$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa File: e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa (raw, json) Hash identifier: EbVvusiwIRiiG6aIZrh85ZC5dtWbNE/O92xrlXFEtg0= Subject key identifier: 73:F3:CA:0C:EE:12:59:88:BA:3F:59:10:DB:9A:15:F9:C6:7C:2A:52 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 642F225B6A63E7A64A7732B17BAC0022DC4D2314 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa Signing time: Tue 24 Feb 2026 00:00:09 +0000 ROA not before: Tue 24 Feb 2026 00:00:09 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 122.248.232.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:2f:22:5b:6a:63:e7:a6:4a:77:32:b1:7b:ac:00:22:dc:4d:23:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Feb 24 00:00:09 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=51de2f3e1f33179cb1995b0c7d70518b51645e6b75e36d6a0dcb08cae166be9c, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:0f:3b:c2:17:46:6c:8d:a6:51:dd:b4:fd:79: 20:7f:ed:df:b5:2a:c7:b0:4c:38:59:5d:65:8a:6f: 7c:82:46:1f:b5:10:77:9a:29:4f:f4:3b:02:23:37: 77:36:0d:97:9f:ad:a1:a4:ec:93:67:89:f9:62:71: 10:ca:79:01:d4:64:0f:bf:82:40:ad:31:18:83:df: 7c:e6:9e:18:06:12:aa:63:38:f4:a7:6b:65:8c:3f: 60:2a:1f:16:02:9e:46:85:6d:b0:41:4b:4a:42:ba: b6:99:9e:29:dc:bd:b5:a1:fe:63:23:2e:10:b9:32: 7a:ef:6d:79:4a:f2:0f:48:7f:cc:58:c9:0f:ce:87: da:88:9b:01:96:5d:91:d4:bb:a0:73:90:af:52:8e: a9:4d:89:94:02:5d:54:35:ca:0e:07:1b:a3:c9:98: 2f:4a:f4:13:1d:d2:cb:f4:3c:09:96:88:4a:5b:09: bf:bc:d9:2d:b2:19:1d:93:5f:db:56:87:88:06:ab: b9:6b:dc:36:3f:a2:fd:38:e6:56:d8:02:5c:a3:35: ef:67:0b:42:8c:a4:76:09:56:7c:ef:66:fa:f3:8b: 75:6e:34:49:b3:d5:5a:80:c3:39:0a:ea:90:af:66: 1e:a2:58:9f:a7:6c:be:57:6c:e0:6f:7f:ba:aa:22: 1f:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:F3:CA:0C:EE:12:59:88:BA:3F:59:10:DB:9A:15:F9:C6:7C:2A:52 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/e32c9cbd-a241-4df6-99bb-e7d15abe4b3b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 122.248.232.0/21 Signature Algorithm: sha256WithRSAEncryption 4a:11:13:90:04:40:d6:02:a5:4e:bc:6e:4e:19:a3:17:3f:0b: 74:88:fe:5e:a3:0c:3e:9d:8e:4e:43:b2:ea:40:f5:6a:de:36: df:aa:a8:2c:78:19:0b:4e:13:b2:c0:cc:c8:41:c6:04:e0:d1: 20:90:0d:7b:ba:51:4d:e3:5b:c4:dc:ec:d0:76:89:cf:47:d9: 53:02:50:c7:2d:0d:50:48:b5:80:6f:f8:07:4b:89:7f:8e:d7: aa:f0:c9:fd:94:ec:0e:14:8c:be:9a:45:54:1b:54:56:63:20: 66:d6:6a:c7:e7:b6:a5:69:a9:99:9e:d5:7b:b6:92:55:e1:80: d1:66:6c:2f:59:09:63:aa:a9:b6:59:d3:37:d0:3a:42:7e:3e: df:cc:84:73:30:37:df:fd:9a:b5:69:05:eb:1c:6d:92:cf:97: 38:a1:07:ab:39:5f:90:2a:c4:a2:5d:a3:b9:8c:ed:b7:63:56: 55:53:23:6c:6b:8e:78:3f:5b:7e:76:f2:53:61:16:df:94:86: fd:c8:6c:8f:0f:34:0e:db:d9:77:9a:0d:28:6d:0e:fe:99:23: c8:25:0d:5c:94:7c:98:87:48:03:d2:d1:50:f3:d7:6c:b6:d7: 43:e7:fe:b4:6e:06:21:ab:4f:b2:ca:0b:3f:c1:a7:e6:11:3c: 70:3d:c9:61 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUZC8iW2pj56ZKdzKxe6wAItxNIxQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI2MDIyNDAwMDAwOVoX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNANTFkZTJmM2UxZjMzMTc5Y2IxOTk1 YjBjN2Q3MDUxOGI1MTY0NWU2Yjc1ZTM2ZDZhMGRjYjA4Y2FlMTY2YmU5YzEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQ87whdGbI2mUd20/Xkgf+3ftSrH sEw4WV1lim98gkYftRB3milP9DsCIzd3Ng2Xn62hpOyTZ4n5YnEQynkB1GQPv4JA rTEYg9985p4YBhKqYzj0p2tljD9gKh8WAp5GhW2wQUtKQrq2mZ4p3L21of5jIy4Q uTJ67215SvIPSH/MWMkPzofaiJsBll2R1Lugc5CvUo6pTYmUAl1UNcoOBxujyZgv SvQTHdLL9DwJlohKWwm/vNktshkdk1/bVoeIBqu5a9w2P6L9OOZW2AJcozXvZwtC jKR2CVZ872b684t1bjRJs9VagMM5CuqQr2Yeolifp2y+V2zgb3+6qiIfCQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFHPzygzuElmIuj9ZENuaFfnGfCpSMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2UzMmM5Y2JkLWEyNDEtNGRmNi05OWJiLWU3ZDE1YWJlNGIzYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDevjoMA0GCSqGSIb3DQEBCwUAA4IBAQBKEROQBEDWAqVOvG5OGaMX Pwt0iP5eoww+nY5OQ7LqQPVq3jbfqqgseBkLThOywMzIQcYE4NEgkA17ulFN41vE 3OzQdonPR9lTAlDHLQ1QSLWAb/gHS4l/jteq8Mn9lOwOFIy+mkVUG1RWYyBm1mrH 57alaamZntV7tpJV4YDRZmwvWQljqqm2WdM30DpCfj7fzIRzMDff/Zq1aQXrHG2S z5c4oQerOV+QKsSiXaO5jO23Y1ZVUyNsa454P1t+dvJTYRbflIb9yGyPDzQO29l3 mg0obQ7+mSPIJQ1clHyYh0gD0tFQ89dsttdD5/60bgYhq0+yygs/wafmETxwPclh -----END CERTIFICATE-----Generated at Sun Mar 1 21:44:02 2026 by rpki-client