$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/91b85db6-7428-422a-85f4-a3d6732ec01e.roa File: 91b85db6-7428-422a-85f4-a3d6732ec01e.roa (raw, json) Hash identifier: dcTcmxbL2x2jpEqLVF/TrGhf9VXyqcVXQX4TpU5kK9Q= Subject key identifier: 36:03:09:B4:5A:07:69:62:03:F2:86:CC:AE:5E:A7:AF:0B:5B:B7:79 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 53ADABB2950E941548ACC1AF27696056B58BC0C2 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/91b85db6-7428-422a-85f4-a3d6732ec01e.roa Signing time: Wed 22 Oct 2025 00:40:15 +0000 ROA not before: Wed 22 Oct 2025 00:40:15 +0000 ROA not after: Wed 26 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:f0fb:f10e::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Wed 05 Nov 2025 22:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:ad:ab:b2:95:0e:94:15:48:ac:c1:af:27:69:60:56:b5:8b:c0:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Oct 22 00:40:15 2025 GMT Not After : Nov 26 23:59:59 2025 GMT Subject: serialNumber=e9c71d6bb0fe87fc0a8898ace46b3272d2b2e7abd0f68504c7e50691d528c87e, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:b9:27:53:9c:da:92:39:2b:be:19:eb:fe:5e: e7:79:bb:ad:3c:ba:18:65:64:ce:74:50:ba:69:a1: 79:ac:a6:4d:a9:35:b2:5e:a8:7f:08:b4:fb:c9:aa: 6c:14:af:f6:8f:6a:28:8d:71:d7:c6:07:f7:39:ad: a6:55:55:92:11:e4:78:4b:1f:7b:09:df:c6:20:36: 4e:cf:ac:a2:98:10:8f:e5:ec:5b:6e:c0:01:0a:52: a7:ef:ff:75:3d:45:a0:d3:da:14:40:b4:43:9d:11: c1:b1:6b:98:db:36:c9:08:f6:ee:d9:d3:a1:d7:b7: 1b:76:57:42:8a:66:8a:7a:50:3a:63:71:d0:fe:5d: e7:cc:30:d9:5f:c0:ad:ab:8a:cc:00:bc:8c:60:88: 16:87:96:0d:8b:36:5f:1c:ff:12:e1:6e:11:d5:fc: 16:76:50:99:be:b5:4c:99:8d:2a:2f:10:26:d1:b0: c3:57:2b:c5:9c:78:2e:d8:c1:d3:b7:8f:38:37:f0: c7:b1:d1:e7:83:ce:cb:11:c1:56:76:d4:0e:17:15: 6c:63:ad:45:d2:1b:fe:8d:8b:ea:b8:d9:ce:d2:e4: 22:fb:7a:2b:4b:74:60:a5:1d:1c:f9:7f:6b:69:8d: 8e:aa:5f:18:c4:4e:09:16:ae:18:01:1c:e7:40:78: ff:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:03:09:B4:5A:07:69:62:03:F2:86:CC:AE:5E:A7:AF:0B:5B:B7:79 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/91b85db6-7428-422a-85f4-a3d6732ec01e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0fb:f10e::/48 Signature Algorithm: sha256WithRSAEncryption 54:06:f8:cc:99:e7:31:46:56:2e:21:62:4b:cf:17:94:63:5d: 3c:86:86:15:05:af:77:dc:83:4f:7d:40:58:3e:c5:4e:45:fe: 15:68:00:45:35:ce:86:c8:37:ec:b6:f9:c6:90:c2:f4:c0:d7: b1:a7:3e:7a:3f:bc:8b:d6:16:e8:88:70:c7:03:24:fd:06:11: 55:2a:d1:c9:22:88:c2:9c:40:82:ca:61:40:7d:c1:5d:08:c6: 1f:46:5b:c2:60:8c:18:a3:69:2d:86:21:79:5f:18:70:92:70: b5:54:74:be:d3:ca:a7:68:b0:f5:73:19:37:4e:63:3d:c2:64: 59:f7:f3:60:74:b7:01:a5:d7:dc:de:b4:54:43:70:46:7b:06: fa:95:f5:06:5c:3d:48:2b:5a:57:5f:d1:69:e6:1f:1a:52:ad: d8:47:de:6b:07:b4:d7:f1:0c:29:c4:86:a8:6a:2f:f6:45:b5: 44:28:75:bb:4c:8c:75:c3:e1:f1:b1:ff:27:f0:1d:43:54:01: b3:03:32:cf:0c:38:7f:7f:30:b0:89:21:7a:75:a1:96:76:58: 2a:6a:ea:f7:14:a6:ea:76:3c:60:ed:fd:30:d4:7f:0b:8d:5b: ef:f2:0e:f0:de:74:a2:fd:64:1e:dd:9a:dc:0e:c9:45:46:aa: e6:48:41:45 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUU62rspUOlBVIrMGvJ2lgVrWLwMIwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDIyMDA0MDE1WhcNMjUxMTI2MjM1OTU5 WjB6MUkwRwYDVQQFE0BlOWM3MWQ2YmIwZmU4N2ZjMGE4ODk4YWNlNDZiMzI3MmQy YjJlN2FiZDBmNjg1MDRjN2U1MDY5MWQ1MjhjODdlMS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDFuSdTnNqSOSu+Gev+Xud5u608uhhlZM50ULppoXmspk2p NbJeqH8ItPvJqmwUr/aPaiiNcdfGB/c5raZVVZIR5HhLH3sJ38YgNk7PrKKYEI/l 7FtuwAEKUqfv/3U9RaDT2hRAtEOdEcGxa5jbNskI9u7Z06HXtxt2V0KKZop6UDpj cdD+XefMMNlfwK2riswAvIxgiBaHlg2LNl8c/xLhbhHV/BZ2UJm+tUyZjSovECbR sMNXK8WceC7YwdO3jzg38Mex0eeDzssRwVZ21A4XFWxjrUXSG/6Ni+q42c7S5CL7 eitLdGClHRz5f2tpjY6qXxjETgkWrhgBHOdAeP/tAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUNgMJtFoHaWID8obMrl6nrwtbt3kwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2LzkxYjg1ZGI2LTc0MjgtNDIyYS04NWY0LWEzZDY3MzJlYzAxZS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwAmAPD78Q4wDQYJKoZIhvcNAQELBQADggEBAFQG+MyZ5zFGVi4hYkvPF5Rj XTyGhhUFr3fcg099QFg+xU5F/hVoAEU1zobIN+y2+caQwvTA17GnPno/vIvWFuiI cMcDJP0GEVUq0ckiiMKcQILKYUB9wV0Ixh9GW8JgjBijaS2GIXlfGHCScLVUdL7T yqdosPVzGTdOYz3CZFn382B0twGl19zetFRDcEZ7BvqV9QZcPUgrWldf0WnmHxpS rdhH3msHtNfxDCnEhqhqL/ZFtUQodbtMjHXD4fGx/yfwHUNUAbMDMs8MOH9/MLCJ IXp1oZZ2WCpq6vcUpup2PGDt/TDUfwuNW+/yDvDedKL9ZB7dmtwOyUVGquZIQUU= -----END CERTIFICATE-----Generated at Tue Nov 4 04:42:55 2025 by rpki-client