$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/294e9347-de22-31e7-bfc5-75bd383b4a41.roa File: 294e9347-de22-31e7-bfc5-75bd383b4a41.roa (raw, json) Hash identifier: 6mpwQpMXyRT0oXLEthgHQqD7FhVksmC2edeH9EdUGxM= Subject key identifier: D5:92:87:21:B9:00:87:12:35:6A:3B:7B:FE:E7:4A:2E:AF:0A:DD:1C Certificate issuer: /CN=68b287f4-51cf-421c-923b-f0e384de5eea Certificate serial: 010D0C9F4328584AFAB6885541F246672B7B60F8 Authority key identifier: 35:7E:4F:98:41:25:A3:72:03:F5:E2:BA:41:43:AE:4A:FA:E0:BC:1D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea.cer Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/294e9347-de22-31e7-bfc5-75bd383b4a41.roa Signing time: Tue 26 Aug 2025 01:00:32 +0000 ROA not before: Tue 26 Aug 2025 01:00:32 +0000 ROA not after: Mon 24 Nov 2025 02:00:32 +0000 asID: 8069 IP address blocks: 20.33.109.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/68b287f4-51cf-421c-923b-f0e384de5eea.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/68b287f4-51cf-421c-923b-f0e384de5eea.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Wed 27 Aug 2025 21:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:0d:0c:9f:43:28:58:4a:fa:b6:88:55:41:f2:46:67:2b:7b:60:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68b287f4-51cf-421c-923b-f0e384de5eea Validity Not Before: Aug 26 01:00:32 2025 GMT Not After : Nov 24 02:00:32 2025 GMT Subject: CN=01a6d360-a253-42ab-8ee1-b85265eb7056 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:b9:54:d2:37:09:bb:d3:a4:cd:f3:f8:61:a5: 5b:ce:c6:95:b0:32:7c:a8:49:d9:a6:d9:6d:00:61: c6:d7:c1:33:67:96:c8:ac:74:2a:6e:bc:05:56:ec: a7:ad:0a:d9:15:ce:de:ae:99:cf:ff:18:d5:df:1c: 83:68:c2:15:e0:15:be:c3:3e:d4:a4:3f:5d:47:ee: 4d:db:17:78:07:5c:ae:63:bd:07:80:15:15:bc:be: c6:1f:6f:05:57:39:84:54:50:b8:2f:f0:47:5b:04: e2:8f:eb:bf:f2:dd:e5:64:a2:62:84:1f:ad:48:3a: 7b:ce:91:d8:b0:dc:79:b9:d6:13:53:bf:40:4b:fd: 61:40:9e:12:0c:e5:15:29:e4:3d:3b:65:cc:33:1f: 4c:65:0f:b7:29:4c:54:b5:17:bb:93:29:9c:64:1c: a0:99:99:79:fb:53:21:97:9e:ea:4a:6b:68:96:ec: ec:4a:4f:54:64:18:ec:0a:58:2e:e2:08:6d:2b:93: 62:72:66:e8:b1:d7:f3:8c:05:6c:81:f6:95:a3:a0: 08:51:ec:d5:62:63:a6:59:a6:60:cd:1c:2d:40:fb: 2c:12:41:3e:9a:75:13:36:31:33:30:9b:4a:f9:d1: 3e:fe:cd:bb:40:92:5c:3e:f6:65:c1:51:fd:4e:e7: 1a:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:92:87:21:B9:00:87:12:35:6A:3B:7B:FE:E7:4A:2E:AF:0A:DD:1C Subject Information Access: Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/294e9347-de22-31e7-bfc5-75bd383b4a41.