$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa File: 3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa (raw, json) Hash identifier: 46SkQknDcBfOGQwbNRfMD6C/4bRPxr72VMFVTNETTU8= Subject key identifier: 74:C6:37:1F:BE:A1:7C:D8:91:6E:9E:4F:39:9A:29:D2:F4:CA:50:C6 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 2A2FA72223D8BE4D62E8D42BD076749DAC64E779 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa Signing time: Tue 24 Feb 2026 00:00:08 +0000 ROA not before: Tue 24 Feb 2026 00:00:08 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.136.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:2f:a7:22:23:d8:be:4d:62:e8:d4:2b:d0:76:74:9d:ac:64:e7:79 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Feb 24 00:00:08 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=138dd7628c973bd398a39891d9f193c44a1ad9df5b05312b6884826859ebc73d, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:86:c2:f3:db:54:72:78:46:26:57:fb:58:a4: 8f:d7:97:77:78:af:13:46:6e:05:ef:07:e7:68:f8: ba:8e:e9:e3:a4:ed:f3:2f:a9:22:4f:6a:22:55:ef: 76:a7:6b:53:73:11:ee:08:0b:20:7c:33:7f:52:00: 16:6d:10:92:83:53:a6:3d:d4:5a:03:df:54:b0:d0: ba:de:60:26:c9:cc:60:02:43:d5:e2:70:9e:df:13: c9:4b:83:e9:5e:40:32:5c:c2:65:61:b5:6e:e7:15: b0:10:88:4f:11:21:17:6a:c1:6e:45:33:37:30:1c: 4b:4d:37:23:14:39:b6:22:71:a2:54:98:a9:5e:f9: 95:fd:76:e4:db:94:df:54:d3:46:eb:36:16:9c:6c: 47:0b:24:0c:1e:7a:02:47:7a:7e:26:c8:e7:d8:b1: 54:26:a3:ef:c8:f6:1d:df:0e:ee:fe:a7:de:fb:f1: 7a:f7:7d:62:3a:ba:ec:ee:0e:b5:41:a4:0a:5d:25: 9e:fe:5c:ec:fa:40:16:fc:bc:51:25:f7:fa:4e:e6: 62:44:9f:61:59:8d:20:80:ef:e3:65:70:95:f0:ce: 03:c4:c4:93:ab:61:9f:46:ba:a4:be:1f:5f:f5:94: fb:e0:fd:68:2b:10:5a:7a:ae:4e:c4:7e:60:b0:53: d9:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:C6:37:1F:BE:A1:7C:D8:91:6E:9E:4F:39:9A:29:D2:F4:CA:50:C6 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.136.0/21 Signature Algorithm: sha256WithRSAEncryption 6f:46:ef:7c:4a:3a:31:9a:f4:df:2d:df:14:0c:34:9d:f2:a4: f0:ab:03:4c:52:6a:94:bd:2f:b8:3d:f4:02:47:d1:6e:a5:24: 0e:9a:81:a8:f5:0a:1c:17:18:99:85:e9:6f:a2:f9:4b:d4:4a: d7:5f:45:9d:d1:36:9b:44:7d:d1:1d:58:9a:24:14:20:c6:5b: f4:bb:1e:0c:4a:99:93:ae:b3:0b:85:a5:5c:ba:5b:49:f2:a7: 63:1b:99:fe:d0:95:1c:4f:56:08:78:30:df:81:8e:65:b4:54: 06:72:75:51:5b:d2:58:b0:10:77:df:39:36:28:5e:fd:01:82: 4c:06:a0:39:8d:fd:6d:35:59:a6:c8:86:1c:75:b1:8f:2c:13: 98:35:fb:24:92:bb:75:07:95:86:cf:ec:db:8a:eb:4b:c1:2b: bd:a4:6f:6f:ee:91:10:ac:ec:91:0c:95:d1:56:0c:a2:5b:44: 8c:b0:a6:c2:23:62:9f:12:5f:16:25:25:93:61:81:57:42:7c: e6:40:19:66:1c:94:62:b0:3f:ca:6a:43:ef:fe:49:43:64:5d: e7:99:91:af:3a:4a:91:98:d5:f4:b6:5b:da:a7:a6:07:cd:13: ff:65:32:c8:97:4b:79:b9:b0:47:61:49:0e:ab:88:6f:2f:bd: 2e:f1:59:e3 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUKi+nIiPYvk1i6NQr0HZ0naxk53kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI2MDIyNDAwMDAwOFoX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAMTM4ZGQ3NjI4Yzk3M2JkMzk4YTM5 ODkxZDlmMTkzYzQ0YTFhZDlkZjViMDUzMTJiNjg4NDgyNjg1OWViYzczZDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4bC89tUcnhGJlf7WKSP15d3eK8T Rm4F7wfnaPi6junjpO3zL6kiT2oiVe92p2tTcxHuCAsgfDN/UgAWbRCSg1OmPdRa A99UsNC63mAmycxgAkPV4nCe3xPJS4PpXkAyXMJlYbVu5xWwEIhPESEXasFuRTM3 MBxLTTcjFDm2InGiVJipXvmV/Xbk25TfVNNG6zYWnGxHCyQMHnoCR3p+Jsjn2LFU JqPvyPYd3w7u/qfe+/F6931iOrrs7g61QaQKXSWe/lzs+kAW/LxRJff6TuZiRJ9h WY0ggO/jZXCV8M4DxMSTq2GfRrqkvh9f9ZT74P1oKxBaeq5OxH5gsFPZ8QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFHTGNx++oXzYkW6eTzmaKdL0ylDGMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzNiODU1N2MwLWQ1ZWUtNGY5ZC04MGFjLWU0MWEzN2ZmZmYyNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDrymIMA0GCSqGSIb3DQEBCwUAA4IBAQBvRu98SjoxmvTfLd8UDDSd 8qTwqwNMUmqUvS+4PfQCR9FupSQOmoGo9QocFxiZhelvovlL1ErXX0Wd0TabRH3R HViaJBQgxlv0ux4MSpmTrrMLhaVcultJ8qdjG5n+0JUcT1YIeDDfgY5ltFQGcnVR W9JYsBB33zk2KF79AYJMBqA5jf1tNVmmyIYcdbGPLBOYNfskkrt1B5WGz+zbiutL wSu9pG9v7pEQrOyRDJXRVgyiW0SMsKbCI2KfEl8WJSWTYYFXQnzmQBlmHJRisD/K akPv/klDZF3nmZGvOkqRmNX0tlvap6YHzRP/ZTLIl0t5ubBHYUkOq4hvL70u8Vnj -----END CERTIFICATE-----Generated at Sun Mar 1 21:45:29 2026 by rpki-client