$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/657ed07e-fe87-4071-8960-e0b18e49fe3c.roa File: 657ed07e-fe87-4071-8960-e0b18e49fe3c.roa (raw, json) Hash identifier: MPTuNwT842Gv5glBr6w8uD03+T3V4Adjvsrj9RXHleA= Subject key identifier: E3:E3:21:A0:F2:BE:E7:BB:1E:9F:C9:11:14:D9:EC:13:CC:2D:97:4F Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 5BD7626E6660B03A1297222A417C1B98B307AE21 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/657ed07e-fe87-4071-8960-e0b18e49fe3c.roa Signing time: Fri 24 Oct 2025 00:20:05 +0000 ROA not before: Fri 24 Oct 2025 00:20:05 +0000 ROA not after: Fri 28 Nov 2025 23:59:59 +0000 asID: 8987 IP address blocks: 2600:f0f0:4100::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Wed 05 Nov 2025 22:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:d7:62:6e:66:60:b0:3a:12:97:22:2a:41:7c:1b:98:b3:07:ae:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Oct 24 00:20:05 2025 GMT Not After : Nov 28 23:59:59 2025 GMT Subject: serialNumber=6c98abc9f6bdd3098791a150f85ebb9dfb8737e50288d39ceef25700c7d7f2b7, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:c0:86:43:95:e5:5d:f9:5e:96:1c:09:ec:d9: 81:de:ed:2b:b6:69:a7:b8:c5:aa:64:74:22:35:47: 97:02:c2:2a:a8:41:ba:a6:08:d8:0c:1d:69:d2:22: cf:68:4a:d4:44:ce:fb:46:5c:74:09:7e:2a:a3:f1: 08:0f:db:b4:49:45:2a:30:35:95:7f:68:63:83:3d: bf:00:41:8a:e7:cd:57:f4:5c:ed:49:2d:6c:d9:f3: e4:56:59:18:e1:49:c8:77:ea:0c:86:ad:e8:db:cc: a9:c7:b9:72:46:fd:ec:c4:13:3f:09:a1:70:41:72: 39:b0:bc:23:3a:2d:90:f8:96:fb:ef:4f:2d:c6:f0: f5:76:9b:81:56:2a:3b:d4:8e:b5:92:6c:5d:1d:b1: 3c:35:56:80:04:c0:5a:7d:d8:17:d6:d5:59:49:04: 08:b9:0b:53:fb:fa:1a:34:6c:2b:f6:89:cc:83:45: 15:af:c6:ee:25:04:9a:5d:e8:31:d3:1a:38:9c:a8: 00:69:4a:13:6c:05:26:8e:c4:7a:1e:52:14:0f:25: 8f:b3:35:6f:e6:12:c6:d1:46:82:53:f9:e4:99:ee: 02:12:38:cf:5c:b4:38:96:6e:ca:3e:b1:fa:36:9b: ee:73:ed:5d:ac:d4:5e:5d:8b:0a:f0:e7:a0:81:9b: 73:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:E3:21:A0:F2:BE:E7:BB:1E:9F:C9:11:14:D9:EC:13:CC:2D:97:4F X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/657ed07e-fe87-4071-8960-e0b18e49fe3c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0f0:4100::/40 Signature Algorithm: sha256WithRSAEncryption 40:a8:6a:a9:a4:d0:17:b2:5e:30:79:89:4e:e0:ea:cd:9e:70: 12:af:83:97:42:5f:21:17:35:ce:98:59:b5:81:d3:be:01:69: 3f:c8:d6:6d:2a:d9:89:fe:43:a9:83:98:a3:67:b2:f0:de:94: 6f:68:78:93:56:3d:b7:59:5f:06:c6:5c:6a:a0:10:7d:3e:dc: d1:82:94:2a:b5:8f:ad:60:56:83:88:c0:2f:c9:01:53:6a:75: e6:44:bb:41:10:76:ce:f5:8d:1d:9e:6e:fa:83:7f:08:8a:9b: a6:0b:7e:f3:bb:f6:99:a5:8e:e5:11:3f:f5:9b:7c:cb:1f:7a: 50:5a:d1:e4:64:12:a5:fa:99:29:e9:8a:74:76:bf:ad:e5:fa: 3d:11:40:70:37:ff:e3:15:40:89:18:b2:a9:75:c2:99:f6:35: a5:73:ad:98:69:73:9e:c3:db:db:ec:2f:42:71:26:d3:f6:23: a2:65:99:89:64:67:4d:d5:74:55:4f:41:7d:e0:be:21:12:71: 80:5d:bd:31:a0:e0:b6:ca:02:9f:1d:ee:b7:e8:90:33:7c:f0: 6a:d8:64:e3:a2:be:10:fe:bf:c1:77:de:d2:a9:c9:46:45:65: 8d:64:74:52:f3:1f:38:62:5b:f0:b8:e5:c5:2c:64:26:da:e3: e6:3f:ae:ff -----BEGIN CERTIFICATE----- MIIF+jCCBOKgAwIBAgIUW9dibmZgsDoSlyIqQXwbmLMHriEwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDI0MDAyMDA1WhcNMjUxMTI4MjM1OTU5 WjB6MUkwRwYDVQQFE0A2Yzk4YWJjOWY2YmRkMzA5ODc5MWExNTBmODVlYmI5ZGZi ODczN2U1MDI4OGQzOWNlZWYyNTcwMGM3ZDdmMmI3MS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCywIZDleVd+V6WHAns2YHe7Su2aae4xapkdCI1R5cCwiqo QbqmCNgMHWnSIs9oStREzvtGXHQJfiqj8QgP27RJRSowNZV/aGODPb8AQYrnzVf0 XO1JLWzZ8+RWWRjhSch36gyGrejbzKnHuXJG/ezEEz8JoXBBcjmwvCM6LZD4lvvv Ty3G8PV2m4FWKjvUjrWSbF0dsTw1VoAEwFp92BfW1VlJBAi5C1P7+ho0bCv2icyD RRWvxu4lBJpd6DHTGjicqABpShNsBSaOxHoeUhQPJY+zNW/mEsbRRoJT+eSZ7gIS OM9ctDiWbso+sfo2m+5z7V2s1F5diwrw56CBm3ONAgMBAAGjggKzMIICrzAdBgNV HQ4EFgQU4+MhoPK+57sen8kRFNnsE8wtl08wHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2LzY1N2VkMDdlLWZlODctNDA3MS04OTYwLWUwYjE4ZTQ5ZmUzYy5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC MAgDBgAmAPDwQTANBgkqhkiG9w0BAQsFAAOCAQEAQKhqqaTQF7JeMHmJTuDqzZ5w Eq+Dl0JfIRc1zphZtYHTvgFpP8jWbSrZif5DqYOYo2ey8N6Ub2h4k1Y9t1lfBsZc aqAQfT7c0YKUKrWPrWBWg4jAL8kBU2p15kS7QRB2zvWNHZ5u+oN/CIqbpgt+87v2 maWO5RE/9Zt8yx96UFrR5GQSpfqZKemKdHa/reX6PRFAcDf/4xVAiRiyqXXCmfY1 pXOtmGlznsPb2+wvQnEm0/YjomWZiWRnTdV0VU9BfeC+IRJxgF29MaDgtsoCnx3u t+iQM3zwathk46K+EP6/wXfe0qnJRkVljWR0UvMfOGJb8LjlxSxkJtrj5j+u/w== -----END CERTIFICATE-----Generated at Tue Nov 4 04:43:29 2025 by rpki-client