$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/42932dd4-2720-47b3-a472-fc2c8a50a46c.roa File: 42932dd4-2720-47b3-a472-fc2c8a50a46c.roa (raw, json) Hash identifier: iNY6C3I93M/b88ycFa4wj9iSAtZRjCOVsp9Gf/bWmT8= Subject key identifier: D1:50:47:22:AB:90:5E:91:58:12:2E:B8:4A:41:7E:A8:0D:51:BF:F8 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 603D68F9A53C99CEC9056F05C34E923FE4ACFCCA Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/42932dd4-2720-47b3-a472-fc2c8a50a46c.roa Signing time: Tue 24 Feb 2026 00:00:05 +0000 ROA not before: Tue 24 Feb 2026 00:00:05 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.130.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:3d:68:f9:a5:3c:99:ce:c9:05:6f:05:c3:4e:92:3f:e4:ac:fc:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Feb 24 00:00:05 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=67ae9180db17fc48f4d7a1e07570f2215649884b55d8111c35d31558178490af, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:cd:ca:35:90:9e:a6:32:28:de:cb:2a:61:bd: 0f:1d:66:4e:6b:27:16:cb:07:33:6f:27:03:51:fe: 13:a0:02:50:4e:b7:02:09:6b:23:3d:78:c0:ac:ff: 18:fc:bd:b3:97:62:1e:54:7c:1d:ee:0a:7e:da:00: 1d:86:69:bb:0b:0a:94:ef:83:96:cb:27:6e:3d:e1: 4a:cf:42:a8:63:50:2b:cb:0b:5c:e3:84:91:d6:24: 99:b6:01:90:37:fd:ab:f8:db:fd:33:22:9f:ad:0b: 4d:c5:0e:84:81:15:84:71:38:21:f7:a0:2f:95:2f: 96:41:dd:ed:11:e8:68:fb:9f:fd:11:83:d1:b6:94: 6d:f4:a7:e3:7d:97:99:5a:7b:c0:cb:09:07:68:a1: 84:e8:23:26:27:79:85:38:7d:29:2f:5c:04:45:7f: 8f:97:c8:c4:ec:ad:38:66:a9:40:86:98:cf:88:03: 43:2a:16:24:08:3d:c4:ab:a1:6c:63:03:85:3a:fc: 6e:dc:f2:e2:d9:cf:b8:71:4b:1c:43:89:94:a9:57: 89:b2:cf:18:1c:3d:b4:57:da:d6:a0:94:22:e6:95: 7f:31:49:33:63:13:ec:16:39:e7:bf:15:08:c4:e8: ce:1b:73:47:25:89:33:da:f1:da:b9:9c:fd:2e:44: cd:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:50:47:22:AB:90:5E:91:58:12:2E:B8:4A:41:7E:A8:0D:51:BF:F8 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/42932dd4-2720-47b3-a472-fc2c8a50a46c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.130.0/23 Signature Algorithm: sha256WithRSAEncryption 6b:58:fd:18:b1:f5:48:da:6b:26:5b:5e:bc:58:7f:61:8d:36: 4f:c3:c9:f9:70:d0:36:df:14:c9:aa:91:5e:a8:f7:07:9d:df: 0c:ff:0f:0c:ec:bd:28:c5:31:3c:55:2e:c3:3f:4d:58:75:11: ba:45:31:0f:27:37:50:45:52:bf:6f:1f:26:f7:10:5c:67:5d: f8:51:1d:9e:66:b4:38:b4:35:52:fc:03:66:de:ee:36:8b:32: 0b:a2:53:d6:8b:bc:a4:30:32:b9:60:49:4b:6d:34:7c:ed:6a: d2:9b:15:4f:d9:d0:86:39:74:8e:4b:8e:8d:2d:7a:dd:a4:b3: 0f:a7:40:b3:e1:58:ff:a8:3f:7e:d4:39:8f:6e:f3:f4:90:cf: 55:70:d8:8e:dc:33:62:2a:21:90:11:76:d5:e1:8b:7d:fd:d7: ff:c7:e5:10:7e:7d:08:6e:5f:ff:2b:c0:d8:39:88:85:1c:65: ea:d1:d5:a4:7d:c6:18:e2:8b:aa:55:0e:1c:d7:a4:d5:b5:7c: 9b:de:8e:b8:d5:1c:cf:72:b1:d4:2b:e1:b9:91:bd:06:6e:ac: 26:24:e4:b5:57:7a:dd:0f:4d:1c:54:b5:67:87:3d:61:7c:d3: 53:e9:41:31:a5:67:32:2d:68:f4:c6:87:01:eb:ba:d3:ae:bb: df:bc:7c:48 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUYD1o+aU8mc7JBW8Fw06SP+Ss/MowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI2MDIyNDAwMDAwNVoX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNANjdhZTkxODBkYjE3ZmM0OGY0ZDdh MWUwNzU3MGYyMjE1NjQ5ODg0YjU1ZDgxMTFjMzVkMzE1NTgxNzg0OTBhZjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2c3KNZCepjIo3ssqYb0PHWZOaycW ywczbycDUf4ToAJQTrcCCWsjPXjArP8Y/L2zl2IeVHwd7gp+2gAdhmm7CwqU74OW yyduPeFKz0KoY1Arywtc44SR1iSZtgGQN/2r+Nv9MyKfrQtNxQ6EgRWEcTgh96Av lS+WQd3tEeho+5/9EYPRtpRt9KfjfZeZWnvAywkHaKGE6CMmJ3mFOH0pL1wERX+P l8jE7K04ZqlAhpjPiANDKhYkCD3Eq6FsYwOFOvxu3PLi2c+4cUscQ4mUqVeJss8Y HD20V9rWoJQi5pV/MUkzYxPsFjnnvxUIxOjOG3NHJYkz2vHauZz9LkTNUwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFNFQRyKrkF6RWBIuuEpBfqgNUb/4MB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzQyOTMyZGQ0LTI3MjAtNDdiMy1hNDcyLWZjMmM4YTUwYTQ2Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQBrymCMA0GCSqGSIb3DQEBCwUAA4IBAQBrWP0YsfVI2msmW168WH9h jTZPw8n5cNA23xTJqpFeqPcHnd8M/w8M7L0oxTE8VS7DP01YdRG6RTEPJzdQRVK/ bx8m9xBcZ134UR2eZrQ4tDVS/ANm3u42izILolPWi7ykMDK5YElLbTR87WrSmxVP 2dCGOXSOS46NLXrdpLMPp0Cz4Vj/qD9+1DmPbvP0kM9VcNiO3DNiKiGQEXbV4Yt9 /df/x+UQfn0Ibl//K8DYOYiFHGXq0dWkfcYY4ouqVQ4c16TVtXyb3o641RzPcrHU K+G5kb0GbqwmJOS1V3rdD00cVLVnhz1hfNNT6UExpWcyLWj0xocB67rTrrvfvHxI -----END CERTIFICATE-----Generated at Sun Mar 1 23:53:50 2026 by rpki-client