$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b1564f4a-7df0-4932-af96-1ebffff2e421.roa File: b1564f4a-7df0-4932-af96-1ebffff2e421.roa (raw, json) Hash identifier: FNplCS+jnMqZKaiRMkPE7ktKYnYiQbRXCbJNpboQ/nE= Subject key identifier: 8C:86:B9:B5:59:AD:79:71:D1:FB:23:FE:2A:46:6A:CB:36:D9:7A:1C Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Certificate serial: 4F8943A25167D73962F227E3B4EF2F4FD8C3232C Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b1564f4a-7df0-4932-af96-1ebffff2e421.roa Signing time: Fri 08 Aug 2025 00:20:16 +0000 ROA not before: Fri 08 Aug 2025 00:20:16 +0000 ROA not after: Fri 12 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 72.29.0.0/19 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 21 Aug 2025 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:89:43:a2:51:67:d7:39:62:f2:27:e3:b4:ef:2f:4f:d8:c3:23:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7 Validity Not Before: Aug 8 00:20:16 2025 GMT Not After : Sep 12 23:59:59 2025 GMT Subject: serialNumber=d6619758d06c532bb90b5eaa9619e58226453be04f6803606b4ee60d3e4fd41e, CN=b25c970f-d813-445c-bfe2-62668518c87e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:94:44:0d:57:e1:f1:5c:9b:d0:ec:68:72:a1: c3:86:17:e7:18:a2:db:f6:86:60:10:d7:c2:27:14: ec:fe:ee:81:f1:3c:bf:e0:10:b2:ee:58:b1:dd:63: 55:13:5e:ff:27:7f:d1:4f:55:f4:68:74:a2:81:90: e4:5b:25:72:53:68:aa:f4:94:fa:1c:2d:db:49:1d: c3:24:42:dc:21:24:e6:fc:92:ff:be:6b:4f:cc:a9: a6:29:f1:84:14:1b:18:a8:7b:1f:0d:6b:15:35:66: f4:0c:94:65:44:b2:a5:b3:50:be:2a:2d:04:15:f8: ee:ba:3b:19:42:3b:d5:64:b0:f1:3b:59:1a:06:f5: a5:61:41:72:45:57:e7:fd:5a:a7:7a:8e:21:07:a5: ec:71:bd:89:7a:76:31:c4:4a:9c:ee:fe:4f:1e:28: a1:c8:5b:09:37:b6:9d:bf:13:5d:e4:2a:7e:3e:c1: e5:f3:73:08:cf:14:69:87:f6:b2:2a:77:b1:68:bc: db:a4:a0:f2:bd:60:d5:c4:e2:4f:04:9a:9a:b8:37: 33:11:c6:29:27:cd:b5:84:1f:8c:b1:c0:ec:51:b1: e4:ad:83:a6:9c:0c:c5:c8:02:1a:af:db:0f:8f:d6: d9:91:12:d5:e0:9b:13:56:f7:76:9e:06:73:ce:63: 3b:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:86:B9:B5:59:AD:79:71:D1:FB:23:FE:2A:46:6A:CB:36:D9:7A:1C X509v3 Authority Key Identifier: keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b1564f4a-7df0-4932-af96-1ebffff2e421.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 72.29.0.0/19 Signature Algorithm: sha256WithRSAEncryption 40:d5:81:46:2f:6e:c2:16:a9:e7:1b:b2:68:13:ca:91:25:22: df:08:eb:6d:c1:9f:cc:df:90:03:c7:96:1f:b1:40:74:1a:01: a6:0e:9e:5d:ff:90:28:db:a1:49:42:4a:bd:4d:a2:8a:12:b4: b7:2f:66:c4:23:ab:c3:3f:cd:8e:0c:0c:aa:22:73:2a:d2:2b: bf:8e:e9:a6:20:7d:f4:f8:bb:c4:4e:12:fb:b4:50:d1:94:74: 21:93:bc:75:98:12:6f:15:a4:00:a6:b5:c9:23:27:62:0d:75: 13:69:7d:f0:ea:9e:41:14:59:a0:a1:87:e4:01:f9:7d:1d:23: 55:d6:47:e0:da:0b:28:0c:df:5d:28:c5:c8:5a:be:c7:44:04: 63:c1:84:b0:60:43:be:ca:ba:f3:a1:f1:20:9f:ff:12:b4:4a: da:81:d1:ca:20:03:c2:64:a7:bd:9d:84:79:59:cd:da:1d:94: 6a:61:4f:2a:9a:3e:f2:1c:7e:35:34:da:1d:d4:51:ed:b4:be: 81:37:54:5e:3a:de:36:d2:44:ef:d1:3a:ea:6b:7a:e4:28:17: c2:89:c3:b7:36:66:06:7d:70:7c:4d:f9:bc:51:9c:f2:a1:b7: 45:37:19:ab:5c:2a:42:25:64:aa:ed:7e:08:96:93:58:16:6d: 0f:b7:a1:f5 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUT4lDolFn1zli8ifjtO8vT9jDIywwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwODA4MDAyMDE2WhcNMjUwOTEyMjM1OTU5 WjB6MUkwRwYDVQQFE0BkNjYxOTc1OGQwNmM1MzJiYjkwYjVlYWE5NjE5ZTU4MjI2 NDUzYmUwNGY2ODAzNjA2YjRlZTYwZDNlNGZkNDFlMS0wKwYDVQQDEyRiMjVjOTcw Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDFlEQNV+HxXJvQ7GhyocOGF+cYotv2hmAQ18InFOz+7oHx PL/gELLuWLHdY1UTXv8nf9FPVfRodKKBkORbJXJTaKr0lPocLdtJHcMkQtwhJOb8 kv++a0/MqaYp8YQUGxioex8NaxU1ZvQMlGVEsqWzUL4qLQQV+O66OxlCO9VksPE7 WRoG9aVhQXJFV+f9Wqd6jiEHpexxvYl6djHESpzu/k8eKKHIWwk3tp2/E13kKn4+ weXzcwjPFGmH9rIqd7FovNukoPK9YNXE4k8Empq4NzMRxiknzbWEH4yxwOxRseSt g6acDMXIAhqv2w+P1tmREtXgmxNW93aeBnPOYzs/AgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUjIa5tVmteXHR+yP+KkZqyzbZehwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04 ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3 MjVjMDQyOTQyL2IxNTY0ZjRhLTdkZjAtNDkzMi1hZjk2LTFlYmZmZmYyZTQyMS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAVIHQAwDQYJKoZIhvcNAQELBQADggEBAEDVgUYvbsIWqecbsmgTypElIt8I 623Bn8zfkAPHlh+xQHQaAaYOnl3/kCjboUlCSr1NoooStLcvZsQjq8M/zY4MDKoi cyrSK7+O6aYgffT4u8ROEvu0UNGUdCGTvHWYEm8VpACmtckjJ2INdRNpffDqnkEU WaChh+QB+X0dI1XWR+DaCygM310oxchavsdEBGPBhLBgQ77KuvOh8SCf/xK0StqB 0cogA8Jkp72dhHlZzdodlGphTyqaPvIcfjU02h3UUe20voE3VF463jbSRO/ROupr euQoF8KJw7c2ZgZ9cHxN+bxRnPKht0U3GatcKkIlZKrtfgiWk1gWbQ+3ofU= -----END CERTIFICATE-----Generated at Wed Aug 20 10:45:56 2025 by rpki-client