$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/df8b7abc-0a4f-3be9-b3e3-c5086883b738.roa File: df8b7abc-0a4f-3be9-b3e3-c5086883b738.roa (raw, json) Hash identifier: 8Xrw6wQTgfIvtRgeX193O/b+zyVjbttzLDgFc2eqks0= Subject key identifier: AA:EF:D0:1D:04:8C:9F:87:81:38:16:3B:75:9C:D7:07:D3:35:90:E0 Certificate issuer: /CN=68b287f4-51cf-421c-923b-f0e384de5eea Certificate serial: 010D0C9F4328584B2A2C4064944F446BAD099C80 Authority key identifier: 35:7E:4F:98:41:25:A3:72:03:F5:E2:BA:41:43:AE:4A:FA:E0:BC:1D Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea.cer Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/df8b7abc-0a4f-3be9-b3e3-c5086883b738.roa Signing time: Fri 12 Sep 2025 01:00:32 +0000 ROA not before: Fri 12 Sep 2025 01:00:32 +0000 ROA not after: Thu 11 Dec 2025 02:00:32 +0000 asID: 8069 IP address blocks: 20.33.150.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/68b287f4-51cf-421c-923b-f0e384de5eea.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/68b287f4-51cf-421c-923b-f0e384de5eea.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft rsync://rpki.arin.net/repository/arin-rpki-ta.cer Signature path expires: Tue 21 Oct 2025 14:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:0d:0c:9f:43:28:58:4b:2a:2c:40:64:94:4f:44:6b:ad:09:9c:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68b287f4-51cf-421c-923b-f0e384de5eea Validity Not Before: Sep 12 01:00:32 2025 GMT Not After : Dec 11 02:00:32 2025 GMT Subject: CN=0dddbeb4-9067-42fa-8bda-e033a30b1db4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:0c:cf:b4:3f:f2:a3:f6:e6:a0:b3:7c:ec:e3: 5a:0c:aa:8f:f5:5a:ad:01:b2:da:5a:0d:ba:d7:9b: 9d:ba:e2:4f:f8:44:d4:00:ab:73:0e:8b:b4:6f:80: 37:c4:d6:76:12:b8:29:1e:d7:81:0c:cb:3f:3c:c6: 0b:dc:3a:4e:d2:12:28:de:df:37:22:3f:a0:40:13: 50:22:96:c4:e7:aa:0e:42:d7:bc:94:f4:e4:69:cd: ce:fa:47:1e:73:58:9d:1b:7a:20:fb:58:26:bc:ee: e3:6d:13:58:90:8c:6e:38:97:7d:eb:1a:18:d8:b0: 85:f9:b9:94:51:56:e4:bf:c2:42:3b:cb:55:d0:b5: 23:e4:86:5b:52:78:da:b8:f2:3b:c7:b0:f9:b4:34: c0:43:95:d8:5f:de:77:8c:45:9b:74:27:ed:85:5d: d5:f1:70:69:ef:0e:aa:58:df:70:13:1c:97:c4:cb: b0:68:ce:3e:7e:58:73:df:83:54:b2:8d:62:87:bc: 1d:b4:aa:e5:94:c5:97:b2:91:e6:50:b0:8d:a9:9b: 71:7c:ca:fc:d3:f8:ac:62:ca:e6:12:9c:90:ff:c0: d8:ee:85:a9:bb:9d:1e:05:e4:60:65:9b:7f:ca:52: 8e:0c:43:da:2e:24:5a:e6:c9:42:b7:c2:01:ee:33: 7c:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:EF:D0:1D:04:8C:9F:87:81:38:16:3B:75:9C:D7:07:D3:35:90:E0 Subject Information Access: Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/df8b7abc-0a4f-3be9-b3e3-c5086883b738.