI2nPJWesuvFO7DeJAY4KaXXxd+ b31fBoFoV38aYALoIMADsfy8U0BDrnCCYzn+d09ph/vOdmBJzcmoI/5l2u95RqQh Vw8epi5dli2JaDAtw847tj7JmTnhdRE03gSetiODJkmHx+LAHa13o/fh5HUZfcmW bdZk/fdx62qZ3C2reD4LdM7DlHVp9mtKIHpsNNXz+V4+/A/QAsvf3S6T -----END CERTIFICATE-----Generated at Sat Sep 6 14:11:12 2025 by rpki-client