$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3684e50c-c50f-4ebb-b327-e0759241197e.roa File: 3684e50c-c50f-4ebb-b327-e0759241197e.roa (raw, json) Hash identifier: zmCV/d5bpLoSS+zvApJ7r/z/pnc55m95Bh5MUhoeQPU= Subject key identifier: FC:35:F0:C6:8D:F6:CA:11:5E:D9:97:40:8C:E0:49:DF:CC:AA:CB:A1 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 76F0596FAB40F89C1EFA084CF970E2FC39014570 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3684e50c-c50f-4ebb-b327-e0759241197e.roa Signing time: Wed 25 Feb 2026 00:00:05 +0000 ROA not before: Wed 25 Feb 2026 00:00:05 +0000 ROA not after: Tue 26 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:f0:59:6f:ab:40:f8:9c:1e:fa:08:4c:f9:70:e2:fc:39:01:45:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Feb 25 00:00:05 2026 GMT Not After : May 26 23:59:59 2026 GMT Subject: serialNumber=d65a0093ddcae678b616bc32432fb3fb067604e1923ded973d998c24d28267ca, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:f9:f1:4b:46:81:57:75:89:84:3a:ec:af:e9: c3:7b:4f:3f:d1:e2:59:8e:42:5f:9c:5d:cc:0e:9b: d3:2d:e3:df:49:cb:e3:fa:31:e1:2e:3a:b9:04:9f: af:f6:11:5b:9e:3a:e7:1b:9c:e4:48:ec:58:62:1a: b9:dc:e8:8c:28:46:ad:41:62:f0:bf:d7:1b:41:93: f5:2b:1c:ad:8c:fe:ec:b6:31:38:16:3e:3d:b9:16: 4f:33:a5:b7:50:64:89:05:ec:9f:7c:13:ba:6c:23: 09:e8:88:7d:bc:55:d5:98:70:2b:8e:d5:09:c9:20: 8c:50:5e:3a:b9:9d:fb:62:c5:53:92:34:3f:f2:61: b9:96:d9:28:5d:3b:a8:b3:fb:e6:e2:52:64:6b:d0: 55:91:c3:49:05:49:9d:97:10:6d:8d:ec:2c:2d:4a: 85:56:13:10:f1:b6:0a:16:ce:ee:de:bc:8d:68:be: 5b:03:3e:3d:22:48:c6:0d:51:0d:63:64:8d:ee:ce: 70:a1:78:44:ea:3c:87:50:33:aa:15:ff:ad:a8:e3: 2a:66:4a:15:c7:1d:e4:60:b3:4f:3d:a2:35:79:19: 5b:e6:94:7d:47:2a:31:62:f7:2b:2a:f7:4b:35:2a: ef:24:42:75:7d:cd:21:cf:cf:59:6c:43:ee:b1:ab: 8f:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:35:F0:C6:8D:F6:CA:11:5E:D9:97:40:8C:E0:49:DF:CC:AA:CB:A1 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/3684e50c-c50f-4ebb-b327-e0759241197e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500::/48 Signature Algorithm: sha256WithRSAEncryption 3c:c2:82:90:cb:50:4d:e2:aa:4d:11:f4:07:e3:de:2a:7f:c7: 37:26:8e:38:77:40:9a:62:f5:8b:70:ba:2a:9c:2a:b3:21:dd: 14:a1:e6:c2:e3:6e:7f:ef:db:75:6d:d1:f7:3b:5b:ff:9f:d2: ec:27:ea:ca:94:d1:18:6c:ae:dd:aa:a4:00:09:a1:d8:42:43: a3:5d:5a:4c:7f:40:96:67:aa:a1:d3:57:e3:d1:55:d4:22:39: cf:b2:6c:15:33:1e:f0:fd:62:fc:fd:ed:12:f7:14:dc:9a:08: 18:69:d3:78:b1:85:bd:23:ab:d5:fa:78:f2:96:88:0d:31:6d: 5a:16:14:7a:bc:10:84:23:fe:25:99:24:30:e1:bc:ed:ad:f4: 5a:a7:fc:df:3b:bc:cb:20:05:84:50:df:ad:19:35:e5:e9:0a: 78:df:d8:39:0b:d9:51:4c:10:db:34:62:79:1c:30:fc:b4:55: 3c:a3:4c:94:35:11:63:c9:b1:9f:10:48:b7:7d:87:16:97:c6: 8e:04:9c:d0:9b:07:b5:9c:8b:00:d9:10:d9:c8:37:04:28:16: 57:6f:d5:b4:e5:c0:9c:ed:ee:e8:26:cd:e4:91:8f:bf:74:56: 87:2c:99:9a:56:0b:34:df:f4:9b:ac:c1:c3:04:0b:55:91:98: c8:d0:16:84 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUdvBZb6tA+Jwe+ghM+XDi/DkBRXAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI2MDIyNTAwMDAwNVoX DTI2MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAZDY1YTAwOTNkZGNhZTY3OGI2MTZi YzMyNDMyZmIzZmIwNjc2MDRlMTkyM2RlZDk3M2Q5OThjMjRkMjgyNjdjYTEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/nxS0aBV3WJhDrsr+nDe08/0eJZ jkJfnF3MDpvTLePfScvj+jHhLjq5BJ+v9hFbnjrnG5zkSOxYYhq53OiMKEatQWLw v9cbQZP1KxytjP7stjE4Fj49uRZPM6W3UGSJBeyffBO6bCMJ6Ih9vFXVmHArjtUJ ySCMUF46uZ37YsVTkjQ/8mG5ltkoXTuos/vm4lJka9BVkcNJBUmdlxBtjewsLUqF VhMQ8bYKFs7u3ryNaL5bAz49IkjGDVENY2SN7s5woXhE6jyHUDOqFf+tqOMqZkoV xx3kYLNPPaI1eRlb5pR9RyoxYvcrKvdLNSrvJEJ1fc0hz89ZbEPusauPawIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFPw18MaN9soRXtmXQIzgSd/MqsuhMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzM2ODRlNTBjLWM1MGYtNGViYi1iMzI3LWUwNzU5MjQxMTk3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABlAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQA8woKQy1BN4qpNEfQH 494qf8c3Jo44d0CaYvWLcLoqnCqzId0UoebC425/79t1bdH3O1v/n9LsJ+rKlNEY bK7dqqQACaHYQkOjXVpMf0CWZ6qh01fj0VXUIjnPsmwVMx7w/WL8/e0S9xTcmggY adN4sYW9I6vV+njylogNMW1aFhR6vBCEI/4lmSQw4bztrfRap/zfO7zLIAWEUN+t GTXl6Qp439g5C9lRTBDbNGJ5HDD8tFU8o0yUNRFjybGfEEi3fYcWl8aOBJzQmwe1 nIsA2RDZyDcEKBZXb9W05cCc7e7oJs3kkY+/dFaHLJmaVgs03/SbrMHDBAtVkZjI 0BaE -----END CERTIFICATE-----Generated at Mon Mar 2 03:04:07 2026 by rpki-client