$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/fcabc937-df80-4df7-95c8-bde2ef225d55.roa File: fcabc937-df80-4df7-95c8-bde2ef225d55.roa (raw, json) Hash identifier: yUjnRBq1GjfbchdFjXhHO6xVV3nU1RZ0wslcGGoir3o= Subject key identifier: D4:B5:D9:42:A8:FA:18:C1:0D:76:9F:8B:30:7A:00:64:51:CA:33:E0 Certificate issuer: /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c Certificate serial: 03354D72755310CB2BD6B242B58261018113A662 Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8 Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/fcabc937-df80-4df7-95c8-bde2ef225d55.roa Signing time: Mon 13 Oct 2025 17:55:01 +0000 ROA not before: Mon 13 Oct 2025 17:55:01 +0000 ROA not after: Mon 17 Nov 2025 23:59:59 +0000 asID: 16509 IP address blocks: 35.96.48.0/20 maxlen: 20 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/6755970c-4747-499d-9774-5e1308c501a7.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/0357272c-a79a-45bf-9586-92dd49ef3223.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Tue 21 Oct 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:35:4d:72:75:53:10:cb:2b:d6:b2:42:b5:82:61:01:81:13:a6:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c Validity Not Before: Oct 13 17:55:01 2025 GMT Not After : Nov 17 23:59:59 2025 GMT Subject: serialNumber=e6179cc8ef7ec621e21f8718353912da8b17e1c77d053dd64f7ff34ee9f31d00, CN=8cd8442f-235f-4171-84e6-8e1007a64c60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:ee:aa:a4:78:6c:3e:91:32:70:eb:4b:30:56: b0:a7:76:6d:29:0f:3c:e4:08:8c:0f:1d:7f:60:2c: f0:b7:47:e5:34:05:ed:c4:fa:fc:55:ff:23:68:f3: 81:17:51:4d:cc:f0:9a:93:39:32:45:a7:5a:5b:b3: d4:20:52:71:98:29:b8:a8:38:4d:93:6a:15:2d:3d: 2e:1c:bf:bd:10:e4:9f:1e:ac:97:35:95:4a:d0:ae: 72:6b:4e:2c:97:fd:84:ae:8e:63:ff:16:07:de:a8: ec:76:d3:9f:ae:13:5e:20:54:bb:14:28:06:61:f2: e1:70:18:66:62:10:c4:c0:30:bd:4c:e5:77:79:18: dd:64:94:7f:f0:54:a4:d4:61:a5:6c:da:26:b7:8d: 5a:49:77:89:e7:5e:06:c4:db:10:5a:bf:7e:1a:70: b9:2c:68:67:ca:17:e6:85:a3:66:3f:ae:48:78:23: 57:d0:df:97:5a:b6:22:59:1f:59:e6:6b:ed:d4:ed: 9a:69:ab:c6:00:1d:3b:bd:89:92:34:36:89:38:cc: df:04:1e:92:4a:7c:03:48:49:df:f7:e4:a0:21:c3: e3:55:62:4f:83:f6:84:5e:4c:fe:ab:62:81:11:e4: 8e:86:fc:62:f4:94:ca:44:f9:01:2c:bb:00:ad:69: b8:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:B5:D9:42:A8:FA:18:C1:0D:76:9F:8B:30:7A:00:64:51:CA:33:E0 X509v3 Authority Key Identifier: keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/fcabc937-df80-4df7-95c8-bde2ef225d55.