$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/197500e2-3802-44b2-a561-ca3dad01e209.roa File: 197500e2-3802-44b2-a561-ca3dad01e209.roa (raw, json) Hash identifier: 1l+gLwyU/H4HNaQ0uYL3F1eW99PrBxN74OxZSMVTb64= Subject key identifier: DA:60:79:B2:F5:CA:EB:CF:06:24:E1:09:3F:10:59:93:C6:5F:F5:5E Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 37EBCDFC54C239FB811DD6B769C3724719EA1A7D Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/197500e2-3802-44b2-a561-ca3dad01e209.roa Signing time: Tue 24 Feb 2026 00:00:10 +0000 ROA not before: Tue 24 Feb 2026 00:00:10 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.128.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:eb:cd:fc:54:c2:39:fb:81:1d:d6:b7:69:c3:72:47:19:ea:1a:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Feb 24 00:00:10 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=e077ea6ffca8464edf7997e15dc508626682066e85faa2f408436ac983a07ee8, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:53:65:9e:ab:48:b3:93:e1:ac:45:d9:66:79: 4c:56:d9:4e:c1:37:35:07:0a:f6:b6:71:7d:71:fe: fc:65:45:3f:75:a5:fe:53:30:51:48:80:e2:e5:5b: 99:be:d3:66:c6:62:e5:bd:89:19:9a:c5:0b:9f:ef: a1:b1:15:b0:c0:22:e4:7c:41:05:68:13:f7:ea:73: 11:4a:02:ed:9a:4e:77:b9:3b:02:fc:08:bf:c9:3c: 60:df:3f:61:db:1d:28:06:49:e0:0d:0e:ca:3e:e5: 5e:b3:24:85:64:2f:55:64:cf:3a:0a:ef:4c:65:2f: 43:58:0d:6e:a4:7f:51:96:d4:f6:1b:d6:32:1c:99: b1:a9:75:b7:d1:4e:b9:88:53:35:5d:8e:2e:f3:00: 5f:ca:87:ab:53:ac:40:ce:c9:f5:fc:e7:f4:87:1e: f1:28:19:84:72:0b:6b:ce:97:00:df:c5:a8:25:f7: e5:05:80:72:bd:5d:ab:8e:d6:b5:22:0c:67:47:a0: 93:fe:45:37:9c:3a:8e:0e:14:d8:55:7e:0d:96:e9: 56:4f:1e:29:6d:60:b1:13:7c:0b:ff:bc:b3:3a:c6: 3b:a4:ed:48:9e:27:52:2a:02:24:bd:d1:30:7a:71: b4:09:82:ed:46:8a:8b:27:20:7d:78:32:25:29:e3: 55:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:60:79:B2:F5:CA:EB:CF:06:24:E1:09:3F:10:59:93:C6:5F:F5:5E X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/197500e2-3802-44b2-a561-ca3dad01e209.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.128.0/24 Signature Algorithm: sha256WithRSAEncryption 0a:0b:8b:ec:6d:a7:6c:87:33:78:41:bb:bd:7e:9e:0d:e8:dd: 8d:91:99:69:c0:64:a2:3e:81:21:ec:ab:23:a3:22:ba:48:16: 66:71:b3:c1:5b:c3:ab:cb:36:3b:31:45:e4:72:e1:85:26:74: c3:8f:bc:f3:af:24:0f:c8:0b:e4:7f:07:f1:3a:dd:20:31:0b: 9f:92:14:20:80:ee:e2:fc:37:e5:23:09:fb:ba:6c:cd:7d:7d: db:89:5b:f1:eb:05:2f:cc:2b:12:4f:d7:cc:4f:89:8d:0e:b3: 8b:49:0c:5c:26:15:26:6b:79:00:c2:2b:bb:0e:f9:c8:b1:a6: 7b:67:aa:d3:34:1c:87:fb:d4:99:94:77:65:79:8a:6a:2f:1f: 48:41:64:eb:1c:32:e0:f4:cb:d7:d5:c2:58:09:8e:bf:35:63: e1:6a:cd:14:42:7f:63:74:b3:a4:91:2f:dd:4a:50:43:11:df: c1:10:ad:47:33:92:ce:66:54:c9:94:4a:9a:20:26:a4:25:d9: 28:d7:80:55:73:2a:57:35:52:dc:01:79:70:8a:f9:29:e2:6a: 2a:37:fc:3b:c2:e9:36:05:f6:99:dc:85:d6:7e:33:67:5a:68: e0:54:f8:d0:f4:14:c1:bd:57:41:ce:fb:fb:41:5f:82:ac:3a: 18:1c:c1:d1 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUN+vN/FTCOfuBHda3acNyRxnqGn0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI2MDIyNDAwMDAxMFoX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAZTA3N2VhNmZmY2E4NDY0ZWRmNzk5 N2UxNWRjNTA4NjI2NjgyMDY2ZTg1ZmFhMmY0MDg0MzZhYzk4M2EwN2VlODEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVNlnqtIs5PhrEXZZnlMVtlOwTc1 Bwr2tnF9cf78ZUU/daX+UzBRSIDi5VuZvtNmxmLlvYkZmsULn++hsRWwwCLkfEEF aBP36nMRSgLtmk53uTsC/Ai/yTxg3z9h2x0oBkngDQ7KPuVesySFZC9VZM86Cu9M ZS9DWA1upH9RltT2G9YyHJmxqXW30U65iFM1XY4u8wBfyoerU6xAzsn1/Of0hx7x KBmEcgtrzpcA38WoJfflBYByvV2rjta1IgxnR6CT/kU3nDqODhTYVX4NlulWTx4p bWCxE3wL/7yzOsY7pO1InidSKgIkvdEwenG0CYLtRoqLJyB9eDIlKeNV3QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFNpgebL1yuvPBiThCT8QWZPGX/VeMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzE5NzUwMGUyLTM4MDItNDRiMi1hNTYxLWNhM2RhZDAxZTIwOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQArymAMA0GCSqGSIb3DQEBCwUAA4IBAQAKC4vsbadshzN4Qbu9fp4N 6N2NkZlpwGSiPoEh7KsjoyK6SBZmcbPBW8OryzY7MUXkcuGFJnTDj7zzryQPyAvk fwfxOt0gMQufkhQggO7i/DflIwn7umzNfX3biVvx6wUvzCsST9fMT4mNDrOLSQxc JhUma3kAwiu7DvnIsaZ7Z6rTNByH+9SZlHdleYpqLx9IQWTrHDLg9MvX1cJYCY6/ NWPhas0UQn9jdLOkkS/dSlBDEd/BEK1HM5LOZlTJlEqaICakJdko14BVcypXNVLc AXlwivkp4moqN/w7wuk2BfaZ3IXWfjNnWmjgVPjQ9BTBvVdBzvv7QV+CrDoYHMHR -----END CERTIFICATE-----Generated at Sun Mar 1 21:55:18 2026 by rpki-client