$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa File: 4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa (raw, json) Hash identifier: xsaM36rzv8Uw5QN5dHxdEYXHzAwA5KNUnJAuj5qn0Dw= Subject key identifier: DE:33:CA:8E:18:04:7F:E5:9E:DD:1B:B8:E5:8A:B3:42:70:EA:FE:42 Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 49C203778F46F8D8CD099562A0F20E303952854C Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa Signing time: Wed 25 Feb 2026 00:00:50 +0000 ROA not before: Wed 25 Feb 2026 00:00:50 +0000 ROA not after: Tue 26 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.200.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:c2:03:77:8f:46:f8:d8:cd:09:95:62:a0:f2:0e:30:39:52:85:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Feb 25 00:00:50 2026 GMT Not After : May 26 23:59:59 2026 GMT Subject: serialNumber=e4b1b59aebb861489b981e0e7cd726b5629d583090e9d873a88e5b366a26cd65, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:3a:e2:72:88:75:ba:58:6b:54:96:a9:68:f4: 5f:35:fa:9f:e7:35:76:fa:4d:6a:48:0b:8b:c8:dd: 0e:f4:f2:41:4f:85:1b:8f:a8:a4:57:ce:1b:78:c6: a3:da:f4:ff:bf:bb:30:42:e0:99:7e:08:a9:32:1f: a8:bb:b5:52:55:43:64:68:87:b8:16:d9:e2:f5:51: bd:53:ac:db:a1:29:ad:1a:5a:5e:60:f0:af:2e:74: fb:32:56:da:d5:06:16:bb:0f:53:a6:62:90:40:e4: a6:2b:e7:37:9c:b1:1b:2b:d4:ba:b1:9c:30:09:94: 7a:8c:89:cc:e6:72:85:9b:9b:bd:45:2b:a8:36:83: d5:10:17:bd:d6:4d:93:5c:f7:14:ed:fb:61:88:64: 23:49:07:29:4b:b7:5b:96:28:62:a2:08:4d:8e:bb: 3a:04:a0:95:8b:d1:b2:8a:f4:8e:ba:bc:65:4f:49: 70:d0:44:5c:2e:a5:c1:03:d6:97:8b:db:3c:bc:0d: 7d:8b:ec:7f:0f:6f:63:a5:f5:73:f2:81:a8:58:96: 02:35:46:6e:14:f2:6e:bd:1a:8d:fb:ca:9c:87:3a: 06:74:91:5e:0c:1e:f0:c8:21:06:dc:81:8a:4c:33: 6f:4b:6a:ce:8c:0b:24:59:13:de:1d:2e:49:a8:e2: 69:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:33:CA:8E:18:04:7F:E5:9E:DD:1B:B8:E5:8A:B3:42:70:EA:FE:42 X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4cb3e9f9-46a2-41eb-a4b7-75b53d791f33.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.200.0/21 Signature Algorithm: sha256WithRSAEncryption 4c:c9:9c:54:6f:2d:c4:f0:c2:d2:22:56:c8:2b:d2:ef:ad:13: ce:fc:5c:39:a8:e5:51:80:f9:8b:4d:b6:73:c8:0d:e5:87:5b: a6:e0:42:71:eb:cc:23:82:e8:b5:06:68:f7:a5:3e:8a:5b:1d: eb:a1:db:5c:5b:b3:91:20:1b:b2:d4:73:bf:27:b1:a0:49:90: d8:ec:f7:26:cf:c9:89:42:01:97:86:f9:24:5c:47:67:30:c8: ef:0b:23:f3:64:8d:a1:62:48:7b:ac:54:c6:8d:61:db:04:49: 9f:4e:6f:8b:4b:b5:31:38:00:7b:b2:ba:0c:5f:74:d6:da:31: 6d:70:27:6d:42:ae:71:99:9a:07:49:24:31:10:64:47:ec:02: 6a:00:b5:0d:b5:6c:4a:01:a2:6d:2b:83:6d:9a:51:62:dd:45: 51:0f:b1:1b:ec:e8:ae:65:2c:fd:cc:75:5b:c2:d8:2d:8b:72: a9:1d:95:a1:4d:ad:ad:eb:66:24:2e:fd:a9:1a:0a:e2:04:15: ef:fc:62:2c:3e:9c:f3:cb:96:86:d9:70:e7:c8:34:22:ce:2b: 98:72:33:c3:e2:ba:5c:c1:d8:ea:85:c6:ef:07:f1:a8:2c:0b: 54:cc:f8:13:5b:f7:f2:16:7b:6b:87:87:ce:74:3a:2a:f4:3c: d8:1e:5a:87 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUScIDd49G+NjNCZVioPIOMDlShUwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI2MDIyNTAwMDA1MFoX DTI2MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAZTRiMWI1OWFlYmI4NjE0ODliOTgx ZTBlN2NkNzI2YjU2MjlkNTgzMDkwZTlkODczYTg4ZTViMzY2YTI2Y2Q2NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jricoh1ulhrVJapaPRfNfqf5zV2 +k1qSAuLyN0O9PJBT4Ubj6ikV84beMaj2vT/v7swQuCZfgipMh+ou7VSVUNkaIe4 Ftni9VG9U6zboSmtGlpeYPCvLnT7Mlba1QYWuw9TpmKQQOSmK+c3nLEbK9S6sZww CZR6jInM5nKFm5u9RSuoNoPVEBe91k2TXPcU7fthiGQjSQcpS7dblihioghNjrs6 BKCVi9GyivSOurxlT0lw0ERcLqXBA9aXi9s8vA19i+x/D29jpfVz8oGoWJYCNUZu FPJuvRqN+8qchzoGdJFeDB7wyCEG3IGKTDNvS2rOjAskWRPeHS5JqOJpKQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFN4zyo4YBH/lnt0buOWKs0Jw6v5CMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRjYjNlOWY5LTQ2YTItNDFlYi1hNGI3LTc1YjUzZDc5MWYzMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jIMA0GCSqGSIb3DQEBCwUAA4IBAQBMyZxUby3E8MLSIlbIK9Lv rRPO/Fw5qOVRgPmLTbZzyA3lh1um4EJx68wjgui1Bmj3pT6KWx3rodtcW7ORIBuy 1HO/J7GgSZDY7Pcmz8mJQgGXhvkkXEdnMMjvCyPzZI2hYkh7rFTGjWHbBEmfTm+L S7UxOAB7sroMX3TW2jFtcCdtQq5xmZoHSSQxEGRH7AJqALUNtWxKAaJtK4NtmlFi 3UVRD7Eb7OiuZSz9zHVbwtgti3KpHZWhTa2t62YkLv2pGgriBBXv/GIsPpzzy5aG 2XDnyDQiziuYcjPD4rpcwdjqhcbvB/GoLAtUzPgTW/fyFntrh4fOdDoq9DzYHlqH -----END CERTIFICATE-----Generated at Sun Mar 1 21:56:36 2026 by rpki-client