$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0bf15d3f-c546-4bb6-a764-82165c384d37.roa File: 0bf15d3f-c546-4bb6-a764-82165c384d37.roa (raw, json) Hash identifier: 3/O173PHBuIz6mu8xF4BBpQyuSSXG31gIN+dAztx7tU= Subject key identifier: E5:2C:1E:4E:9A:32:EB:FA:85:8C:04:9C:5F:8A:F2:B5:FE:5F:40:F6 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 610661E5C8A7024D5C0BF161D96CE1A841754EA3 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0bf15d3f-c546-4bb6-a764-82165c384d37.roa Signing time: Tue 24 Feb 2026 00:00:25 +0000 ROA not before: Tue 24 Feb 2026 00:00:25 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.200.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:06:61:e5:c8:a7:02:4d:5c:0b:f1:61:d9:6c:e1:a8:41:75:4e:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Feb 24 00:00:25 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=ee11ff747df1156e74787c9dfba3b5d282511c0fed2bfb5984f084070c4e8bd8, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:57:4c:63:75:e8:7d:63:ad:eb:84:24:31:fb: f9:88:b9:3b:2f:0c:2b:f4:4d:64:2d:a7:4d:36:18: d9:f5:22:80:cb:94:71:36:ed:29:23:97:41:d2:04: f5:c8:7f:1e:0e:b0:8f:ea:b7:12:33:e0:da:d1:ee: 59:5b:68:27:5b:71:d6:7c:79:52:7b:16:71:c9:d3: c5:76:12:76:be:70:92:5e:80:c3:d0:7a:40:74:bc: 30:14:4d:1a:8f:da:64:bf:33:91:1f:46:51:37:03: 51:fa:04:96:13:00:89:d5:94:fd:1f:1b:be:3c:8c: f2:de:fc:57:2b:75:c1:55:eb:f0:a1:1c:e2:64:02: 8f:b3:99:cf:c3:d7:8a:03:3a:f7:ae:74:4b:a8:81: 93:b5:54:d2:5b:bd:07:a1:55:a8:36:01:08:24:53: 1e:4a:d2:08:bc:12:1a:12:53:b1:70:85:26:5b:01: 00:87:3d:67:e4:7c:ab:e8:44:e4:a9:89:f0:97:35: ab:9f:a3:fe:53:07:09:6d:83:27:23:c9:64:4e:d7: 16:cf:7e:c6:74:35:76:eb:f2:38:34:96:58:71:c4: 02:da:c8:67:44:96:ed:bc:65:4d:82:cc:e1:dc:ef: 61:fe:19:ad:99:f2:15:0b:01:45:47:42:39:19:99: 4e:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:2C:1E:4E:9A:32:EB:FA:85:8C:04:9C:5F:8A:F2:B5:FE:5F:40:F6 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/0bf15d3f-c546-4bb6-a764-82165c384d37.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.200.0/21 Signature Algorithm: sha256WithRSAEncryption 68:6f:28:34:cf:7b:b3:84:47:98:d0:fa:13:e8:58:3a:3e:f3: 62:b1:7d:8e:d4:f8:32:f1:e9:1f:42:15:b3:a9:d4:40:b9:1c: fa:30:83:46:f9:ef:8a:0e:96:5c:01:49:07:17:3c:9d:be:d3: 42:60:03:9f:64:0a:01:85:ef:12:2e:ee:60:00:9e:5f:3e:a7: 5b:94:d0:22:7a:34:44:5f:39:77:39:40:a7:7e:37:bf:68:13: e1:b3:01:32:16:4a:2f:c7:e2:75:7f:c7:99:8a:74:60:a6:fa: ea:0f:09:21:3f:19:fc:43:da:c3:7f:d3:70:a1:49:54:c9:31: 98:65:06:b7:f9:23:48:f7:6d:5a:e5:34:a4:fa:4e:6c:df:c7: 8b:73:eb:2c:c4:e0:85:f1:43:ae:fa:56:b6:d2:33:a0:fa:84: 12:a0:c9:94:7b:33:94:da:89:0f:d8:7a:0c:d6:6f:a3:3d:20: 0c:86:92:2e:63:86:e7:c9:a0:19:1a:de:f7:b3:f5:8d:6c:b0: 22:b5:e8:4f:d1:70:04:db:15:47:d6:17:ac:21:d1:9d:2b:2f: 73:67:da:bc:9a:0b:e6:47:11:11:88:ff:9f:8b:1b:75:aa:f5: ad:ed:fb:1f:e3:85:75:bb:42:f1:8f:ee:62:4b:36:ae:6d:75: 39:40:a6:40 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUYQZh5cinAk1cC/Fh2WzhqEF1TqMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI2MDIyNDAwMDAyNVoX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAZWUxMWZmNzQ3ZGYxMTU2ZTc0Nzg3 YzlkZmJhM2I1ZDI4MjUxMWMwZmVkMmJmYjU5ODRmMDg0MDcwYzRlOGJkODEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FdMY3XofWOt64QkMfv5iLk7Lwwr 9E1kLadNNhjZ9SKAy5RxNu0pI5dB0gT1yH8eDrCP6rcSM+Da0e5ZW2gnW3HWfHlS exZxydPFdhJ2vnCSXoDD0HpAdLwwFE0aj9pkvzORH0ZRNwNR+gSWEwCJ1ZT9Hxu+ PIzy3vxXK3XBVevwoRziZAKPs5nPw9eKAzr3rnRLqIGTtVTSW70HoVWoNgEIJFMe StIIvBIaElOxcIUmWwEAhz1n5Hyr6ETkqYnwlzWrn6P+UwcJbYMnI8lkTtcWz37G dDV26/I4NJZYccQC2shnRJbtvGVNgszh3O9h/hmtmfIVCwFFR0I5GZlOywIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFOUsHk6aMuv6hYwEnF+K8rX+X0D2MB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzBiZjE1ZDNmLWM1NDYtNGJiNi1hNzY0LTgyMTY1YzM4NGQzNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDrynIMA0GCSqGSIb3DQEBCwUAA4IBAQBobyg0z3uzhEeY0PoT6Fg6 PvNisX2O1Pgy8ekfQhWzqdRAuRz6MING+e+KDpZcAUkHFzydvtNCYAOfZAoBhe8S Lu5gAJ5fPqdblNAiejREXzl3OUCnfje/aBPhswEyFkovx+J1f8eZinRgpvrqDwkh Pxn8Q9rDf9NwoUlUyTGYZQa3+SNI921a5TSk+k5s38eLc+ssxOCF8UOu+la20jOg +oQSoMmUezOU2okP2HoM1m+jPSAMhpIuY4bnyaAZGt73s/WNbLAitehP0XAE2xVH 1hesIdGdKy9zZ9q8mgvmRxERiP+fixt1qvWt7fsf44V1u0Lxj+5iSzaubXU5QKZA -----END CERTIFICATE-----Generated at Sun Mar 1 21:56:51 2026 by rpki-client