$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/71148066-49a2-41d1-9e03-9f35254905d3.roa File: 71148066-49a2-41d1-9e03-9f35254905d3.roa (raw, json) Hash identifier: c4KTpVSr9pLXfN393SwgDks4mo3cX8WX2uU2ub7iqAw= Subject key identifier: 64:2A:25:93:D3:6E:D8:B7:7C:DF:A9:42:42:24:0E:BA:E1:A9:8F:57 Certificate issuer: /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c Certificate serial: 170999EFA97B6E3F7E5F895A4DDCAAB652EB1B71 Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/71148066-49a2-41d1-9e03-9f35254905d3.roa Signing time: Sun 19 Oct 2025 04:00:18 +0000 ROA not before: Sun 19 Oct 2025 04:00:18 +0000 ROA not after: Sun 23 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 35.96.41.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Tue 21 Oct 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:09:99:ef:a9:7b:6e:3f:7e:5f:89:5a:4d:dc:aa:b6:52:eb:1b:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c Validity Not Before: Oct 19 04:00:18 2025 GMT Not After : Nov 23 23:59:59 2025 GMT Subject: serialNumber=37ac9e600fb1ee0e38f466a70878eab892bc23112a50d24748b8198a5333475b, CN=8cd8442f-235f-4171-84e6-8e1007a64c60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:98:33:05:7d:c5:1d:e1:80:52:b6:bb:28:63: e1:94:44:0b:12:65:51:04:d7:2b:21:8f:4b:7e:65: d5:b2:91:ca:3f:a0:e8:2e:86:17:39:66:63:5c:dc: 23:f6:0a:94:5c:14:e3:cc:82:80:10:6d:2b:2a:42: 61:85:b6:05:62:3c:4d:24:a1:58:b6:c8:ae:27:91: 78:b9:7e:b9:7e:45:43:c9:6e:ee:d1:8b:f8:f3:96: 90:c3:2f:dd:29:f8:14:8a:b8:60:d5:68:26:38:df: 20:64:84:a4:d4:bf:77:08:eb:21:9c:18:37:6e:da: c1:6a:a5:b7:e8:fb:3e:5c:ae:3c:bd:3a:9b:a6:22: ab:4e:09:7d:ff:16:c0:d9:e9:a6:9f:01:9a:fb:af: 55:06:ee:5b:ef:cc:8e:59:55:cd:0d:0f:a5:4f:bf: 73:58:7e:2d:51:65:af:9b:cc:d5:41:d2:6f:05:b4: dd:02:5f:06:a0:54:62:7f:f3:64:f7:81:aa:3a:3e: 28:d0:47:c6:98:75:17:dd:6f:9b:d1:c2:be:56:48: 67:ed:91:f7:03:9d:e7:3e:ff:a5:f9:85:90:d9:ae: b8:27:c4:31:c7:c5:db:03:94:a6:60:ea:2d:e1:5a: b2:fa:0f:93:af:68:73:13:4a:1e:bf:0b:fc:42:06: 4f:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:2A:25:93:D3:6E:D8:B7:7C:DF:A9:42:42:24:0E:BA:E1:A9:8F:57 X509v3 Authority Key Identifier: keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/71148066-49a2-41d1-9e03-9f35254905d3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 35.96.41.0/24 Signature Algorithm: sha256WithRSAEncryption 12:dd:4b:c0:90:03:96:49:90:60:e6:f3:4f:5f:53:69:d0:8c: c8:79:76:10:31:28:76:c5:5f:84:a6:ad:91:42:d8:1b:16:fd: 02:39:64:f6:d9:b4:98:93:36:58:d7:fa:83:94:bd:13:68:e3: e2:63:b9:c3:14:c6:74:9e:21:9e:da:7d:df:76:41:e4:59:c2: 8c:01:7e:0a:53:d5:d4:8e:0c:bb:5e:65:17:ca:b6:bc:64:e0: 25:9a:a0:6c:68:d8:01:6e:6a:83:d4:b0:9c:56:c7:82:c0:78: 0c:64:0c:85:e8:9e:d9:8b:4a:4d:47:a4:c6:f0:e4:78:a6:37: 4a:11:d1:d9:8c:9c:1b:fa:c1:f5:71:95:96:29:aa:27:b1:02: e2:bf:ee:ee:ee:d9:c8:49:3c:63:b9:d1:f4:78:55:07:d2:9e: 8c:9b:02:f7:73:50:01:48:0c:b4:bf:34:3e:90:69:d5:a8:8b: cd:d6:d9:e6:37:e1:b7:64:2e:77:c8:95:fb:2d:bc:13:86:64: 1e:eb:6f:ce:22:b2:d1:a6:31:82:5c:12:e3:02:c2:59:6b:10: bf:bb:c6:be:61:8a:fb:11:75:26:27:fd:3c:d4:32:86:b4:1f: b6:36:07:22:3d:ee:6d:6d:69:19:a4:c2:4d:1a:ba:ec:f6:a2: 63:8e:06:18 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUFwmZ76l7bj9+X4laTdyqtlLrG3EwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUxMDE5MDQwMDE4WhcNMjUxMTIzMjM1OTU5 WjB6MUkwRwYDVQQFE0AzN2FjOWU2MDBmYjFlZTBlMzhmNDY2YTcwODc4ZWFiODky YmMyMzExMmE1MGQyNDc0OGI4MTk4YTUzMzM0NzViMS0wKwYDVQQDEyQ4Y2Q4NDQy Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCKmDMFfcUd4YBStrsoY+GURAsSZVEE1yshj0t+ZdWykco/ oOguhhc5ZmNc3CP2CpRcFOPMgoAQbSsqQmGFtgViPE0koVi2yK4nkXi5frl+RUPJ bu7Ri/jzlpDDL90p+BSKuGDVaCY43yBkhKTUv3cI6yGcGDdu2sFqpbfo+z5crjy9 OpumIqtOCX3/FsDZ6aafAZr7r1UG7lvvzI5ZVc0ND6VPv3NYfi1RZa+bzNVB0m8F tN0CXwagVGJ/82T3gao6PijQR8aYdRfdb5vRwr5WSGftkfcDnec+/6X5hZDZrrgn xDHHxdsDlKZg6i3hWrL6D5OvaHMTSh6/C/xCBk+vAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUZColk9Nu2Ld836lCQiQOuuGpj1cwHwYDVR0jBBgwFoAUasw+faLnbZkR D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00 NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1 Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx MTI5ODY2MzYyLzcxMTQ4MDY2LTQ5YTItNDFkMS05ZTAzLTlmMzUyNTQ5MDVkMy5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4 LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAAjYCkwDQYJKoZIhvcNAQELBQADggEBABLdS8CQA5ZJkGDm809fU2nQjMh5 dhAxKHbFX4SmrZFC2BsW/QI5ZPbZtJiTNljX+oOUvRNo4+JjucMUxnSeIZ7afd92 QeRZwowBfgpT1dSODLteZRfKtrxk4CWaoGxo2AFuaoPUsJxWx4LAeAxkDIXontmL Sk1HpMbw5HimN0oR0dmMnBv6wfVxlZYpqiexAuK/7u7u2chJPGO50fR4VQfSnoyb AvdzUAFIDLS/ND6QadWoi83W2eY34bdkLnfIlfstvBOGZB7rb84istGmMYJcEuMC wllrEL+7xr5hivsRdSYn/TzUMoa0H7Y2ByI97m1taRmkwk0auuz2omOOBhg= -----END CERTIFICATE-----Generated at Mon Oct 20 13:43:52 2025 by rpki-client