$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a84b381b-bc70-4b19-91a5-fa66fa80011e.roa File: a84b381b-bc70-4b19-91a5-fa66fa80011e.roa (raw, json) Hash identifier: ePuQlZIIZ2Zsyj+a4PLXvWXSShV4wfUKljPxSTzW9Ro= Subject key identifier: BD:14:8C:79:6F:9D:1D:6C:F0:33:CB:0C:4B:9B:DB:EB:88:D9:8D:6D Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 79FAD80381190D4B7D9EC5A0A2FDFD44C40453E3 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a84b381b-bc70-4b19-91a5-fa66fa80011e.roa Signing time: Fri 08 Aug 2025 00:30:50 +0000 ROA not before: Fri 08 Aug 2025 00:30:50 +0000 ROA not after: Fri 12 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:f0f2:7000::/44 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 21 Aug 2025 22:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:fa:d8:03:81:19:0d:4b:7d:9e:c5:a0:a2:fd:fd:44:c4:04:53:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Aug 8 00:30:50 2025 GMT Not After : Sep 12 23:59:59 2025 GMT Subject: serialNumber=9ea39930cd8fea5944247eae140ec1a34fdfd03c1352b2fb926277defa338229, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:3e:4e:1e:3d:bd:08:01:71:6a:4e:7e:c2:b6: f2:7b:7a:c2:17:d3:95:47:35:e1:a2:04:63:e3:fd: 3c:78:7b:92:9d:7f:38:1c:a8:8d:f2:22:85:c8:6e: 3a:07:1f:10:a6:47:4e:04:12:7c:1a:33:94:62:df: 1c:f3:56:67:50:b5:bf:44:8c:90:93:51:53:30:ad: 64:73:ed:3e:eb:99:94:f3:f6:71:f7:87:d0:92:2d: 69:69:e2:95:3f:ed:c3:55:42:d9:6a:f1:90:07:1a: bc:bf:0d:ab:fb:dd:19:5c:3c:46:0a:8f:a9:19:17: 8c:34:57:df:47:0a:a1:a8:b8:59:07:a2:1d:66:c2: 85:36:13:76:ae:30:fb:1c:57:33:48:32:0d:df:a4: 7f:83:f2:0a:30:4d:c9:5a:99:23:d6:9f:29:8f:ef: cf:ff:67:f8:8b:fc:a8:20:cb:90:d7:2d:b4:47:fc: 41:7a:98:56:6c:70:6a:fa:6c:89:80:2c:59:4b:13: 7b:6c:6b:0e:34:7a:6b:23:d7:08:fa:e6:81:89:3b: b5:14:ba:91:82:e5:9e:7a:e0:88:0f:03:84:94:b2: 97:d1:33:f6:af:72:66:f8:d6:2c:5e:ac:1d:58:0b: 76:8c:c6:80:7d:83:89:39:7c:40:47:7c:f8:c3:20: e8:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:14:8C:79:6F:9D:1D:6C:F0:33:CB:0C:4B:9B:DB:EB:88:D9:8D:6D X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/a84b381b-bc70-4b19-91a5-fa66fa80011e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0f2:7000::/44 Signature Algorithm: sha256WithRSAEncryption 9c:6e:0d:c7:e1:8a:b6:4f:b1:cd:d4:99:72:b6:1f:27:d2:b6: da:77:24:00:94:33:21:85:29:f5:f2:63:4b:31:b1:5d:dd:b8: b4:4d:4e:2f:82:29:18:49:0d:32:0c:fa:57:c8:a8:49:b1:e9: 1f:b2:30:f9:22:1b:8f:68:91:67:9d:68:9a:42:e3:2a:9b:22: af:3a:4f:b6:7c:fc:ef:38:ea:13:20:4f:6d:60:05:61:3d:5f: 6e:a2:ca:4a:af:5a:a1:08:09:da:54:00:8b:05:d6:f5:69:5f: d6:02:80:04:ec:5b:28:f3:9d:ee:f9:89:06:00:b0:c9:09:ec: 41:f3:5d:5f:fc:84:e6:f7:72:b1:94:b6:42:33:88:4e:70:0b: 63:d9:ea:66:4d:52:2c:4c:65:66:1b:ea:da:d9:09:79:bb:3c: e7:8c:c7:96:f2:e2:c6:fd:00:61:4d:fc:3a:72:94:4d:ed:f0: d2:92:9c:08:66:69:3f:60:8c:6c:53:18:69:4c:bf:aa:6a:43: 4a:14:ea:0c:01:36:e5:16:f1:50:f0:9e:f7:8d:d3:0c:82:31: 0f:69:85:21:97:ea:49:03:1d:b9:7a:0d:1d:5f:ff:66:11:81: 3e:51:2d:ac:be:66:24:68:f2:b7:10:51:42:ae:22:ed:dc:de: ae:29:fb:df -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUefrYA4EZDUt9nsWgov39RMQEU+MwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwODA4MDAzMDUwWhcNMjUwOTEyMjM1OTU5 WjB6MUkwRwYDVQQFE0A5ZWEzOTkzMGNkOGZlYTU5NDQyNDdlYWUxNDBlYzFhMzRm ZGZkMDNjMTM1MmIyZmI5MjYyNzdkZWZhMzM4MjI5MS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQC+Pk4ePb0IAXFqTn7CtvJ7esIX05VHNeGiBGPj/Tx4e5Kd fzgcqI3yIoXIbjoHHxCmR04EEnwaM5Ri3xzzVmdQtb9EjJCTUVMwrWRz7T7rmZTz 9nH3h9CSLWlp4pU/7cNVQtlq8ZAHGry/Dav73RlcPEYKj6kZF4w0V99HCqGouFkH oh1mwoU2E3auMPscVzNIMg3fpH+D8gowTclamSPWnymP78//Z/iL/Kggy5DXLbRH /EF6mFZscGr6bImALFlLE3tsaw40emsj1wj65oGJO7UUupGC5Z564IgPA4SUspfR M/avcmb41ixerB1YC3aMxoB9g4k5fEBHfPjDIOi1AgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUvRSMeW+dHWzwM8sMS5vb64jZjW0wHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2L2E4NGIzODFiLWJjNzAtNGIxOS05MWE1LWZhNjZmYTgwMDExZS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwQmAPDycAAwDQYJKoZIhvcNAQELBQADggEBAJxuDcfhirZPsc3UmXK2HyfS ttp3JACUMyGFKfXyY0sxsV3duLRNTi+CKRhJDTIM+lfIqEmx6R+yMPkiG49okWed aJpC4yqbIq86T7Z8/O846hMgT21gBWE9X26iykqvWqEICdpUAIsF1vVpX9YCgATs Wyjzne75iQYAsMkJ7EHzXV/8hOb3crGUtkIziE5wC2PZ6mZNUixMZWYb6trZCXm7 POeMx5by4sb9AGFN/DpylE3t8NKSnAhmaT9gjGxTGGlMv6pqQ0oU6gwBNuUW8VDw nveN0wyCMQ9phSGX6kkDHbl6DR1f/2YRgT5RLay+ZiRo8rcQUUKuIu3c3q4p+98= -----END CERTIFICATE-----Generated at Wed Aug 20 10:43:58 2025 by rpki-client