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 35.96.48.0/20 Signature Algorithm: sha256WithRSAEncryption 28:5a:ee:3c:95:4f:5d:96:9c:8c:1c:7b:98:3c:f5:9e:35:e0: c1:09:33:81:78:18:51:2f:82:1a:ea:a4:db:9b:d9:57:33:e7: 3f:7f:f1:8e:4f:c6:8d:0b:5c:cf:d4:7c:bf:82:95:23:49:39: 24:48:af:89:e4:92:64:78:c1:7e:5a:57:ab:0e:ad:97:f3:c5: b3:ad:74:e1:49:78:ec:e8:96:84:a4:d6:57:cc:c5:07:04:f9: 06:5c:24:9b:da:68:b4:e5:2b:03:35:7f:3e:0c:2c:6a:51:b8: 68:0d:16:c1:64:6c:e2:90:82:7e:4d:f0:58:ac:4d:7e:38:25: 58:b2:08:7f:86:0b:af:af:36:15:3a:59:9f:b4:41:2b:06:74: 2d:71:72:6b:6d:dc:d7:03:08:0c:a2:b2:27:03:05:15:e2:c2: 3b:62:ca:da:2b:38:46:ab:ad:c3:85:fe:76:dd:8e:05:9e:e6: 17:40:0d:da:d4:6f:bf:be:aa:93:6c:16:3c:c8:94:e7:cf:4d: 80:59:e4:c0:22:d3:86:83:fb:98:83:fb:ee:28:41:59:4c:92: 30:61:4b:31:3f:89:30:a8:83:74:4d:cc:59:bb:c7:d8:2b:85: e7:a6:09:88:a2:a3:ff:67:3c:52:74:ed:37:b6:43:4d:70:df: 0a:3a:13:87 -----BEGIN CERTIFICATE----- MIIF+DCCBOCgAwIBAgIUAzVNcnVTEMsr1rJCtYJhAYETpmIwDQYJKoZIhvcNAQEL BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUxMDEzMTc1NTAxWhcNMjUxMTE3MjM1OTU5 WjB6MUkwRwYDVQQFE0BlNjE3OWNjOGVmN2VjNjIxZTIxZjg3MTgzNTM5MTJkYThi MTdlMWM3N2QwNTNkZDY0ZjdmZjM0ZWU5ZjMxZDAwMS0wKwYDVQQDEyQ4Y2Q4NDQy Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCX7qqkeGw+kTJw60swVrCndm0pDzzkCIwPHX9gLPC3R+U0 Be3E+vxV/yNo84EXUU3M8JqTOTJFp1pbs9QgUnGYKbioOE2TahUtPS4cv70Q5J8e rJc1lUrQrnJrTiyX/YSujmP/FgfeqOx205+uE14gVLsUKAZh8uFwGGZiEMTAML1M 5Xd5GN1klH/wVKTUYaVs2ia3jVpJd4nnXgbE2xBav34acLksaGfKF+aFo2Y/rkh4 I1fQ35datiJZH1nma+3U7Zppq8YAHTu9iZI0Nok4zN8EHpJKfANISd/35KAhw+NV Yk+D9oReTP6rYoER5I6G/GL0lMpE+QEsuwCtabjtAgMBAAGjggKxMIICrTAdBgNV HQ4EFgQU1LXZQqj6GMENdp+LMHoAZFHKM+AwHwYDVR0jBBgwFoAUasw+faLnbZkR D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB 4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00 NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1 Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx MTI5ODY2MzYyL2ZjYWJjOTM3LWRmODAtNGRmNy05NWM4LWJkZTJlZjIyNWQ1NS5y b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4 LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAQjYDAwDQYJKoZIhvcNAQELBQADggEBACha7jyVT12WnIwce5g89Z414MEJ M4F4GFEvghrqpNub2Vcz5z9/8Y5Pxo0LXM/UfL+ClSNJOSRIr4nkkmR4wX5aV6sO rZfzxbOtdOFJeOzoloSk1lfMxQcE+QZcJJvaaLTlKwM1fz4MLGpRuGgNFsFkbOKQ gn5N8FisTX44JViyCH+GC6+vNhU6WZ+0QSsGdC1xcmtt3NcDCAyisicDBRXiwjti ytorOEarrcOF/nbdjgWe5hdADdrUb7++qpNsFjzIlOfPTYBZ5MAi04aD+5iD++4o QVlMkjBhSzE/iTCog3RNzFm7x9grheemCYiio/9nPFJ07Te2Q01w3wo6E4c= -----END CERTIFICATE-----Generated at Mon Oct 20 13:44:01 2025 by rpki-client