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/68b287f4-51cf-421c-923b-f0e384de5eea.crl X509v3 Authority Key Identifier: keyid:35:7E:4F:98:41:25:A3:72:03:F5:E2:BA:41:43:AE:4A:FA:E0:BC:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea.cer sbgp-ipAddrBlock: critical IPv4: 20.33.109.0/24 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.arin.net/resources/rpki/cps.html Signature Algorithm: sha256WithRSAEncryption 31:00:ff:0d:3a:73:d7:80:5b:9a:70:82:40:50:d2:63:26:5a: 3f:19:41:51:c6:25:ec:10:59:b0:8a:39:54:34:4e:cf:66:95: 05:90:5a:9e:45:22:7e:cc:78:ee:cf:bf:57:07:af:b8:96:a4: 0d:2b:d8:c2:80:5d:c9:e4:f3:24:2a:db:9a:a8:fc:34:e4:bd: e4:4f:2d:e1:d3:c1:d2:ba:e9:78:49:87:cf:1f:e9:ea:65:81: 6d:55:48:7e:59:9a:27:63:0e:29:a8:01:07:7f:80:a3:7f:44: 01:c2:61:de:cf:96:b2:1c:55:85:02:7f:f3:39:49:00:83:82: 45:52:da:0b:d8:d8:04:63:4b:6e:8a:f8:d3:cc:12:8d:8d:0c: 17:2f:17:62:6a:fe:42:30:b2:81:ab:da:82:a4:de:47:c1:7f: fb:71:50:0e:a5:18:4d:23:a3:76:f1:fa:ec:2c:10:b8:41:27: 74:f0:fa:d3:35:9e:7c:2a:6c:9f:a8:57:db:07:c5:50:c3:38: 4b:8b:cd:e0:75:b9:4a:1f:fc:a1:c4:bc:c1:1a:e7:04:68:74: 00:38:3d:fe:78:56:b6:65:00:10:df:70:db:86:16:9f:a0:7d: c8:ae:64:d0:f9:d9:1c:ea:94:f0:d8:89:66:ca:e3:e7:23:6a: 3c:32:fe:b4 -----BEGIN CERTIFICATE----- MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEr6tohVQfJGZyt7YPgwDQYJKoZIhvcNAQEL BQAwLzEtMCsGA1UEAxMkNjhiMjg3ZjQtNTFjZi00MjFjLTkyM2ItZjBlMzg0ZGU1 ZWVhMB4XDTI1MDgyNjAxMDAzMloXDTI1MTEyNDAyMDAzMlowLzEtMCsGA1UEAxMk MDFhNmQzNjAtYTI1My00MmFiLThlZTEtYjg1MjY1ZWI3MDU2MIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLlU0jcJu9OkzfP4YaVbzsaVsDJ8qEnZptlt AGHG18EzZ5bIrHQqbrwFVuynrQrZFc7erpnP/xjV3xyDaMIV4BW+wz7UpD9dR+5N 2xd4B1yuY70HgBUVvL7GH28FVzmEVFC4L/BHWwTij+u/8t3lZKJihB+tSDp7zpHY sNx5udYTU79AS/1hQJ4SDOUVKeQ9O2XMMx9MZQ+3KUxUtRe7kymcZBygmZl5+1Mh l57qSmtoluzsSk9UZBjsClgu4ghtK5NicmbosdfzjAVsgfaVo6AIUezVYmOmWaZg zRwtQPssEkE+mnUTNjEzMJtK+dE+/s27QJJcPvZlwVH9TucaXQIDAQABo4IDVTCC A1EwHQYDVR0OBBYEFNWShyG5AIcSNWo7e/7nSi6vCt0cMIHlBggrBgEFBQcBCwSB 2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS82OGIy ODdmNC01MWNmLTQyMWMtOTIzYi1mMGUzODRkZTVlZWEvMjk0ZTkzNDctZGUyMi0z MWU3LWJmYzUtNzViZDM4M2I0YTQxLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvNjhiMjg3ZjQtNTFjZi00MjFjLTky M2ItZjBlMzg0ZGU1ZWVhLzY4YjI4N2Y0LTUxY2YtNDIxYy05MjNiLWYwZTM4NGRl NWVlYS5jcmwwHwYDVR0jBBgwFoAUNX5PmEElo3ID9eK6QUOuSvrgvB0wDgYDVR0P AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz OS1hMmYzLTYyOTlhM2IwMmUyOS82OGIyODdmNC01MWNmLTQyMWMtOTIzYi1mMGUz ODRkZTVlZWEuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAFCFtMFQG A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93 d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL BQADggEBADEA/w06c9eAW5pwgkBQ0mMmWj8ZQVHGJewQWbCKOVQ0Ts9mlQWQWp5F In7MeO7Pv1cHr7iWpA0r2MKAXcnk8yQq25qo/DTkveRPLeHTwdK66XhJh88f6epl gW1VSH5ZmidjDimoAQd/gKN/RAHCYd7PlrIcVYUCf/M5SQCDgkVS2gvY2ARjS26K +NPMEo2NDBcvF2Jq/kIwsoGr2oKk3kfBf/txUA6lGE0jo3bx+uwsELhBJ3Tw+tM1 nnwqbJ+oV9sHxVDDOEuLzeB1uUof/KHEvMEa5wRodAA4Pf54VrZlABDfcNuGFp+g fciuZND52RzqlPDYiWbK4+cjajwy/rQ= -----END CERTIFICATE-----Generated at Tue Aug 26 06:48:39 2025 by rpki-client