$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa File: 3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa (raw, json) Hash identifier: KdJvcPeDsOZ+BJoWuQRlSV6VANqoUPeEX3cWo51RCu4= Subject key identifier: E8:28:27:4B:59:CE:00:31:BE:80:A2:DC:28:0A:F9:46:16:23:C5:E4 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 64189C07A49D4CA9F830A09F206EE0785DDDB682 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa Signing time: Tue 24 Feb 2026 00:00:31 +0000 ROA not before: Tue 24 Feb 2026 00:00:31 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.224.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:01:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:18:9c:07:a4:9d:4c:a9:f8:30:a0:9f:20:6e:e0:78:5d:dd:b6:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Feb 24 00:00:31 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=a29c9eb248371fb171418921ee5b077fa19b5263a5e611fd9cff80833893bfcb, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:2f:91:df:b5:25:78:70:c5:6e:75:0a:ba:ba: 33:71:8f:a8:7c:73:bb:e2:cc:d0:17:75:4b:d1:7c: 0d:ea:ac:a7:6d:8d:cb:a9:45:1c:2c:78:84:14:ff: d8:cd:4a:e9:c9:78:6e:17:be:39:c4:53:24:16:72: 3c:9e:ca:b8:d4:04:06:ad:11:a4:41:67:a7:7b:19: 7c:0b:63:75:e5:79:4d:f8:d9:25:a2:4d:c6:89:38: a4:4d:01:a2:1a:cd:fa:ca:cd:be:0e:05:56:65:96: f5:c8:78:c0:5b:50:3f:dc:8b:56:a3:56:88:14:35: 2d:3f:d3:99:2d:28:87:fd:52:b3:79:cf:af:7b:3d: 15:e5:c4:af:b0:54:65:44:1f:dd:4a:b0:c5:6d:b1: 8b:01:71:22:02:77:24:32:a7:41:38:6d:89:f3:e0: 76:77:27:1b:92:36:1d:f9:6b:4c:41:6c:9c:02:9d: d0:e0:0c:9a:bc:4a:9c:f7:78:03:b2:3f:2c:88:fc: 90:29:9d:42:59:03:17:55:7a:7f:6c:f6:05:7b:e6: fb:fe:2a:9f:8f:1f:79:4e:7d:1a:e9:2f:f5:fd:1a: cb:92:e5:40:9e:56:d3:81:6f:79:20:b7:37:c5:c5: 8c:c1:d3:c2:a2:c4:13:bb:39:83:20:26:de:b1:b7: 32:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:28:27:4B:59:CE:00:31:BE:80:A2:DC:28:0A:F9:46:16:23:C5:E4 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3b940d14-b8c4-4c3d-978f-a1a3b7a0a82c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.224.0/21 Signature Algorithm: sha256WithRSAEncryption 71:47:35:7c:4a:96:ff:c7:e1:8d:cf:ed:08:83:ba:92:54:b3: aa:ec:53:ce:cb:ec:ce:bc:40:4c:85:fc:75:fa:07:8a:cc:09: d1:8b:f2:ce:e6:15:3b:d5:7d:5c:30:6b:a9:24:c7:e7:4b:cb: 27:6a:f1:71:d0:bf:4b:c8:c4:f8:25:cc:9e:e8:81:31:f9:51: 6b:f3:ce:d9:71:e3:7b:8d:ee:db:a9:c3:66:b3:4f:d5:1a:3a: 92:ac:22:a5:71:3b:5e:ba:24:48:20:ab:92:5b:91:2a:e1:58: 79:d6:7c:db:69:11:5f:a9:d8:1c:df:cf:f3:03:ba:a9:78:3d: 47:2c:e6:4c:65:f5:10:18:f3:d8:a0:6c:8c:53:d6:b5:a9:0f: fa:e1:e6:76:fd:8f:d4:ca:51:d4:7a:2d:cd:b4:55:58:95:46: f8:ec:94:17:07:1e:f1:34:c3:03:17:ab:83:79:a7:6b:17:73: ff:11:72:63:8f:af:7b:28:f8:7e:25:e3:b6:fa:b7:25:9d:ce: a0:1d:5b:97:69:a7:6d:8b:b0:67:c1:1c:ca:2d:10:6b:34:0a: 53:06:1b:33:27:94:ea:3f:7a:f2:e1:08:56:a0:15:fd:38:64: 4c:53:e1:b6:69:09:ac:9c:08:5b:2e:a7:1c:e5:8e:4c:0d:b0: 61:c6:c3:b8 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUZBicB6SdTKn4MKCfIG7geF3dtoIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI2MDIyNDAwMDAzMVoX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAYTI5YzllYjI0ODM3MWZiMTcxNDE4 OTIxZWU1YjA3N2ZhMTliNTI2M2E1ZTYxMWZkOWNmZjgwODMzODkzYmZjYjEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxC+R37UleHDFbnUKurozcY+ofHO7 4szQF3VL0XwN6qynbY3LqUUcLHiEFP/YzUrpyXhuF745xFMkFnI8nsq41AQGrRGk QWenexl8C2N15XlN+Nklok3GiTikTQGiGs36ys2+DgVWZZb1yHjAW1A/3ItWo1aI FDUtP9OZLSiH/VKzec+vez0V5cSvsFRlRB/dSrDFbbGLAXEiAnckMqdBOG2J8+B2 dycbkjYd+WtMQWycAp3Q4AyavEqc93gDsj8siPyQKZ1CWQMXVXp/bPYFe+b7/iqf jx95Tn0a6S/1/RrLkuVAnlbTgW95ILc3xcWMwdPCosQTuzmDICbesbcytQIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFOgoJ0tZzgAxvoCi3CgK+UYWI8XkMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzNiOTQwZDE0LWI4YzQtNGMzZC05NzhmLWExYTNiN2EwYTgyYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDryngMA0GCSqGSIb3DQEBCwUAA4IBAQBxRzV8Spb/x+GNz+0Ig7qS VLOq7FPOy+zOvEBMhfx1+geKzAnRi/LO5hU71X1cMGupJMfnS8snavFx0L9LyMT4 Jcye6IEx+VFr887ZceN7je7bqcNms0/VGjqSrCKlcTteuiRIIKuSW5Eq4Vh51nzb aRFfqdgc38/zA7qpeD1HLOZMZfUQGPPYoGyMU9a1qQ/64eZ2/Y/UylHUei3NtFVY lUb47JQXBx7xNMMDF6uDeadrF3P/EXJjj697KPh+JeO2+rclnc6gHVuXaadti7Bn wRzKLRBrNApTBhszJ5TqP3ry4QhWoBX9OGRMU+G2aQmsnAhbLqcc5Y5MDbBhxsO4 -----END CERTIFICATE-----Generated at Mon Mar 2 09:54:48 2026 by rpki-client