$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/828860c7-04d3-410e-a0e6-5d8782c6c573.roa File: 828860c7-04d3-410e-a0e6-5d8782c6c573.roa (raw, json) Hash identifier: g9ww2Sj6sxs0mIBDoWWt/8VahywppsPpbF/tNn4/jR4= Subject key identifier: 88:E8:D5:A2:DD:79:27:D3:F0:D5:35:8E:1E:86:3E:80:62:15:AA:25 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 3A44168744580D5D115BBA123C7C91DFDFF21DCE Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/828860c7-04d3-410e-a0e6-5d8782c6c573.roa Signing time: Mon 06 Oct 2025 17:40:49 +0000 ROA not before: Mon 06 Oct 2025 17:40:49 +0000 ROA not after: Mon 10 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:f0f0:10a::/47 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Tue 21 Oct 2025 13:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:44:16:87:44:58:0d:5d:11:5b:ba:12:3c:7c:91:df:df:f2:1d:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Oct 6 17:40:49 2025 GMT Not After : Nov 10 23:59:59 2025 GMT Subject: serialNumber=237afe11c6ba0268a31817117b0a8f7a11532e767cc7ccf3bed9b18fdeeea32c, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:d8:a8:83:dc:23:44:be:b5:95:49:6f:12:77: 28:ee:7a:d0:cf:89:59:11:c2:d7:3d:1c:e8:8a:b8: a0:58:c9:58:7e:55:05:36:5c:91:a7:b7:57:c3:05: b3:43:c6:44:52:fd:be:c0:bc:7b:a1:8f:81:5c:ff: a0:23:c5:8e:93:65:37:b2:b5:40:29:68:11:17:4d: 8d:30:5b:08:a5:25:ce:46:5a:0e:3a:b1:bf:7a:7c: 6f:85:ae:7a:81:fe:ed:e5:04:12:0f:a5:89:c1:71: a3:fc:7e:7f:69:b3:f7:51:86:4b:da:d2:e7:33:d0: 71:90:3a:bb:aa:45:2c:da:8c:f0:1e:05:bd:a0:4b: 6a:90:f9:dd:ee:8c:47:51:37:28:d7:94:54:ef:8f: 2c:ff:b9:df:97:b4:fc:e6:52:f4:f5:f1:d2:20:22: 07:fb:08:8f:8c:cd:bf:8b:b4:1e:a5:51:ca:7e:a6: 64:77:18:d2:9e:ff:3c:30:79:da:b1:83:7e:58:7b: ba:e1:24:ef:c8:5d:b5:f6:14:1c:51:fd:ab:e7:a5: a6:af:5b:73:4a:20:50:e9:09:bc:41:94:4f:49:ce: d0:fa:a6:a0:ea:42:37:98:8b:8c:34:65:25:9c:99: 7c:23:e8:4a:0e:fd:9d:26:84:17:da:60:e7:90:75: 5b:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:E8:D5:A2:DD:79:27:D3:F0:D5:35:8E:1E:86:3E:80:62:15:AA:25 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/828860c7-04d3-410e-a0e6-5d8782c6c573.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0f0:10a::/47 Signature Algorithm: sha256WithRSAEncryption 79:71:b3:d3:f8:87:07:ec:4d:97:fb:da:5b:48:8d:1d:4d:d3: 56:58:1f:c7:eb:0d:a4:a8:a6:0b:ab:55:d0:73:26:6a:24:0f: e9:9a:9a:1c:67:e8:55:74:39:6d:2a:3d:de:10:1c:a2:62:6f: 2f:af:6f:58:6a:d1:64:e6:c6:f1:c8:33:7c:80:73:09:1b:b8: ac:0b:4f:11:65:0b:35:c8:24:3e:59:39:f5:29:bc:5d:0f:c2: b4:16:97:f0:97:8e:96:5b:35:5a:68:df:4c:6f:3b:75:6f:95: c5:9c:a7:1e:3e:95:53:f8:f3:fa:13:61:58:95:a7:d6:51:b6: ed:a3:53:bf:90:c3:2d:b6:a5:ea:98:af:ef:48:0c:9a:7a:b9: 45:a9:fc:30:3f:2c:4e:97:36:22:7c:67:37:97:e8:40:18:ea: 8c:53:03:a3:7f:c3:09:05:32:ff:47:41:52:26:0a:ed:7f:a8: b3:80:0f:28:67:db:b4:33:65:84:55:33:42:df:c1:6d:f1:08: 05:1f:1f:1c:ee:99:13:f6:b4:aa:4f:59:c2:60:e2:df:06:2a: 64:7d:97:5f:c3:77:2f:66:3c:75:a7:74:e7:94:ae:6b:07:d9: 7d:5b:30:c9:dc:30:9d:20:91:47:a5:d4:80:23:f6:5b:6c:8f: 0e:7e:e1:06 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUOkQWh0RYDV0RW7oSPHyR39/yHc4wDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDA2MTc0MDQ5WhcNMjUxMTEwMjM1OTU5 WjB6MUkwRwYDVQQFE0AyMzdhZmUxMWM2YmEwMjY4YTMxODE3MTE3YjBhOGY3YTEx NTMyZTc2N2NjN2NjZjNiZWQ5YjE4ZmRlZWVhMzJjMS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDL2KiD3CNEvrWVSW8SdyjuetDPiVkRwtc9HOiKuKBYyVh+ VQU2XJGnt1fDBbNDxkRS/b7AvHuhj4Fc/6AjxY6TZTeytUApaBEXTY0wWwilJc5G Wg46sb96fG+FrnqB/u3lBBIPpYnBcaP8fn9ps/dRhkva0ucz0HGQOruqRSzajPAe Bb2gS2qQ+d3ujEdRNyjXlFTvjyz/ud+XtPzmUvT18dIgIgf7CI+Mzb+LtB6lUcp+ pmR3GNKe/zwwedqxg35Ye7rhJO/IXbX2FBxR/avnpaavW3NKIFDpCbxBlE9JztD6 pqDqQjeYi4w0ZSWcmXwj6EoO/Z0mhBfaYOeQdVsfAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUiOjVot15J9Pw1TWOHoY+gGIVqiUwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2LzgyODg2MGM3LTA0ZDMtNDEwZS1hMGU2LTVkODc4MmM2YzU3My5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwEmAPDwAQowDQYJKoZIhvcNAQELBQADggEBAHlxs9P4hwfsTZf72ltIjR1N 01ZYH8frDaSopgurVdBzJmokD+mamhxn6FV0OW0qPd4QHKJiby+vb1hq0WTmxvHI M3yAcwkbuKwLTxFlCzXIJD5ZOfUpvF0PwrQWl/CXjpZbNVpo30xvO3VvlcWcpx4+ lVP48/oTYViVp9ZRtu2jU7+Qwy22peqYr+9IDJp6uUWp/DA/LE6XNiJ8ZzeX6EAY 6oxTA6N/wwkFMv9HQVImCu1/qLOADyhn27QzZYRVM0LfwW3xCAUfHxzumRP2tKpP WcJg4t8GKmR9l1/Ddy9mPHWndOeUrmsH2X1bMMncMJ0gkUel1IAj9ltsjw5+4QY= -----END CERTIFICATE-----Generated at Mon Oct 20 13:53:22 2025 by rpki-client