$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/b3ba338e-4843-454b-abe5-65f09756225a.roa File: b3ba338e-4843-454b-abe5-65f09756225a.roa (raw, json) Hash identifier: IfPsINwRrxd34VBeRIe+GE50/CjGcoN/iwF7+EVNuzM= Subject key identifier: DD:A0:94:44:D9:68:26:74:FB:EA:F5:38:A1:99:98:3D:43:30:7F:0A Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 785D89D4F6D40C7DBD15D0B968488D1B07DD50F1 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/b3ba338e-4843-454b-abe5-65f09756225a.roa Signing time: Tue 24 Feb 2026 00:00:30 +0000 ROA not before: Tue 24 Feb 2026 00:00:30 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.192.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:01:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:5d:89:d4:f6:d4:0c:7d:bd:15:d0:b9:68:48:8d:1b:07:dd:50:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Feb 24 00:00:30 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=d68db6c18d827bb41b47004c74286a1f7f5605daed91bb5bd8120b073e512c51, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:8e:35:78:d8:a6:37:c7:ba:37:85:75:f8:82: e0:67:af:5b:0b:1a:e4:a6:a0:8b:5d:8e:65:b0:fd: 72:75:e8:7c:dd:48:63:b9:93:58:6a:7a:ef:36:77: 3e:1b:f5:3b:0b:9e:41:35:2b:e6:92:82:01:d4:35: 9b:80:76:33:83:80:b7:ee:5b:fe:03:20:9f:b2:58: d8:ca:f9:81:f5:38:7c:69:7c:44:5b:64:cc:4a:fd: 5c:2b:4e:ed:86:f1:40:41:f6:f5:b5:01:14:01:dc: bf:2f:7c:66:9c:4d:23:2e:a6:a7:0d:4f:a0:6c:ae: 38:37:ea:7c:3a:47:e7:33:2d:0b:e0:26:af:6a:2b: a0:f2:ed:ab:e3:15:da:0c:92:a5:48:8c:a0:ab:33: 6b:e5:5b:14:ab:15:fd:e0:d2:86:5d:f6:2f:c7:72: 23:09:f5:dc:71:b2:54:55:5d:f1:62:7b:62:ee:ca: 4d:9d:9b:93:3f:ea:f9:4d:b2:c3:38:05:89:68:fb: 41:1f:73:d7:e0:58:74:36:ac:ef:d9:b2:2e:0c:9e: 07:82:94:54:6d:a7:d5:10:76:34:6f:97:77:1e:a4: a4:fc:5d:f9:54:d2:95:64:8a:3e:61:77:4f:e8:ff: 6c:9e:81:0c:8c:e6:e0:c6:87:e6:b4:f9:86:f2:e2: 49:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:A0:94:44:D9:68:26:74:FB:EA:F5:38:A1:99:98:3D:43:30:7F:0A X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/b3ba338e-4843-454b-abe5-65f09756225a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.192.0/24 Signature Algorithm: sha256WithRSAEncryption 65:55:0d:70:db:f9:e6:05:23:bd:9d:84:53:ac:0a:9b:73:88: 6b:6e:18:b5:0a:47:c3:7e:a9:2f:c2:48:88:a9:4a:4a:9c:e4: b7:14:c5:bf:ae:71:32:f4:42:74:0d:eb:c9:ca:59:12:2a:a1: 5e:51:b8:22:f7:18:fc:af:00:c3:82:da:fa:ce:ac:94:5a:2d: a3:dd:76:86:3f:54:db:a0:b5:b8:c6:bd:b9:c2:8f:8c:bd:4b: 86:1f:38:ac:aa:fd:ca:87:40:5b:c1:1e:a4:6b:37:bb:50:bf: 77:61:27:d0:c4:0a:af:95:89:e1:a0:e3:b5:0c:f7:f6:fe:ef: 8f:a7:16:51:f5:33:d6:7d:d9:02:7c:2c:4a:94:ee:92:88:91: f2:34:8f:bf:4a:b1:e9:45:02:9f:35:d8:f8:02:53:1b:a1:1f: ea:42:45:60:64:6f:27:47:05:dc:ad:fd:6b:dd:06:34:5d:18: e6:08:60:79:a4:cd:58:5e:54:dd:30:fb:3e:e0:10:7a:d8:d0: b0:a6:65:26:f1:76:d4:0a:25:a0:01:ec:f8:ae:e6:1c:10:ce: db:b5:07:e8:f1:36:b5:11:a1:53:80:56:67:b8:ce:df:6f:da: 5f:74:b2:16:01:d0:a2:00:fd:43:d7:de:38:a2:a3:79:03:86: 19:bb:8a:e4 -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUeF2J1PbUDH29FdC5aEiNGwfdUPEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI2MDIyNDAwMDAzMFoX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAZDY4ZGI2YzE4ZDgyN2JiNDFiNDcw MDRjNzQyODZhMWY3ZjU2MDVkYWVkOTFiYjViZDgxMjBiMDczZTUxMmM1MTEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApY41eNimN8e6N4V1+ILgZ69bCxrk pqCLXY5lsP1ydeh83UhjuZNYanrvNnc+G/U7C55BNSvmkoIB1DWbgHYzg4C37lv+ AyCfsljYyvmB9Th8aXxEW2TMSv1cK07thvFAQfb1tQEUAdy/L3xmnE0jLqanDU+g bK44N+p8OkfnMy0L4Cavaiug8u2r4xXaDJKlSIygqzNr5VsUqxX94NKGXfYvx3Ij CfXccbJUVV3xYnti7spNnZuTP+r5TbLDOAWJaPtBH3PX4Fh0Nqzv2bIuDJ4HgpRU bafVEHY0b5d3HqSk/F35VNKVZIo+YXdP6P9snoEMjObgxofmtPmG8uJJ1QIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFN2glETZaCZ0++r1OKGZmD1DMH8KMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2IzYmEzMzhlLTQ4NDMtNDU0Yi1hYmU1LTY1ZjA5NzU2MjI1YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQArynAMA0GCSqGSIb3DQEBCwUAA4IBAQBlVQ1w2/nmBSO9nYRTrAqb c4hrbhi1CkfDfqkvwkiIqUpKnOS3FMW/rnEy9EJ0DevJylkSKqFeUbgi9xj8rwDD gtr6zqyUWi2j3XaGP1TboLW4xr25wo+MvUuGHzisqv3Kh0BbwR6kaze7UL93YSfQ xAqvlYnhoOO1DPf2/u+PpxZR9TPWfdkCfCxKlO6SiJHyNI+/SrHpRQKfNdj4AlMb oR/qQkVgZG8nRwXcrf1r3QY0XRjmCGB5pM1YXlTdMPs+4BB62NCwpmUm8XbUCiWg Aez4ruYcEM7btQfo8Ta1EaFTgFZnuM7fb9pfdLIWAdCiAP1D1944oqN5A4YZu4rk -----END CERTIFICATE-----Generated at Mon Mar 2 10:33:48 2026 by rpki-client