$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/caa7d407-5b15-4761-9d49-f36ba2078f3c.roa File: caa7d407-5b15-4761-9d49-f36ba2078f3c.roa (raw, json) Hash identifier: kieXFTVxyUkOiymOZWVwtrkz3CanKEBrEsH+eNnSYAc= Subject key identifier: 94:F0:4B:DA:94:24:C0:D3:AB:E4:16:3E:71:B2:A4:93:3C:F7:2A:4A Certificate issuer: /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c Certificate serial: 4E78BA7FD53D56FCDFD97520A1B849D0F30BF45C Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/caa7d407-5b15-4761-9d49-f36ba2078f3c.roa Signing time: Tue 02 Sep 2025 00:40:13 +0000 ROA not before: Tue 02 Sep 2025 00:40:13 +0000 ROA not after: Tue 07 Oct 2025 23:59:59 +0000 asID: 801 IP address blocks: 35.96.18.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Sat 20 Sep 2025 17:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:78:ba:7f:d5:3d:56:fc:df:d9:75:20:a1:b8:49:d0:f3:0b:f4:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c Validity Not Before: Sep 2 00:40:13 2025 GMT Not After : Oct 7 23:59:59 2025 GMT Subject: serialNumber=2e6943971a150be3ab70ff66e74098169f5de30f50c770c3d1d009b3488fcdee, CN=8cd8442f-235f-4171-84e6-8e1007a64c60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:17:4e:34:94:51:83:d0:73:cc:40:bb:ec:17: f2:7e:22:02:a6:a7:bf:0a:ae:79:f6:7b:fe:63:dc: 0c:e5:c4:93:0a:33:9b:5b:fc:53:ae:13:21:75:b1: 19:1c:9d:cd:0f:72:60:b8:ae:e9:2a:01:35:d1:08: 62:81:84:70:1f:c3:17:2e:30:b5:f7:f5:0e:7d:18: 46:bc:ed:45:2a:5a:90:08:e7:37:bc:a4:b6:a9:7b: 2e:a2:9a:51:f8:aa:2f:aa:5d:30:c3:5b:34:83:07: 71:c9:1f:b9:c2:91:ac:a4:8c:3b:a0:fe:2a:68:b6: 63:20:fc:60:31:83:ac:d3:d4:89:fe:5d:58:43:43: 58:b0:87:04:ce:df:bd:46:1d:3d:2a:bd:9b:b4:0f: 02:cc:cc:27:3e:31:e4:a0:3f:74:32:a1:14:c2:af: 04:35:e3:09:4e:6f:f3:de:84:06:bc:87:dd:ed:73: f0:38:f5:94:bd:a2:9a:9e:3f:95:86:c1:17:f0:3a: 2c:67:e7:58:84:b9:24:ba:2a:1b:14:52:4e:44:b6: ee:23:b7:c4:0c:65:1c:58:38:8f:78:f7:73:a5:27: d2:c2:26:7d:34:bf:ac:0e:cb:5e:01:5e:54:8e:04: 2d:80:57:66:9b:8a:42:42:53:18:16:91:c5:7d:b4: c8:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:F0:4B:DA:94:24:C0:D3:AB:E4:16:3E:71:B2:A4:93:3C:F7:2A:4A X509v3 Authority Key Identifier: keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/caa7d407-5b15-4761-9d49-f36ba2078f3c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 35.96.18.0/23 Signature Algorithm: sha256WithRSAEncryption 84:b0:d7:cf:36:22:37:d5:25:83:4c:b4:7b:82:54:51:da:0d: d1:30:39:20:cd:56:c6:79:27:07:b0:34:fc:e8:0a:07:22:45: bd:c0:16:51:f7:89:8c:ef:25:d0:f8:e1:cb:c8:3b:84:30:c4: 97:f9:97:0b:31:64:10:d7:f5:66:01:db:a5:9e:7c:39:9c:b3: 43:38:e1:a2:03:fc:0c:bf:75:16:2b:90:96:2c:e2:a2:6a:3f: 46:c9:b2:e9:af:33:65:43:78:8d:78:9d:cc:7d:00:4f:4a:61: 28:49:38:00:dc:fa:3b:c3:80:77:21:4f:9e:a4:cd:82:06:37: 6f:50:0c:74:b5:4e:ad:0f:79:83:89:40:1e:7f:84:ee:85:d6: d2:fe:5c:35:83:a9:ef:5e:ea:ec:ec:59:05:3d:ee:3d:f9:c9: aa:34:bd:4b:be:a5:34:9a:e8:b3:31:99:43:56:91:29:48:a0: 68:1b:fe:00:ba:98:76:07:4f:b2:5a:00:0e:60:91:05:8f:d8: 9c:70:f4:d2:db:57:3e:3a:51:54:6f:8a:aa:21:75:c5:d2:8a: 2b:a7:04:c0:21:7d:1e:a3:ad:f5:88:9f:49:af:6a:d5:4c:a5: 52:1e:16:d2:21:7c:34:b1:82:33:f7:82:09:30:0f:ae:c3:ee: 05:45:ba:70 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUTni6f9U9Vvzf2XUgobhJ0PML9FwwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUwOTAyMDA0MDEzWhcNMjUxMDA3MjM1OTU5 WjB6MUkwRwYDVQQFE0AyZTY5NDM5NzFhMTUwYmUzYWI3MGZmNjZlNzQwOTgxNjlm NWRlMzBmNTBjNzcwYzNkMWQwMDliMzQ4OGZjZGVlMS0wKwYDVQQDEyQ4Y2Q4NDQy Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQC+F040lFGD0HPMQLvsF/J+IgKmp78Krnn2e/5j3AzlxJMK M5tb/FOuEyF1sRkcnc0PcmC4rukqATXRCGKBhHAfwxcuMLX39Q59GEa87UUqWpAI 5ze8pLapey6imlH4qi+qXTDDWzSDB3HJH7nCkaykjDug/ipotmMg/GAxg6zT1In+ XVhDQ1iwhwTO371GHT0qvZu0DwLMzCc+MeSgP3QyoRTCrwQ14wlOb/PehAa8h93t c/A49ZS9opqeP5WGwRfwOixn51iEuSS6KhsUUk5Etu4jt8QMZRxYOI9493OlJ9LC Jn00v6wOy14BXlSOBC2AV2abikJCUxgWkcV9tMjPAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUlPBL2pQkwNOr5BY+cbKkkzz3KkowHwYDVR0jBBgwFoAUasw+faLnbZkR D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00 NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1 Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx MTI5ODY2MzYyL2NhYTdkNDA3LTViMTUtNDc2MS05ZDQ5LWYzNmJhMjA3OGYzYy5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4 LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAEjYBIwDQYJKoZIhvcNAQELBQADggEBAISw1882IjfVJYNMtHuCVFHaDdEw OSDNVsZ5JwewNPzoCgciRb3AFlH3iYzvJdD44cvIO4QwxJf5lwsxZBDX9WYB26We fDmcs0M44aID/Ay/dRYrkJYs4qJqP0bJsumvM2VDeI14ncx9AE9KYShJOADc+jvD gHchT56kzYIGN29QDHS1Tq0PeYOJQB5/hO6F1tL+XDWDqe9e6uzsWQU97j35yao0 vUu+pTSa6LMxmUNWkSlIoGgb/gC6mHYHT7JaAA5gkQWP2Jxw9NLbVz46UVRviqoh dcXSiiunBMAhfR6jrfWIn0mvatVMpVIeFtIhfDSxgjP3ggkwD67D7gVFunA= -----END CERTIFICATE-----Generated at Fri Sep 19 10:37:49 2025 by rpki-client