$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/aad24a2e-f61b-42b4-9509-9e06a136eb0b.roa File: aad24a2e-f61b-42b4-9509-9e06a136eb0b.roa (raw, json) Hash identifier: tzqoTlmBiLzMJ/pTqnIUHh60koGB6WzOsufIAgK5ZQQ= Subject key identifier: 65:E0:18:00:2F:24:56:72:38:B1:53:5A:00:06:EF:2E:B9:66:34:66 Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Certificate serial: 088B879C4F97595E91BFDABB0E17747026D2AD09 Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/aad24a2e-f61b-42b4-9509-9e06a136eb0b.roa Signing time: Fri 15 Aug 2025 15:30:10 +0000 ROA not before: Fri 15 Aug 2025 15:30:10 +0000 ROA not after: Fri 19 Sep 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2600:f0f0:5502::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Thu 21 Aug 2025 22:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:8b:87:9c:4f:97:59:5e:91:bf:da:bb:0e:17:74:70:26:d2:ad:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08 Validity Not Before: Aug 15 15:30:10 2025 GMT Not After : Sep 19 23:59:59 2025 GMT Subject: serialNumber=be9879acfc34b0151cffc3e8d7adb96f28442227cf1352836beb9974ea7f67ba, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:d4:4e:fe:18:8c:7b:d5:c5:06:35:72:16:c1: a9:19:a4:d9:cf:3b:71:40:5f:aa:86:b4:55:c7:0e: b2:42:0a:da:42:34:1d:a3:43:7b:17:b8:35:a0:27: d9:b9:06:02:d7:70:01:49:2e:45:be:9e:eb:64:a4: 63:28:82:ae:0f:bb:24:07:69:19:57:b3:14:db:12: 2b:ed:40:14:c4:19:3a:84:77:38:17:b7:4d:c9:06: 60:24:bf:dc:cf:2c:18:b0:8b:13:7d:17:2d:fa:c4: cf:3c:4c:ed:91:53:f8:d2:5c:5e:a3:81:0a:12:e9: 75:73:1f:ea:1c:2e:92:d6:7d:67:90:ae:42:39:35: b3:cb:db:f8:4d:cd:23:a7:4a:f6:68:cd:7a:d3:0e: 32:a3:b3:cf:37:c1:ef:18:f1:8f:ba:fe:6c:33:67: fe:3b:54:05:65:af:5e:94:25:86:9d:e1:6d:2b:e9: 72:be:0a:60:26:3b:fd:36:3b:8d:d0:b5:40:6d:8c: aa:dd:29:b8:4d:ee:8a:09:38:8a:53:3a:a6:4c:85: a2:a8:3e:27:77:28:a9:7f:01:0c:15:3a:a3:e9:85: a5:a9:eb:59:a7:3f:0a:4b:91:6c:f9:c9:13:c3:04: 1e:38:95:76:25:b4:11:a6:cb:ed:99:9d:cb:f6:52: ad:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:E0:18:00:2F:24:56:72:38:B1:53:5A:00:06:EF:2E:B9:66:34:66 X509v3 Authority Key Identifier: keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/aad24a2e-f61b-42b4-9509-9e06a136eb0b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2600:f0f0:5502::/48 Signature Algorithm: sha256WithRSAEncryption 