$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa File: 3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa (raw, json) Hash identifier: dXBg2t9Rc27bMuDurzNxUcsK/TwKsHlPOvFnpp5aTVE= Subject key identifier: CD:C0:F7:92:09:B2:D8:A4:0A:CC:A1:D9:33:DE:F3:F5:3C:C0:68:39 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 77ABFA105E19B3BDFEDA8413F469D1D59FE8B199 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa Signing time: Thu 26 Feb 2026 00:00:13 +0000 ROA not before: Thu 26 Feb 2026 00:00:13 +0000 ROA not after: Wed 27 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 160.235.0.0/16 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:ab:fa:10:5e:19:b3:bd:fe:da:84:13:f4:69:d1:d5:9f:e8:b1:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Feb 26 00:00:13 2026 GMT Not After : May 27 23:59:59 2026 GMT Subject: serialNumber=3483f26242ec5fa716229bb8cd85678a9a7fa6e3b5dae87495311f6f473c55c1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:3a:c4:28:2d:b5:97:2e:f5:61:4f:2f:ce:29: 96:e1:d3:fe:be:93:ef:9b:60:4a:95:b6:47:50:86: c4:56:89:fb:18:6b:92:d0:28:56:66:dc:bf:d6:6d: 26:28:14:91:ef:63:39:2b:95:6a:75:1b:a0:51:c5: 4e:61:31:d7:ff:7d:c4:c5:a1:ae:ce:a6:66:e4:1f: b6:87:6a:cb:8c:16:a0:83:29:d5:e3:65:3a:e6:35: b4:09:03:be:45:10:37:89:60:0b:69:bf:37:0f:22: 41:ea:ed:eb:8e:e4:88:1d:81:20:6a:0c:3e:c5:19: 43:f0:84:36:c4:b1:15:5d:d3:d8:c7:e9:fb:ee:61: 52:23:2a:a0:be:ab:52:53:87:37:b3:46:54:9c:2a: bf:d6:61:b7:34:7e:39:9f:1e:a7:17:6e:79:47:33: 95:08:7d:04:46:ce:be:93:a7:2e:bf:8f:59:f1:b7: d3:db:96:fc:b8:c4:d2:10:04:7e:09:e1:d3:79:0b: bc:2c:a6:59:66:2b:bc:5b:72:45:37:67:37:02:3c: 30:ac:99:9c:2d:74:34:93:97:a4:81:46:77:0b:08: 5e:c1:72:19:44:da:10:f7:77:02:5a:21:16:a1:3f: 81:b1:d9:44:11:81:f7:a3:f8:d6:5c:63:96:f2:fb: c8:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:C0:F7:92:09:B2:D8:A4:0A:CC:A1:D9:33:DE:F3:F5:3C:C0:68:39 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 160.235.0.0/16 Signature Algorithm: sha256WithRSAEncryption 85:89:e4:a3:22:c3:c2:9b:80:6b:3d:71:9b:67:c7:9a:b3:0d: 17:df:44:76:c9:01:76:d1:04:22:f4:2d:96:d7:b1:98:44:5c: b6:98:c7:26:b9:bb:f1:91:5e:42:0d:75:9c:5c:f1:78:e2:36: 07:7f:53:8d:f8:8f:c3:57:8c:68:6a:86:4e:b1:ff:6f:aa:ac: 10:b2:67:b6:89:df:58:cb:d9:a0:cb:9d:a7:5a:22:65:60:b8: 19:60:bb:bd:19:3d:d5:b7:03:f1:ed:cb:95:9a:ca:78:17:b3: 38:25:2c:61:3a:e6:47:ed:31:35:45:e9:31:b4:e7:54:ed:f8: b2:33:49:53:2d:cf:ba:44:58:49:34:b9:28:fe:1b:ef:c8:c4: 77:b1:97:06:c9:db:0f:f3:f8:3f:a8:68:55:fb:96:00:c8:07: b7:6c:2b:f8:ef:b3:83:54:ed:a5:ba:ed:4c:f9:fe:3b:de:21: 18:ce:d0:54:cb:74:54:b2:d3:43:86:a8:81:a4:8e:65:4d:0b: 77:21:c7:99:7b:0b:e4:d9:a5:e5:12:90:75:d7:ff:4e:d7:2d: 47:0a:4c:78:87:6f:9f:09:b8:fc:53:ba:29:6b:68:df:17:2a: e5:79:0b:e3:fc:3e:fa:d7:6b:2b:18:1f:23:d7:0b:4e:c3:b6: 96:9c:5b:61 -----BEGIN CERTIFICATE----- MIIFmzCCBIOgAwIBAgIUd6v6EF4Zs73+2oQT9GnR1Z/osZkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI2MDIyNjAwMDAxM1oX DTI2MDUyNzIzNTk1OVowejFJMEcGA1UEBRNAMzQ4M2YyNjI0MmVjNWZhNzE2MjI5 YmI4Y2Q4NTY3OGE5YTdmYTZlM2I1ZGFlODc0OTUzMTFmNmY0NzNjNTVjMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljrEKC21ly71YU8vzimW4dP+vpPv m2BKlbZHUIbEVon7GGuS0ChWZty/1m0mKBSR72M5K5VqdRugUcVOYTHX/33ExaGu zqZm5B+2h2rLjBaggynV42U65jW0CQO+RRA3iWALab83DyJB6u3rjuSIHYEgagw+ xRlD8IQ2xLEVXdPYx+n77mFSIyqgvqtSU4c3s0ZUnCq/1mG3NH45nx6nF255RzOV CH0ERs6+k6cuv49Z8bfT25b8uMTSEAR+CeHTeQu8LKZZZiu8W3JFN2c3AjwwrJmc LXQ0k5ekgUZ3CwhewXIZRNoQ93cCWiEWoT+BsdlEEYH3o/jWXGOW8vvISQIDAQAB o4ICRzCCAkMwHQYDVR0OBBYEFM3A95IJstikCsyh2TPe8/U8wGg5MB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNkMWZiMWM3LTYxNDAtNGM1Ny05MjhmLTFhNTk1ODZmOWUyYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL BAIAATAFAwMAoOswDQYJKoZIhvcNAQELBQADggEBAIWJ5KMiw8KbgGs9cZtnx5qz DRffRHbJAXbRBCL0LZbXsZhEXLaYxya5u/GRXkINdZxc8XjiNgd/U434j8NXjGhq hk6x/2+qrBCyZ7aJ31jL2aDLnadaImVguBlgu70ZPdW3A/Hty5WayngXszglLGE6 5kftMTVF6TG051Tt+LIzSVMtz7pEWEk0uSj+G+/IxHexlwbJ2w/z+D+oaFX7lgDI B7dsK/jvs4NU7aW67Uz5/jveIRjO0FTLdFSy00OGqIGkjmVNC3chx5l7C+TZpeUS kHXX/07XLUcKTHiHb58JuPxTuilraN8XKuV5C+P8PvrXaysYHyPXC07DtpacW2E= -----END CERTIFICATE-----Generated at Mon Mar 2 03:33:21 2026 by rpki-client