$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2e40ee0b-9aa9-4919-a079-9712212e127c.roa File: 2e40ee0b-9aa9-4919-a079-9712212e127c.roa (raw, json) Hash identifier: HifPHeBwsO/AlIR45rsqvzHRP4MIeEvu4rBsdIj34M0= Subject key identifier: F5:0A:0C:6A:6F:B2:37:F3:5B:C7:6B:77:DF:31:92:B1:26:23:73:34 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 69F92D4F95FC074D344B9C14F7C118ABC40DAFD4 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2e40ee0b-9aa9-4919-a079-9712212e127c.roa Signing time: Wed 25 Feb 2026 00:00:13 +0000 ROA not before: Wed 25 Feb 2026 00:00:13 +0000 ROA not after: Tue 26 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.232.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:f9:2d:4f:95:fc:07:4d:34:4b:9c:14:f7:c1:18:ab:c4:0d:af:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Feb 25 00:00:13 2026 GMT Not After : May 26 23:59:59 2026 GMT Subject: serialNumber=f6a1defd72e5ff590c0dc8167de984855d2eedc798a3d37fd896a014c19359cb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:05:fe:c4:2c:b8:64:0d:c4:13:be:f1:3a:b3: e2:93:eb:28:0e:dc:69:16:89:99:bf:35:be:08:04: 53:d7:d6:21:55:2e:1f:8f:00:ea:80:7e:c9:90:85: a6:de:7a:e8:9f:9d:4e:40:20:1f:6d:08:0c:6d:f0: 37:1a:3d:a9:14:a0:d9:ad:44:2c:50:eb:0a:f2:ef: 2d:a7:1b:3e:38:ec:78:03:d3:a6:fa:9b:20:b5:0f: 20:ec:d4:92:d8:99:ea:d8:62:c9:24:8a:0e:ff:eb: 87:0d:9f:57:c7:f4:d1:21:a9:4e:fa:e2:91:fd:98: 12:19:f1:b1:a0:d8:de:28:e3:5f:6a:b8:6e:5f:73: 30:d7:12:ac:07:29:7b:a5:25:1b:e0:bf:56:f8:e1: cb:ee:05:ed:2f:59:65:6b:4a:b2:92:ca:bf:8e:63: 2d:41:99:06:d3:6c:fb:41:8e:55:ff:d7:66:2b:81: fd:0c:8b:0a:62:6f:1b:24:42:35:4d:d1:c9:e5:b0: d0:2b:f1:b2:73:56:c8:2c:4c:81:d3:70:00:24:d4: 9e:b6:15:3e:be:d9:9a:ac:1b:50:6d:da:81:64:01: 65:45:80:d9:36:42:d9:19:8b:38:ca:89:7e:92:cb: d6:6e:c4:a8:5d:7d:c5:48:d2:f8:5c:27:cd:59:4c: 37:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:0A:0C:6A:6F:B2:37:F3:5B:C7:6B:77:DF:31:92:B1:26:23:73:34 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2e40ee0b-9aa9-4919-a079-9712212e127c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.232.0/21 Signature Algorithm: sha256WithRSAEncryption 28:ad:2e:b5:29:cc:a9:5f:1e:b8:79:85:4b:7c:53:43:4d:00: 88:57:0f:a0:97:b5:89:72:f9:d2:1b:5e:9e:fe:a5:6e:f9:3e: e1:fd:c6:b5:2a:28:2d:17:9e:0b:a1:67:6c:b1:1b:1c:f1:63: 2b:68:aa:76:52:e5:5a:26:3a:db:3e:83:55:60:70:a2:99:2f: 26:ef:2b:42:83:4b:23:34:dd:ff:76:33:41:28:e7:2f:8d:cd: dc:ff:d6:2a:16:59:ee:6d:94:c6:a8:2f:74:aa:37:6f:a0:ff: ee:57:17:eb:e4:a5:90:86:90:18:88:09:e8:a8:68:38:2a:17: f8:e6:ac:7b:eb:84:15:3f:b8:64:05:7d:80:f1:9f:f1:64:63: 1b:b8:43:3d:e5:d4:84:67:b9:32:6a:83:a7:82:de:3e:fa:c1: cf:a8:38:af:5c:f9:da:35:77:6a:ed:df:07:c9:4b:e1:5c:73: 36:e9:d0:6e:61:9e:12:32:93:35:3e:03:32:d3:a2:c3:aa:4d: e1:89:40:4d:9e:e6:5d:bd:64:49:9c:58:65:d1:cd:cb:1c:2e: 53:bf:82:28:4b:52:74:a5:e3:e1:73:42:ec:7a:8b:93:51:d3: 55:9f:53:c7:7f:f8:1a:9a:6b:b9:4c:ec:cc:b2:42:dd:4d:dc: 6e:98:3c:75 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUafktT5X8B000S5wU98EYq8QNr9QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI2MDIyNTAwMDAxM1oX DTI2MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAZjZhMWRlZmQ3MmU1ZmY1OTBjMGRj ODE2N2RlOTg0ODU1ZDJlZWRjNzk4YTNkMzdmZDg5NmEwMTRjMTkzNTljYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgX+xCy4ZA3EE77xOrPik+soDtxp FomZvzW+CART19YhVS4fjwDqgH7JkIWm3nron51OQCAfbQgMbfA3Gj2pFKDZrUQs UOsK8u8tpxs+OOx4A9Om+psgtQ8g7NSS2Jnq2GLJJIoO/+uHDZ9Xx/TRIalO+uKR /ZgSGfGxoNjeKONfarhuX3Mw1xKsByl7pSUb4L9W+OHL7gXtL1lla0qyksq/jmMt QZkG02z7QY5V/9dmK4H9DIsKYm8bJEI1TdHJ5bDQK/Gyc1bILEyB03AAJNSethU+ vtmarBtQbdqBZAFlRYDZNkLZGYs4yol+ksvWbsSoXX3FSNL4XCfNWUw35wIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPUKDGpvsjfzW8drd98xkrEmI3M0MB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJlNDBlZTBiLTlhYTktNDkxOS1hMDc5LTk3MTIyMTJlMTI3Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/joMA0GCSqGSIb3DQEBCwUAA4IBAQAorS61KcypXx64eYVLfFND TQCIVw+gl7WJcvnSG16e/qVu+T7h/ca1KigtF54LoWdssRsc8WMraKp2UuVaJjrb PoNVYHCimS8m7ytCg0sjNN3/djNBKOcvjc3c/9YqFlnubZTGqC90qjdvoP/uVxfr 5KWQhpAYiAnoqGg4Khf45qx764QVP7hkBX2A8Z/xZGMbuEM95dSEZ7kyaoOngt4+ +sHPqDivXPnaNXdq7d8HyUvhXHM26dBuYZ4SMpM1PgMy06LDqk3hiUBNnuZdvWRJ nFhl0c3LHC5Tv4IoS1J0pePhc0LseouTUdNVn1PHf/gammu5TOzMskLdTdxumDx1 -----END CERTIFICATE-----Generated at Mon Mar 2 21:10:10 2026 by rpki-client