$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa File: 9b59fbe4-f242-4dbf-9964-15048c3da996.roa (raw, json) Hash identifier: dvqZyjDP4DM17H4iP9qadmlu63zU1PZlX4eNeTdhr54= Subject key identifier: 0A:D3:72:39:BF:32:81:5E:5C:4B:93:66:34:C4:FA:F3:32:3F:26:14 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 243979BCA2ABA528ECA30F7C6D8E2706F7E85750 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa Signing time: Tue 24 Feb 2026 00:00:31 +0000 ROA not before: Tue 24 Feb 2026 00:00:31 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 103.4.8.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:01:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:39:79:bc:a2:ab:a5:28:ec:a3:0f:7c:6d:8e:27:06:f7:e8:57:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Feb 24 00:00:31 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=0c30c8ff80c15071257fad02b6d2afdd765465f7e18bbccce395a41db2846fa4, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:36:5a:e8:7d:2b:b4:23:fb:94:cf:a8:18:28: f0:4c:b2:90:b6:21:4a:26:97:66:c0:a9:74:de:12: cb:6b:3a:1c:12:d5:4e:09:70:5a:b3:1b:50:70:d0: ee:fd:91:8c:e7:34:f5:db:75:9b:dd:2c:42:42:ca: 3e:6d:5d:39:49:91:45:33:4e:b9:b6:35:1e:b9:83: 6e:75:b4:71:1d:29:16:12:81:32:13:e1:b3:c5:f8: 48:e1:3e:28:24:1a:97:40:2c:10:d0:63:71:1f:2e: ee:5a:08:1a:e5:94:94:3d:84:a2:b3:12:8b:33:c9: e0:5a:23:d9:69:15:5f:05:22:d4:15:57:58:a3:ac: c5:9a:24:f2:bc:0f:ca:77:ae:97:72:01:3b:ff:53: 05:cf:18:18:8d:ec:83:e1:43:4d:ee:35:73:af:e9: e4:b4:84:e1:a4:14:ca:f3:7d:93:7e:99:54:e1:49: 53:5b:52:9c:8b:fd:87:0a:46:89:e8:94:45:7c:d6: cd:69:3c:0f:0e:b5:b8:9d:dd:a5:6d:50:2b:c7:f7: 94:6b:80:88:d3:f3:d6:a2:ec:ee:5c:ad:bd:75:36: e9:e4:df:79:82:17:51:30:60:3b:36:bd:e5:71:23: 7e:59:86:f7:ef:d3:b7:e9:3a:c5:35:98:1b:61:62: 3e:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:D3:72:39:BF:32:81:5E:5C:4B:93:66:34:C4:FA:F3:32:3F:26:14 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/9b59fbe4-f242-4dbf-9964-15048c3da996.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 103.4.8.0/21 Signature Algorithm: sha256WithRSAEncryption 1f:c6:db:3f:ea:dd:6c:fc:af:26:03:0a:bd:c6:31:21:ff:65: 1c:9d:e6:95:2e:ed:9e:05:ef:56:d1:1b:12:e4:47:29:78:60: 92:55:06:26:f5:1f:9c:23:b2:37:e8:11:1d:82:41:9e:55:c7: 6f:c7:26:d7:6b:51:7a:45:a2:1d:e0:8f:78:1e:d5:40:c9:c2: b7:c5:ab:70:eb:58:55:14:d0:c2:e0:8b:7a:1d:c8:73:ba:67: be:13:bf:7a:ff:3c:17:e2:5b:4e:28:27:69:72:37:81:af:df: d5:f2:e7:9c:72:69:ed:78:a8:b1:98:66:1b:ab:ad:2e:00:6c: fb:cb:1b:11:17:55:72:da:0b:b2:59:d7:20:53:28:b8:90:42: 45:0e:8d:72:55:a5:3a:98:91:af:ca:2d:a8:a7:c6:89:24:c2: 13:48:a1:aa:f0:05:56:75:ef:35:93:d2:0a:f6:53:0e:5d:3b: bd:18:b1:c5:ab:94:25:6b:70:1c:62:04:96:94:08:6c:43:33: b0:9b:2f:6a:b9:56:6e:52:51:d8:d8:73:56:76:19:bb:0e:63: 4a:8d:68:50:77:10:f3:c6:45:a3:61:81:99:b7:cd:9b:81:74: b0:22:f1:2a:9e:d9:cb:3f:63:58:e0:32:b1:70:2c:fd:23:5c: 96:20:28:f6 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUJDl5vKKrpSjsow98bY4nBvfoV1AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI2MDIyNDAwMDAzMVoX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAMGMzMGM4ZmY4MGMxNTA3MTI1N2Zh ZDAyYjZkMmFmZGQ3NjU0NjVmN2UxOGJiY2NjZTM5NWE0MWRiMjg0NmZhNDEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1DZa6H0rtCP7lM+oGCjwTLKQtiFK JpdmwKl03hLLazocEtVOCXBasxtQcNDu/ZGM5zT123Wb3SxCQso+bV05SZFFM065 tjUeuYNudbRxHSkWEoEyE+GzxfhI4T4oJBqXQCwQ0GNxHy7uWgga5ZSUPYSisxKL M8ngWiPZaRVfBSLUFVdYo6zFmiTyvA/Kd66XcgE7/1MFzxgYjeyD4UNN7jVzr+nk tIThpBTK832TfplU4UlTW1Kci/2HCkaJ6JRFfNbNaTwPDrW4nd2lbVArx/eUa4CI 0/PWouzuXK29dTbp5N95ghdRMGA7Nr3lcSN+WYb379O36TrFNZgbYWI+0QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFArTcjm/MoFeXEuTZjTE+vMyPyYUMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzliNTlmYmU0LWYyNDItNGRiZi05OTY0LTE1MDQ4YzNkYTk5Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDZwQIMA0GCSqGSIb3DQEBCwUAA4IBAQAfxts/6t1s/K8mAwq9xjEh /2UcneaVLu2eBe9W0RsS5EcpeGCSVQYm9R+cI7I36BEdgkGeVcdvxybXa1F6RaId 4I94HtVAycK3xatw61hVFNDC4It6Hchzume+E796/zwX4ltOKCdpcjeBr9/V8uec cmnteKixmGYbq60uAGz7yxsRF1Vy2guyWdcgUyi4kEJFDo1yVaU6mJGvyi2op8aJ JMITSKGq8AVWde81k9IK9lMOXTu9GLHFq5Qla3AcYgSWlAhsQzOwmy9quVZuUlHY 2HNWdhm7DmNKjWhQdxDzxkWjYYGZt82bgXSwIvEqntnLP2NY4DKxcCz9I1yWICj2 -----END CERTIFICATE-----Generated at Mon Mar 2 07:07:29 2026 by rpki-client