$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a05fd272-e896-4327-ba78-a6cbca5483ef.roa File: a05fd272-e896-4327-ba78-a6cbca5483ef.roa (raw, json) Hash identifier: iTiyx6zrKCxkwe/8h81DXhsSYDPxBih65XF4cvCnJGY= Subject key identifier: 68:A1:1B:6A:1E:55:A4:CB:D0:07:3F:E8:C1:8F:74:4C:A0:65:41:38 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 538BA2716BE73AB4C8569F3548F78E8A474824B9 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a05fd272-e896-4327-ba78-a6cbca5483ef.roa Signing time: Wed 22 Oct 2025 00:40:12 +0000 ROA not before: Wed 22 Oct 2025 00:40:12 +0000 ROA not after: Wed 26 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:f0fb:f109::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Wed 05 Nov 2025 22:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:8b:a2:71:6b:e7:3a:b4:c8:56:9f:35:48:f7:8e:8a:47:48:24:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Oct 22 00:40:12 2025 GMT Not After : Nov 26 23:59:59 2025 GMT Subject: serialNumber=868ad67c358a6d53a638ed93d4f72e3b35c9a48f38058ba0604da4530da420c9, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:98:0c:43:83:8a:75:c9:c1:49:67:d6:bf:3e: 5f:ac:69:71:e7:8e:db:ec:88:f4:7a:7e:0d:31:02: a6:fc:cd:7d:c9:98:3c:32:5e:43:a2:7a:d9:0d:9e: d7:b3:3e:dc:23:b0:a5:6e:06:f6:71:5b:fb:b0:68: 56:71:a6:1a:38:cd:9d:09:0c:b7:e8:52:a6:cf:dd: d9:53:23:82:32:88:17:8e:cd:07:78:02:67:cb:6c: f9:fd:73:70:7b:d6:5a:73:62:aa:e6:94:ca:c4:b1: b5:e4:3a:18:25:c3:53:ff:18:bf:f9:89:af:a8:8f: d6:48:88:66:8c:b4:86:11:7d:c6:11:47:86:89:a3: bd:eb:49:61:42:78:ef:1c:b3:c2:c1:1a:22:01:fd: b5:f3:c3:a3:fd:6e:0f:ae:6a:e2:43:5e:7b:29:b5: c3:98:48:3f:cc:1d:8a:17:e0:97:73:7e:8a:0b:2a: ee:80:e3:1e:a1:98:d8:fa:5b:43:58:0e:9e:1d:55: a1:95:83:13:c3:91:49:98:3a:f9:22:1b:ac:01:65: 18:66:88:e6:70:79:f9:a1:d9:20:ac:d2:b5:89:2f: f6:93:22:1c:9a:bb:8d:dd:f1:78:52:87:60:8d:6e: 2f:46:b1:00:f5:48:d0:91:9f:72:f3:68:98:0e:95: 31:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:A1:1B:6A:1E:55:A4:CB:D0:07:3F:E8:C1:8F:74:4C:A0:65:41:38 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a05fd272-e896-4327-ba78-a6cbca5483ef.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0fb:f109::/48 Signature Algorithm: sha256WithRSAEncryption 95:ca:73:6d:df:ef:86:12:4a:b1:e5:cf:47:a6:5f:7e:a0:11: c0:93:17:a3:41:ea:99:cc:1e:6c:a8:2e:fe:e8:16:39:41:e8: 3c:20:88:91:24:39:41:8a:9c:ee:c5:fe:a6:31:0e:c7:65:bc: 0a:16:6e:c6:fb:b0:b2:13:5f:b3:13:29:75:e2:67:86:aa:08: 72:cf:8a:24:9a:18:7d:4f:63:59:04:1f:8f:66:d6:bb:8c:04: d3:17:9e:33:c8:81:78:86:77:f7:a9:32:bc:57:e3:5c:be:65: 4d:dc:2a:33:1c:0f:df:3a:c3:56:1d:8a:44:64:70:4c:ea:9d: bd:74:d6:4a:58:6c:92:91:9d:78:9f:2a:5d:7f:82:29:01:b7: 2d:f3:6c:f9:a0:e3:a1:3b:a2:53:20:f7:97:0f:81:7a:a7:94: fc:f1:08:15:8a:3b:29:71:23:88:ad:42:33:20:1d:95:d6:b7: 9a:93:1e:ca:c2:49:70:94:69:ff:a8:a9:34:fd:e5:9e:fe:bb: c4:04:2c:f8:1d:49:ee:fc:59:20:fe:ac:cb:44:fc:f6:91:cb: 49:51:8f:c5:e5:61:d0:2a:2c:57:22:57:0f:21:aa:02:13:12: 88:68:8e:a8:e8:b3:2f:43:19:31:99:a1:d7:26:0d:8b:15:b4: 34:96:8e:04 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUU4uicWvnOrTIVp81SPeOikdIJLkwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUxMDIyMDA0MDEyWhcNMjUxMTI2MjM1OTU5 WjB6MUkwRwYDVQQFE0A4NjhhZDY3YzM1OGE2ZDUzYTYzOGVkOTNkNGY3MmUzYjM1 YzlhNDhmMzgwNThiYTA2MDRkYTQ1MzBkYTQyMGM5MS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDLmAxDg4p1ycFJZ9a/Pl+saXHnjtvsiPR6fg0xAqb8zX3J mDwyXkOietkNntezPtwjsKVuBvZxW/uwaFZxpho4zZ0JDLfoUqbP3dlTI4IyiBeO zQd4AmfLbPn9c3B71lpzYqrmlMrEsbXkOhglw1P/GL/5ia+oj9ZIiGaMtIYRfcYR R4aJo73rSWFCeO8cs8LBGiIB/bXzw6P9bg+uauJDXnsptcOYSD/MHYoX4JdzfooL Ku6A4x6hmNj6W0NYDp4dVaGVgxPDkUmYOvkiG6wBZRhmiOZwefmh2SCs0rWJL/aT Ihyau43d8XhSh2CNbi9GsQD1SNCRn3LzaJgOlTHBAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUaKEbah5VpMvQBz/owY90TKBlQTgwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2L2EwNWZkMjcyLWU4OTYtNDMyNy1iYTc4LWE2Y2JjYTU0ODNlZi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwAmAPD78QkwDQYJKoZIhvcNAQELBQADggEBAJXKc23f74YSSrHlz0emX36g EcCTF6NB6pnMHmyoLv7oFjlB6DwgiJEkOUGKnO7F/qYxDsdlvAoWbsb7sLITX7MT KXXiZ4aqCHLPiiSaGH1PY1kEH49m1ruMBNMXnjPIgXiGd/epMrxX41y+ZU3cKjMc D986w1YdikRkcEzqnb101kpYbJKRnXifKl1/gikBty3zbPmg46E7olMg95cPgXqn lPzxCBWKOylxI4itQjMgHZXWt5qTHsrCSXCUaf+oqTT95Z7+u8QELPgdSe78WSD+ rMtE/PaRy0lRj8XlYdAqLFciVw8hqgITEohojqjosy9DGTGZodcmDYsVtDSWjgQ= -----END CERTIFICATE-----Generated at Tue Nov 4 04:43:29 2025 by rpki-client