$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22707524-2248-48ea-815f-578f49b19436.roa File: 22707524-2248-48ea-815f-578f49b19436.roa (raw, json) Hash identifier: n8mdK97d/Vw0NB0uqE1Lu/NAcKYHksxdIYeyBefJ5e0= Subject key identifier: 2D:CE:15:F2:7C:73:2A:E3:71:80:5C:F9:3E:D5:8E:55:06:1A:45:06 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 066BBB1A28345C31E00691B242F0C833C7811486 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22707524-2248-48ea-815f-578f49b19436.roa Signing time: Tue 24 Feb 2026 00:00:10 +0000 ROA not before: Tue 24 Feb 2026 00:00:10 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.150.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:6b:bb:1a:28:34:5c:31:e0:06:91:b2:42:f0:c8:33:c7:81:14:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Feb 24 00:00:10 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=3c880e93801677e9d2a96114adab828c824d1a49fdd505c8505317a7416a32fe, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:ec:8b:7b:d8:ae:48:74:b2:a3:cc:30:55:ff: 11:93:46:a7:92:7f:ac:f1:c5:3b:b5:f6:8b:a6:6e: cc:90:4c:a1:e0:6b:05:bd:63:4b:cd:71:2a:ff:cb: d3:05:08:2a:d4:b9:55:d7:85:7e:14:81:8c:96:42: 04:94:16:44:20:45:c7:a8:d0:03:23:17:ab:65:73: 19:af:92:aa:01:26:3b:23:c0:9b:f6:96:bb:59:5e: c3:6e:fa:cf:d4:af:49:15:3c:89:f0:76:76:8a:83: 16:b7:dd:21:c6:17:f4:2a:c7:3c:4c:ea:8d:4a:7a: 86:f2:e8:b4:de:5e:0d:63:1e:30:2c:7f:18:38:4e: 93:0f:fd:2f:97:6e:a5:6b:d3:68:c6:7e:b5:af:28: 9a:45:66:16:83:16:09:84:89:d0:44:22:11:59:87: b5:e8:a1:b5:b2:53:bd:df:4d:fa:39:88:95:f9:9d: a6:97:52:4e:f8:79:36:de:fe:e6:20:6f:c4:98:9b: 06:ab:5f:23:91:09:e0:95:df:81:82:38:c2:6a:35: 05:b4:40:c8:35:c8:66:0e:86:c1:32:81:6c:5f:eb: 3e:07:fe:9d:03:12:1d:ae:8b:f9:c2:c1:9e:2c:fb: a0:be:3b:b0:88:43:89:a9:f0:46:9e:01:af:2a:e7: 6f:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:CE:15:F2:7C:73:2A:E3:71:80:5C:F9:3E:D5:8E:55:06:1A:45:06 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/22707524-2248-48ea-815f-578f49b19436.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.150.0/24 Signature Algorithm: sha256WithRSAEncryption 28:ed:c0:6c:81:4c:3a:f4:81:cb:1b:55:16:1e:de:72:4c:0a: 06:55:4f:18:13:f0:d1:5a:be:48:3b:ba:3c:1e:9e:6d:c2:e2: 34:56:07:0b:cb:6e:c6:32:57:e0:8e:63:61:1c:e4:f2:1a:62: 29:1d:dc:24:48:dd:b3:82:6a:60:98:4a:dc:70:48:a9:b2:3d: 8a:b5:14:59:0e:91:9c:d6:35:80:8b:99:98:06:29:dd:34:87: 2b:8f:16:5a:9d:e8:62:81:db:f6:2a:94:95:19:84:00:f8:87: c9:fe:f4:d3:d3:19:c3:b6:75:05:d8:4a:a2:f4:9a:7e:d1:7e: 34:7b:4b:3c:20:ca:44:e2:cf:4a:c2:5d:70:e9:18:98:85:d1: 5d:c8:01:7c:87:5f:d7:b0:87:7c:81:bb:b6:8f:48:f6:0c:1b: f7:0b:e9:a2:1c:4c:a4:e5:18:ec:63:e9:a7:b2:6a:af:78:c8: 23:e9:78:25:90:8f:2b:a0:3a:78:ea:33:b1:9b:02:e4:2b:9f: 9e:a6:23:08:29:d7:97:fe:2f:61:0e:de:0b:0f:b7:cc:57:48: 53:cb:51:f1:87:52:18:21:6c:bc:88:9d:85:d7:50:45:9e:a0: 5c:09:ad:e1:ba:18:06:a9:da:e8:94:3c:49:d1:0b:06:07:a2: eb:82:3f:63 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUBmu7Gig0XDHgBpGyQvDIM8eBFIYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI2MDIyNDAwMDAxMFoX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAM2M4ODBlOTM4MDE2NzdlOWQyYTk2 MTE0YWRhYjgyOGM4MjRkMWE0OWZkZDUwNWM4NTA1MzE3YTc0MTZhMzJmZTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+yLe9iuSHSyo8wwVf8Rk0ankn+s 8cU7tfaLpm7MkEyh4GsFvWNLzXEq/8vTBQgq1LlV14V+FIGMlkIElBZEIEXHqNAD IxerZXMZr5KqASY7I8Cb9pa7WV7DbvrP1K9JFTyJ8HZ2ioMWt90hxhf0Ksc8TOqN SnqG8ui03l4NYx4wLH8YOE6TD/0vl26la9Noxn61ryiaRWYWgxYJhInQRCIRWYe1 6KG1slO93036OYiV+Z2ml1JO+Hk23v7mIG/EmJsGq18jkQngld+BgjjCajUFtEDI NchmDobBMoFsX+s+B/6dAxIdrov5wsGeLPugvjuwiEOJqfBGngGvKudvcQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFC3OFfJ8cyrjcYBc+T7VjlUGGkUGMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzIyNzA3NTI0LTIyNDgtNDhlYS04MTVmLTU3OGY0OWIxOTQzNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQArymWMA0GCSqGSIb3DQEBCwUAA4IBAQAo7cBsgUw69IHLG1UWHt5y TAoGVU8YE/DRWr5IO7o8Hp5twuI0VgcLy27GMlfgjmNhHOTyGmIpHdwkSN2zgmpg mErccEipsj2KtRRZDpGc1jWAi5mYBindNIcrjxZanehigdv2KpSVGYQA+IfJ/vTT 0xnDtnUF2Eqi9Jp+0X40e0s8IMpE4s9Kwl1w6RiYhdFdyAF8h1/XsId8gbu2j0j2 DBv3C+miHEyk5RjsY+mnsmqveMgj6XglkI8roDp46jOxmwLkK5+epiMIKdeX/i9h Dt4LD7fMV0hTy1Hxh1IYIWy8iJ2F11BFnqBcCa3huhgGqdrolDxJ0QsGB6Lrgj9j -----END CERTIFICATE-----Generated at Sun Mar 1 22:04:45 2026 by rpki-client