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/68b287f4-51cf-421c-923b-f0e384de5eea.crl X509v3 Authority Key Identifier: keyid:35:7E:4F:98:41:25:A3:72:03:F5:E2:BA:41:43:AE:4A:FA:E0:BC:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea.cer sbgp-ipAddrBlock: critical IPv4: 20.33.150.0/24 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.arin.net/resources/rpki/cps.html Signature Algorithm: sha256WithRSAEncryption 0f:93:d2:d0:ec:2e:d7:6a:85:f1:44:78:75:13:39:8f:96:91: c3:43:28:2c:69:9e:48:86:0b:90:e6:96:f3:a2:ba:f5:bf:6c: a9:b2:47:16:3f:8c:9c:0d:1c:0f:66:97:27:ba:1b:fd:c4:d7: 88:a6:4b:6d:6b:f8:ff:e4:f2:93:02:49:89:28:2f:45:c0:bd: cd:c7:6f:b1:df:57:29:c0:d7:a2:8d:da:73:8b:b5:bd:c5:33: fa:6f:78:68:50:38:42:87:bd:7b:bf:e2:10:0e:78:6e:1a:e4: ed:58:b5:2b:18:3c:dc:f6:4f:41:05:7f:20:9a:ba:47:d8:13: 9f:ae:7a:d1:72:fd:73:aa:45:af:5b:1e:0e:83:5e:06:a0:7d: dd:27:fc:3b:51:6c:59:8f:8f:22:b8:60:1b:16:8e:e0:a0:0d: b4:48:48:83:f3:58:33:4a:5f:40:90:cf:55:80:01:5c:31:ca: 46:bd:10:3f:57:19:f0:7f:77:f3:11:81:23:d0:85:e7:b6:1f: 2d:19:0e:62:ae:8d:c4:47:dd:50:de:00:89:04:f8:07:f7:8a: a8:95:13:55:b1:a6:2c:43:aa:73:7d:29:63:4c:4f:91:34:41: c9:a1:b5:05:2b:5e:35:f8:f8:42:fd:d4:39:da:ff:cf:33:63: 83:64:c4:82 -----BEGIN CERTIFICATE----- MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEsqLEBklE9Ea60JnIAwDQYJKoZIhvcNAQEL BQAwLzEtMCsGA1UEAxMkNjhiMjg3ZjQtNTFjZi00MjFjLTkyM2ItZjBlMzg0ZGU1 ZWVhMB4XDTI1MDkxMjAxMDAzMloXDTI1MTIxMTAyMDAzMlowLzEtMCsGA1UEAxMk MGRkZGJlYjQtOTA2Ny00MmZhLThiZGEtZTAzM2EzMGIxZGI0MIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wzPtD/yo/bmoLN87ONaDKqP9VqtAbLaWg26 15uduuJP+ETUAKtzDou0b4A3xNZ2ErgpHteBDMs/PMYL3DpO0hIo3t83Ij+gQBNQ IpbE56oOQte8lPTkac3O+kcec1idG3og+1gmvO7jbRNYkIxuOJd96xoY2LCF+bmU UVbkv8JCO8tV0LUj5IZbUnjauPI7x7D5tDTAQ5XYX953jEWbdCfthV3V8XBp7w6q WN9wExyXxMuwaM4+flhz34NUso1ih7wdtKrllMWXspHmULCNqZtxfMr80/isYsrm EpyQ/8DY7oWpu50eBeRgZZt/ylKODEPaLiRa5slCt8IB7jN8EQIDAQABo4IDVTCC A1EwHQYDVR0OBBYEFKrv0B0EjJ+HgTgWO3Wc1wfTNZDgMIHlBggrBgEFBQcBCwSB 2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS82OGIy ODdmNC01MWNmLTQyMWMtOTIzYi1mMGUzODRkZTVlZWEvZGY4YjdhYmMtMGE0Zi0z YmU5LWIzZTMtYzUwODY4ODNiNzM4LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvNjhiMjg3ZjQtNTFjZi00MjFjLTky M2ItZjBlMzg0ZGU1ZWVhLzY4YjI4N2Y0LTUxY2YtNDIxYy05MjNiLWYwZTM4NGRl NWVlYS5jcmwwHwYDVR0jBBgwFoAUNX5PmEElo3ID9eK6QUOuSvrgvB0wDgYDVR0P AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz OS1hMmYzLTYyOTlhM2IwMmUyOS82OGIyODdmNC01MWNmLTQyMWMtOTIzYi1mMGUz ODRkZTVlZWEuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAFCGWMFQG A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93 d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL BQADggEBAA+T0tDsLtdqhfFEeHUTOY+WkcNDKCxpnkiGC5DmlvOiuvW/bKmyRxY/ jJwNHA9mlye6G/3E14imS21r+P/k8pMCSYkoL0XAvc3Hb7HfVynA16KN2nOLtb3F M/pveGhQOEKHvXu/4hAOeG4a5O1YtSsYPNz2T0EFfyCaukfYE5+uetFy/XOqRa9b Hg6DXgagfd0n/DtRbFmPjyK4YBsWjuCgDbRISIPzWDNKX0CQz1WAAVwxyka9ED9X GfB/d/MRgSPQhee2Hy0ZDmKujcRH3VDeAIkE+Af3iqiVE1WxpixDqnN9KWNMT5E0 QcmhtQUrXjX4+EL91Dna/88zY4NkxII= -----END CERTIFICATE-----Generated at Mon Oct 20 15:51:27 2025 by rpki-client