$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/cb336a48-8f3f-4a38-8d83-16df977c3695.roa File: cb336a48-8f3f-4a38-8d83-16df977c3695.roa (raw, json) Hash identifier: 3JolwXCjXcoE9qflXhDRjB4pqFuzz/tVcgaIrzCLA/s= Subject key identifier: AC:24:20:15:FB:4F:52:94:08:2F:09:87:8B:C5:D0:CA:FC:03:73:51 Certificate issuer: /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c Certificate serial: 0F8CCF5B310C15B7B74298EF7995A27CB57178C6 Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/cb336a48-8f3f-4a38-8d83-16df977c3695.roa Signing time: Fri 04 Jul 2025 18:30:18 +0000 ROA not before: Fri 04 Jul 2025 18:30:18 +0000 ROA not after: Fri 08 Aug 2025 23:59:59 +0000 asID: 801 IP address blocks: 35.96.39.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Mon 07 Jul 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:8c:cf:5b:31:0c:15:b7:b7:42:98:ef:79:95:a2:7c:b5:71:78:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c Validity Not Before: Jul 4 18:30:18 2025 GMT Not After : Aug 8 23:59:59 2025 GMT Subject: serialNumber=2d60380bbbfb0c7b93d556b481ec7826d7503702d9ca40edb375be27277723ff, CN=8cd8442f-235f-4171-84e6-8e1007a64c60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:75:3d:79:10:27:29:36:2d:2d:fd:72:73:c9: 4c:38:08:14:f1:1c:60:d7:30:e7:cf:10:9f:7f:06: d6:62:f2:ec:2e:07:d1:2e:9a:99:bc:91:99:35:a2: bf:b5:b4:32:0c:8b:18:a9:c6:ec:fa:fd:30:5a:21: 0e:7f:16:01:57:d4:f8:85:88:e6:a4:01:53:ae:f4: 42:f9:75:be:c3:7d:5e:4f:c8:08:46:0c:06:24:9a: 79:2e:50:3e:0a:53:16:d6:a9:ac:ea:0b:75:ed:0c: 65:4b:09:78:06:fb:d7:73:78:de:21:ee:8d:f6:32: 6b:7f:1c:4c:5b:68:53:63:82:32:97:25:1b:3e:17: 05:ad:4b:d0:c2:85:0c:f7:b0:6d:eb:10:d2:d5:6b: 0a:c3:19:a9:ea:a1:49:91:f5:82:bf:55:9c:07:78: 42:9b:86:61:e4:c5:8a:f1:bd:0d:4c:f8:c7:d3:4b: 50:f0:20:a1:07:2b:1b:70:14:87:4c:2c:78:d9:e4: 55:e9:89:af:61:68:e5:40:35:70:9d:3f:d9:5a:a1: 8c:2a:5f:4c:02:32:37:8d:8d:31:f1:36:7e:e5:e2: d3:af:22:f3:b2:a6:23:10:18:7b:c1:a1:e3:36:21: ec:89:9a:82:b5:49:1e:c7:30:73:7c:b6:97:75:30: 28:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:24:20:15:FB:4F:52:94:08:2F:09:87:8B:C5:D0:CA:FC:03:73:51 X509v3 Authority Key Identifier: keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/cb336a48-8f3f-4a38-8d83-16df977c3695.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 35.96.39.0/24 Signature Algorithm: sha256WithRSAEncryption 59:02:13:1a:6a:a7:f7:04:43:fe:60:d7:6a:f7:a8:ee:39:4a: 10:55:b1:5d:54:4e:75:f2:0c:21:af:3e:a6:0d:13:04:b7:5b: 8b:e3:ce:71:6c:05:f5:d5:eb:56:27:44:78:aa:25:6e:3e:fb: ca:01:e9:da:4e:b3:69:1a:b3:0b:2a:a2:9e:15:3d:cc:ee:6d: 34:9a:ad:00:dd:42:43:de:22:d5:63:f4:fa:42:35:2c:c1:62: 19:5c:05:8c:10:b8:0d:8e:7e:d2:c2:6b:10:6c:da:26:00:0c: d8:ee:70:02:b7:bc:97:a0:a5:8d:c8:76:76:44:79:6d:03:5a: cd:e4:96:d2:ac:63:32:b8:cf:e1:0c:cd:c7:a4:41:1f:4f:3e: cd:6a:bb:13:8d:68:07:3c:e6:c8:62:d2:ef:9c:de:ec:5d:bf: 2a:1c:d0:6b:09:95:68:01:29:f9:fc:c0:4c:68:f7:2c:cf:31: 45:b1:ec:82:db:cf:ea:e3:a4:b8:27:2c:c7:3f:cc:89:ad:15: 19:9e:f1:c1:84:ff:30:c6:84:a2:2d:8e:e9:e2:f8:07:c5:03: 34:b4:b0:94:6b:a4:82:42:73:2c:5d:e1:06:6b:59:72:a5:ec: 27:1c:00:92:28:ec:f9:5e:47:f8:a9:00:21:0f:78:2f:38:4e: 86:a0:df:00 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUD4zPWzEMFbe3QpjveZWifLVxeMYwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUwNzA0MTgzMDE4WhcNMjUwODA4MjM1OTU5 WjB6MUkwRwYDVQQFE0AyZDYwMzgwYmJiZmIwYzdiOTNkNTU2YjQ4MWVjNzgyNmQ3 NTAzNzAyZDljYTQwZWRiMzc1YmUyNzI3NzcyM2ZmMS0wKwYDVQQDEyQ4Y2Q4NDQy Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQC8dT15ECcpNi0t/XJzyUw4CBTxHGDXMOfPEJ9/BtZi8uwu B9Eumpm8kZk1or+1tDIMixipxuz6/TBaIQ5/FgFX1PiFiOakAVOu9EL5db7DfV5P yAhGDAYkmnkuUD4KUxbWqazqC3XtDGVLCXgG+9dzeN4h7o32Mmt/HExbaFNjgjKX JRs+FwWtS9DChQz3sG3rENLVawrDGanqoUmR9YK/VZwHeEKbhmHkxYrxvQ1M+MfT S1DwIKEHKxtwFIdMLHjZ5FXpia9haOVANXCdP9laoYwqX0wCMjeNjTHxNn7l4tOv IvOypiMQGHvBoeM2IeyJmoK1SR7HMHN8tpd1MCivAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQUrCQgFftPUpQILwmHi8XQyvwDc1EwHwYDVR0jBBgwFoAUasw+faLnbZkR D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00 NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1 Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx MTI5ODY2MzYyL2NiMzM2YTQ4LThmM2YtNGEzOC04ZDgzLTE2ZGY5NzdjMzY5NS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4 LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAAjYCcwDQYJKoZIhvcNAQELBQADggEBAFkCExpqp/cEQ/5g12r3qO45ShBV sV1UTnXyDCGvPqYNEwS3W4vjznFsBfXV61YnRHiqJW4++8oB6dpOs2kaswsqop4V PczubTSarQDdQkPeItVj9PpCNSzBYhlcBYwQuA2OftLCaxBs2iYADNjucAK3vJeg pY3IdnZEeW0DWs3kltKsYzK4z+EMzcekQR9PPs1quxONaAc85shi0u+c3uxdvyoc 0GsJlWgBKfn8wExo9yzPMUWx7ILbz+rjpLgnLMc/zImtFRme8cGE/zDGhKItjuni +AfFAzS0sJRrpIJCcyxd4QZrWXKl7CccAJIo7PleR/ipACEPeC84Toag3wA= -----END CERTIFICATE-----Generated at Sun Jul 6 08:06:24 2025 by rpki-client