$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa File: 882a767c-0faf-4e71-a224-ecec47d98fcb.roa (raw, json) Hash identifier: SbC+1TuCvU+jX8YVK+7obHcSTkPpgYNWlTlRRoFqGKo= Subject key identifier: 0C:A9:F5:E3:D6:78:DA:C3:0A:4E:A1:C8:6D:8F:D1:8C:B4:C7:10:D8 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 441A011C9200CF3A94B1849754E8E5DC47486FB5 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa Signing time: Tue 24 Feb 2026 00:00:09 +0000 ROA not before: Tue 24 Feb 2026 00:00:09 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 122.248.224.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:1a:01:1c:92:00:cf:3a:94:b1:84:97:54:e8:e5:dc:47:48:6f:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Feb 24 00:00:09 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=ff0b7f8ea81e440d6e1b7edb7dec70ae17880a1a05e80535a9f7ee612b948448, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:6d:86:e7:b1:23:11:85:9c:2c:ac:16:7d:62: 96:2d:94:47:27:cd:55:ee:d3:45:00:3e:64:4d:c9: f4:bf:b0:de:28:7e:ac:7e:70:d6:71:d4:1d:25:7f: 36:b3:3e:f5:60:23:d8:1f:2a:a1:3f:a8:9b:33:0c: 3f:36:e6:13:21:22:9d:b7:50:39:62:96:90:92:96: 37:e8:02:e3:41:bd:aa:18:f1:14:6a:0c:85:67:d2: 4f:a4:74:72:3c:8a:56:3f:40:23:c6:01:16:ee:16: 7f:40:44:bc:71:07:fe:35:7a:d7:e6:76:c8:81:29: d0:69:25:8f:a4:0e:1d:7d:f6:58:dc:9f:68:60:5b: 32:f2:e3:3e:5a:1f:3f:22:2c:8d:40:8a:f5:3a:d5: 47:d1:55:f9:ba:1b:18:ab:7a:b8:4c:ca:32:dd:07: bb:6a:61:de:1b:54:1c:a8:58:86:97:94:ab:15:9d: a8:1b:d9:37:14:d6:a8:cf:0f:a9:1e:2a:b0:06:45: b7:17:29:54:67:13:a9:3b:11:61:6d:74:80:0b:16: d9:e6:2f:2a:46:e6:14:47:40:26:59:e4:83:32:aa: 73:22:d8:8e:1c:45:4c:21:b3:84:88:50:85:99:63: 33:64:8a:30:a5:7a:6c:e0:28:cb:0c:12:76:25:0b: e6:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:A9:F5:E3:D6:78:DA:C3:0A:4E:A1:C8:6D:8F:D1:8C:B4:C7:10:D8 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/882a767c-0faf-4e71-a224-ecec47d98fcb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.248.224.0/21 Signature Algorithm: sha256WithRSAEncryption c3:3a:1d:1a:67:fc:ca:ea:5e:bc:1e:82:8f:f8:c3:32:86:d1: 20:2a:76:da:d0:96:27:96:2c:97:3c:a4:79:a0:7e:cd:d1:7a: 1b:f2:55:f5:8b:23:31:98:6e:04:e5:1a:42:d9:eb:73:97:e3: 48:67:8e:f9:e0:a1:0c:21:21:67:35:87:bd:30:6b:08:98:02: 29:80:ad:64:ca:9e:f3:4e:68:19:78:41:75:81:23:5d:7c:52: 12:ab:5b:52:c0:9d:0d:46:e0:68:f6:bc:fb:be:b2:b3:22:15: 9a:cf:99:9c:15:26:1a:b5:e0:54:60:bb:86:8a:63:53:88:14: b0:69:b7:d1:63:45:e5:e1:57:a2:40:1c:9b:56:8a:be:c8:21: 6b:cc:17:5d:5f:6f:79:94:9a:08:3c:74:1e:f8:0b:ef:36:fa: f3:f3:36:96:30:78:a8:ff:87:e8:26:dd:98:9b:32:f0:65:67: 37:d7:54:34:bb:ce:e4:a4:83:96:25:54:30:ad:c2:7b:17:c5: c4:1a:cf:cd:7f:d3:b7:1d:8c:ad:01:c2:83:21:2b:ad:e4:21: 63:82:0e:ae:27:97:c0:48:01:ca:10:a6:e6:1b:c4:29:7e:03: 76:3e:4a:7a:1f:61:23:3b:c3:d9:f0:5f:5b:c9:a5:bc:e0:27: c1:6c:f2:17 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIURBoBHJIAzzqUsYSXVOjl3EdIb7UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI2MDIyNDAwMDAwOVoX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAZmYwYjdmOGVhODFlNDQwZDZlMWI3 ZWRiN2RlYzcwYWUxNzg4MGExYTA1ZTgwNTM1YTlmN2VlNjEyYjk0ODQ0ODEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApG2G57EjEYWcLKwWfWKWLZRHJ81V 7tNFAD5kTcn0v7DeKH6sfnDWcdQdJX82sz71YCPYHyqhP6ibMww/NuYTISKdt1A5 YpaQkpY36ALjQb2qGPEUagyFZ9JPpHRyPIpWP0AjxgEW7hZ/QES8cQf+NXrX5nbI gSnQaSWPpA4dffZY3J9oYFsy8uM+Wh8/IiyNQIr1OtVH0VX5uhsYq3q4TMoy3Qe7 amHeG1QcqFiGl5SrFZ2oG9k3FNaozw+pHiqwBkW3FylUZxOpOxFhbXSACxbZ5i8q RuYUR0AmWeSDMqpzItiOHEVMIbOEiFCFmWMzZIowpXps4CjLDBJ2JQvmSQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFAyp9ePWeNrDCk6hyG2P0Yy0xxDYMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 Lzg4MmE3NjdjLTBmYWYtNGU3MS1hMjI0LWVjZWM0N2Q5OGZjYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDevjgMA0GCSqGSIb3DQEBCwUAA4IBAQDDOh0aZ/zK6l68HoKP+MMy htEgKnba0JYnliyXPKR5oH7N0Xob8lX1iyMxmG4E5RpC2etzl+NIZ4754KEMISFn NYe9MGsImAIpgK1kyp7zTmgZeEF1gSNdfFISq1tSwJ0NRuBo9rz7vrKzIhWaz5mc FSYateBUYLuGimNTiBSwabfRY0Xl4VeiQBybVoq+yCFrzBddX295lJoIPHQe+Avv Nvrz8zaWMHio/4foJt2YmzLwZWc311Q0u87kpIOWJVQwrcJ7F8XEGs/Nf9O3HYyt AcKDISut5CFjgg6uJ5fASAHKEKbmG8QpfgN2Pkp6H2EjO8PZ8F9byaW84CfBbPIX -----END CERTIFICATE-----Generated at Mon Mar 2 04:49:03 2026 by rpki-client