19:3a:58:bb:e4:d2:bf:3d:f4:57:d3:d1:e4:3a:65:5a:c9:9a: 0a:3d:2a:b9:4c:a2:17:33:e4:7d:92:1c:d2:5d:31:ba:40:91: e4:2f:2e:f8:5f:b6:7b:73:82:23:18:4e:1d:39:7e:e1:a3:4e: 86:ea:01:86:3f:83:3f:c7:40:83:02:a8:a2:1d:7d:fb:de:77: a1:01:f4:2c:fd:2f:aa:9e:21:2a:13:7e:46:9a:a7:7f:f3:32: eb:cb:26:d3:04:e2:78:a7:5e:bb:f2:c8:fc:47:36:52:e6:24: f0:8d:70:ef:7f:7c:b3:33:16:8c:ff:eb:85:0d:bd:0e:6a:ae: 3e:49:da:91:7c:a2:c6:91:a1:88:e0:47:47:3f:e6:f9:d5:99: 59:ac:5f:b8:7d:c6:81:dc:b1:b0:0f:72:93:7f:97:84:e9:89: ae:c1:9f:df:00:f3:b3:f3:b7:38:af:fe:7e:53:7d:62:7b:82: 5f:42:a5:21:10:07:4b:6f:66:85:87:f1:8d:3a:54:67:20:f5: 01:5e:23:d0:fb:08:06:58:4d:c8:e7:86:b9:aa:ba:b8:50:3d: 0e:65:0e:26:ce:2c:af:5c:7e:c6:b2:db:35:d0:f3:ab:be:f3: ff:c6:77:23:34:15:71:57:30:f4:b4:d0:33:d4:98:f4:23:38: 95:2e:17:c8 -----BEGIN CERTIFICATE----- MIIF+zCCBOOgAwIBAgIUCIuHnE+XWV6Rv9q7Dhd0cCbSrQkwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwODE1MTUzMDEwWhcNMjUwOTE5MjM1OTU5 WjB6MUkwRwYDVQQFE0BiZTk4NzlhY2ZjMzRiMDE1MWNmZmMzZThkN2FkYjk2ZjI4 NDQyMjI3Y2YxMzUyODM2YmViOTk3NGVhN2Y2N2JhMS0wKwYDVQQDEyRmYmIyNzU3 Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCN1E7+GIx71cUGNXIWwakZpNnPO3FAX6qGtFXHDrJCCtpC NB2jQ3sXuDWgJ9m5BgLXcAFJLkW+nutkpGMogq4PuyQHaRlXsxTbEivtQBTEGTqE dzgXt03JBmAkv9zPLBiwixN9Fy36xM88TO2RU/jSXF6jgQoS6XVzH+ocLpLWfWeQ rkI5NbPL2/hNzSOnSvZozXrTDjKjs883we8Y8Y+6/mwzZ/47VAVlr16UJYad4W0r 6XK+CmAmO/02O43QtUBtjKrdKbhN7ooJOIpTOqZMhaKoPid3KKl/AQwVOqPphaWp 61mnPwpLkWz5yRPDBB44lXYltBGmy+2Zncv2Uq3ZAgMBAAGjggK0MIICsDAdBgNV HQ4EFgQUZeAYAC8kVnI4sVNaAAbvLrlmNGYwHwYDVR0jBBgwFoAULhjiCKGCVxsJ fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4 YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk NjJlNDhmMDU2L2FhZDI0YTJlLWY2MWItNDJiNC05NTA5LTllMDZhMTM2ZWIwYi5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3 LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC MAkDBwAmAPDwVQIwDQYJKoZIhvcNAQELBQADggEBABk6WLvk0r899FfT0eQ6ZVrJ mgo9KrlMohcz5H2SHNJdMbpAkeQvLvhftntzgiMYTh05fuGjTobqAYY/gz/HQIMC qKIdffved6EB9Cz9L6qeISoTfkaap3/zMuvLJtME4ninXrvyyPxHNlLmJPCNcO9/ fLMzFoz/64UNvQ5qrj5J2pF8osaRoYjgR0c/5vnVmVmsX7h9xoHcsbAPcpN/l4Tp ia7Bn98A87Pztziv/n5TfWJ7gl9CpSEQB0tvZoWH8Y06VGcg9QFeI9D7CAZYTcjn hrmqurhQPQ5lDibOLK9cfsay2zXQ86u+8//GdyM0FXFXMPS00DPUmPQjOJUuF8g= -----END CERTIFICATE-----Generated at Wed Aug 20 10:42:44 2025 by rpki-client