$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa File: 3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa (raw, json) Hash identifier: SekGmHDfoGXj5vE4Zm57ePrlctkbgwVHEgjShmndD3o= Subject key identifier: 43:22:C1:FF:3E:25:47:17:F4:B6:80:77:DF:E2:6E:CF:26:9A:D9:56 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 24BDE5592B68660D8313DF39696634C47D305ACA Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa Signing time: Fri 15 May 2026 00:00:14 +0000 ROA not before: Fri 15 May 2026 00:00:14 +0000 ROA not after: Thu 13 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 175.41.136.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Jun 2026 00:07:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:bd:e5:59:2b:68:66:0d:83:13:df:39:69:66:34:c4:7d:30:5a:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: May 15 00:00:14 2026 GMT Not After : Aug 13 23:59:59 2026 GMT Subject: serialNumber=78b81d71738dbab549996dc118eff418b1e5624ff4a1cefedb60ec5d44bf2eb5, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:ba:9f:ad:ac:2e:2d:0b:92:87:8e:02:d2:6f: c0:ab:4a:d9:30:c1:10:2c:b0:35:75:98:9d:93:8b: 13:58:bb:c1:12:87:75:39:86:e7:a6:40:3e:b5:e5: 9f:d4:9b:f3:85:1e:97:ab:75:e8:d1:54:ab:94:e8: 37:a0:34:d0:6f:35:85:e6:e9:fa:3c:36:f3:0c:df: e4:af:76:1b:fe:6e:77:cf:f1:f7:34:d2:1f:28:fe: e9:98:84:d0:4c:67:22:6e:f3:a0:38:c7:82:fb:fc: 24:bf:bb:14:31:04:cc:15:9d:fe:37:d3:43:38:2a: 0f:da:d8:0d:b9:10:aa:34:18:e1:ac:b1:8e:de:79: c5:db:9d:cf:0d:f1:48:3d:c3:d2:5e:ca:1c:b0:01: 4b:e8:ef:f4:1d:04:17:e1:b6:96:69:9c:1a:8d:9c: 09:05:6c:e4:33:ef:b9:30:33:11:58:5b:f5:aa:ae: cc:9d:b0:fc:c2:ed:53:6a:3b:86:ef:39:ec:d2:9e: 09:a9:fa:47:dd:fe:7b:0f:44:76:2f:08:c1:6e:94: 8a:4b:94:8c:e5:23:87:fe:69:31:85:04:c9:20:b9: b0:e1:f6:dd:73:d7:32:7f:df:97:d2:1e:6e:b0:d7: b0:b5:2a:1f:44:f7:db:44:43:79:03:fa:f1:03:7a: 36:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:22:C1:FF:3E:25:47:17:F4:B6:80:77:DF:E2:6E:CF:26:9A:D9:56 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3b8557c0-d5ee-4f9d-80ac-e41a37ffff27.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 175.41.136.0/21 Signature Algorithm: sha256WithRSAEncryption 6b:83:bb:52:d7:a4:fb:5e:da:19:d4:b5:e6:a7:7b:5c:6c:e1: be:4e:a3:07:7c:50:81:87:9f:14:ee:34:8a:eb:6d:9a:fa:51: 1a:6f:3b:a0:10:9a:84:c7:4b:11:ff:f0:4f:f5:5d:6e:cd:83: 82:ff:8b:eb:7a:98:cf:11:f0:b4:91:12:75:ba:6b:cc:02:2a: 22:46:dd:6d:76:2f:11:86:63:52:b9:37:a1:b7:4a:b1:76:02: e4:85:f2:51:7e:1f:75:1a:5f:99:18:26:ed:d4:8b:b4:2a:dd: 02:7b:cd:7c:aa:a3:42:01:33:3a:ed:78:7b:38:cc:99:d8:b2: 5a:52:67:ac:14:23:e9:29:18:d1:ed:d7:da:a1:00:1d:4e:2f: b3:51:38:5c:5f:43:1c:0c:cd:9b:0b:d6:5b:2c:1f:49:80:ff: fe:cd:05:a9:89:67:40:f5:7a:b3:f2:9c:2b:31:b8:e8:09:67: d4:60:6d:ea:b0:ae:de:79:d4:42:5e:ac:00:74:e9:d2:b1:a3: 29:04:a5:10:40:06:e3:51:77:c0:d1:a7:39:be:e5:8f:8c:59: ec:7f:93:a2:d3:78:32:1e:87:35:b2:47:3b:9f:4f:7e:a1:26: 88:36:60:27:87:da:ed:10:8d:04:c6:ef:2a:a9:61:46:e5:dd: ca:25:d2:da -----BEGIN CERTIFICATE----- MIIFnDCCBISgAwIBAgIUJL3lWStoZg2DE985aWY0xH0wWsowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI2MDUxNTAwMDAxNFoX DTI2MDgxMzIzNTk1OVowejFJMEcGA1UEBRNANzhiODFkNzE3MzhkYmFiNTQ5OTk2 ZGMxMThlZmY0MThiMWU1NjI0ZmY0YTFjZWZlZGI2MGVjNWQ0NGJmMmViNTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLqfrawuLQuSh44C0m/Aq0rZMMEQ LLA1dZidk4sTWLvBEod1OYbnpkA+teWf1JvzhR6Xq3Xo0VSrlOg3oDTQbzWF5un6 PDbzDN/kr3Yb/m53z/H3NNIfKP7pmITQTGcibvOgOMeC+/wkv7sUMQTMFZ3+N9ND OCoP2tgNuRCqNBjhrLGO3nnF253PDfFIPcPSXsocsAFL6O/0HQQX4baWaZwajZwJ BWzkM++5MDMRWFv1qq7MnbD8wu1TajuG7zns0p4JqfpH3f57D0R2LwjBbpSKS5SM 5SOH/mkxhQTJILmw4fbdc9cyf9+X0h5usNewtSofRPfbREN5A/rxA3o2VwIDAQAB o4ICSDCCAkQwHQYDVR0OBBYEFEMiwf8+JUcX9LaAd9/ibs8mmtlWMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzNiODU1N2MwLWQ1ZWUtNGY5ZC04MGFjLWU0MWEzN2ZmZmYyNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQDrymIMA0GCSqGSIb3DQEBCwUAA4IBAQBrg7tS16T7XtoZ1LXmp3tc bOG+TqMHfFCBh58U7jSK622a+lEabzugEJqEx0sR//BP9V1uzYOC/4vrepjPEfC0 kRJ1umvMAioiRt1tdi8RhmNSuTeht0qxdgLkhfJRfh91Gl+ZGCbt1Iu0Kt0Ce818 qqNCATM67Xh7OMyZ2LJaUmesFCPpKRjR7dfaoQAdTi+zUThcX0McDM2bC9ZbLB9J gP/+zQWpiWdA9Xqz8pwrMbjoCWfUYG3qsK7eedRCXqwAdOnSsaMpBKUQQAbjUXfA 0ac5vuWPjFnsf5Oi03gyHoc1skc7n09+oSaINmAnh9rtEI0Exu8qqWFG5d3KJdLa -----END CERTIFICATE-----Generated at Wed Jun 17 12:23:24 2026 by rpki-client