$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa File: 55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa (raw, json) Hash identifier: J9RI4VJSTxgaFW+3QF3NgsoWAna5ZD6zPEc51yMjTfg= Subject key identifier: F3:58:23:BB:86:04:81:A3:5D:B1:54:9F:4A:80:A0:6E:50:43:A2:DC Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Certificate serial: 367E423340C09C04F575F221996D9C3EFEFC4811 Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa Signing time: Wed 25 Feb 2026 00:00:12 +0000 ROA not before: Wed 25 Feb 2026 00:00:12 +0000 ROA not after: Tue 26 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 159.248.216.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/manifest.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:7e:42:33:40:c0:9c:04:f5:75:f2:21:99:6d:9c:3e:fe:fc:48:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7 Validity Not Before: Feb 25 00:00:12 2026 GMT Not After : May 26 23:59:59 2026 GMT Subject: serialNumber=fd3d970c0834ed469cd5bd1aac370cdd84ab5098898eb4e5f5c68cedac06591f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:cc:f7:2f:52:a9:8a:2b:4c:97:72:e4:6a:53: a6:9f:3c:dc:72:a7:87:1a:8e:cc:ba:3f:fb:33:8c: 66:5b:b3:47:19:11:d8:d5:d0:11:71:c6:bf:21:49: df:b6:4c:01:35:8b:ea:d0:78:68:eb:c7:dc:d0:24: b3:f7:bb:28:ff:94:3c:51:ea:a4:b4:74:0c:2a:93: 01:ae:d1:ac:6f:32:53:45:a7:74:c2:fc:a2:1d:56: 8d:62:f4:ab:92:62:6b:02:b1:65:a8:8e:2f:7e:64: 0b:c2:83:4e:45:89:de:5f:b9:55:d5:9d:13:45:1d: 24:48:75:a0:9c:2a:c5:1a:2f:07:6a:db:12:f5:ac: ca:35:e4:53:0d:ec:d4:7f:38:82:62:fa:a1:94:1d: 04:93:06:c9:24:4f:0d:dc:ec:f4:2a:89:c9:3e:59: 1f:ea:0c:8a:ab:5c:d1:84:d2:85:e7:84:b1:93:92: 82:9e:25:c0:36:7e:38:8b:02:12:86:2e:93:8b:40: f2:b5:07:d0:38:ac:e5:3b:57:c5:bc:61:25:37:54: 89:72:d2:c8:d3:f2:f7:f6:c3:d4:bc:9a:87:0b:b9: a9:9b:d5:e5:71:14:28:11:00:a4:8b:37:7c:da:25: cb:6b:14:c5:57:fc:37:13:30:d8:5e:4c:62:6e:67: bf:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:58:23:BB:86:04:81:A3:5D:B1:54:9F:4A:80:A0:6E:50:43:A2:DC X509v3 Authority Key Identifier: keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55d6cbae-8b7f-45a9-8d9b-458d10a9b1ca.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.248.216.0/21 Signature Algorithm: sha256WithRSAEncryption 77:25:f5:19:23:7e:37:3d:c4:f6:4a:25:2e:ec:49:45:9b:bd: b3:bf:1d:37:42:a6:7f:f1:b2:bc:fa:99:76:b2:39:e7:08:0e: 5e:1e:a7:08:3b:f3:3f:f5:3e:b3:98:46:6e:01:37:da:65:21: ce:d4:cd:43:bd:eb:e9:eb:ee:3b:f6:fb:7a:dc:3a:20:75:eb: 68:08:a3:f9:ea:fe:22:ee:1e:ea:3a:7f:89:a9:10:7e:35:db: 5a:be:76:b1:f0:e3:7b:1c:6c:47:0a:99:7e:94:08:53:aa:0f: 48:e1:a3:ac:15:30:41:aa:ab:33:51:40:3f:a0:39:6c:29:90: 5a:ab:82:99:cb:91:a0:f5:62:fe:9e:6f:eb:fe:b7:3c:d0:38: 8f:bc:f7:63:03:98:eb:0e:dd:56:b0:6c:e9:f9:9a:3b:63:12: bb:4b:b2:6d:53:9a:91:11:b2:d9:12:15:e2:00:06:1d:b8:af: 3b:25:d2:80:05:67:35:bd:95:5b:e6:db:79:8c:37:e4:22:6f: 1f:e3:2b:88:64:ab:a5:2f:d1:19:c1:0a:17:9b:fc:a9:c1:81: a3:b3:f3:b5:37:41:44:77:bb:10:fa:85:b4:fe:bb:32:ae:f8: 3f:1c:95:7f:a1:e5:9f:83:7b:ec:d8:ee:fd:fe:27:46:0d:49: 1a:95:76:95 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUNn5CM0DAnAT1dfIhmW2cPv78SBEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI2MDIyNTAwMDAxMloX DTI2MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAZmQzZDk3MGMwODM0ZWQ0NjljZDVi ZDFhYWMzNzBjZGQ4NGFiNTA5ODg5OGViNGU1ZjVjNjhjZWRhYzA2NTkxZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsz3L1KpiitMl3LkalOmnzzccqeH Go7Muj/7M4xmW7NHGRHY1dARcca/IUnftkwBNYvq0Hho68fc0CSz97so/5Q8Ueqk tHQMKpMBrtGsbzJTRad0wvyiHVaNYvSrkmJrArFlqI4vfmQLwoNORYneX7lV1Z0T RR0kSHWgnCrFGi8HatsS9azKNeRTDezUfziCYvqhlB0EkwbJJE8N3Oz0KonJPlkf 6gyKq1zRhNKF54Sxk5KCniXANn44iwIShi6Ti0DytQfQOKzlO1fFvGElN1SJctLI 0/L39sPUvJqHC7mpm9XlcRQoEQCkizd82iXLaxTFV/w3EzDYXkxibme/MwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFPNYI7uGBIGjXbFUn0qAoG5QQ6LcMB8GA1UdIwQY MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU1ZDZjYmFlLThiN2YtNDVhOS04ZDliLTQ1OGQxMGE5YjFjYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDn/jYMA0GCSqGSIb3DQEBCwUAA4IBAQB3JfUZI343PcT2SiUu7ElF m72zvx03QqZ/8bK8+pl2sjnnCA5eHqcIO/M/9T6zmEZuATfaZSHO1M1Dvevp6+47 9vt63DogdetoCKP56v4i7h7qOn+JqRB+Ndtavnax8ON7HGxHCpl+lAhTqg9I4aOs FTBBqqszUUA/oDlsKZBaq4KZy5Gg9WL+nm/r/rc80DiPvPdjA5jrDt1WsGzp+Zo7 YxK7S7JtU5qREbLZEhXiAAYduK87JdKABWc1vZVb5tt5jDfkIm8f4yuIZKulL9EZ wQoXm/ypwYGjs/O1N0FEd7sQ+oW0/rsyrvg/HJV/oeWfg3vs2O79/idGDUkalXaV -----END CERTIFICATE-----Generated at Sun Mar 1 23:39:11 2026 by rpki-client