$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa File: cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa (raw, json) Hash identifier: NlFUv6dJwsR3RjMmUp1VN/OlvhJ1TaIgnS+8Z9Ov1Us= Subject key identifier: 30:02:F5:A6:1B:4C:0F:2A:52:44:FA:77:3D:0F:6D:1A:64:03:02:2F Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 7F1376ACF0BD52B34E6699E41A65EB636AAC6505 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa Signing time: Fri 06 Feb 2026 00:00:31 +0000 ROA not before: Fri 06 Feb 2026 00:00:31 +0000 ROA not after: Thu 07 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:13:76:ac:f0:bd:52:b3:4e:66:99:e4:1a:65:eb:63:6a:ac:65:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Feb 6 00:00:31 2026 GMT Not After : May 7 23:59:59 2026 GMT Subject: serialNumber=ab4c8434ef98a69122c249194bb3625dba685519f3a36338095719c422f1ce2b, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:d4:78:ea:4b:ac:c9:84:43:ea:2f:31:03:c8: 9c:af:60:a5:44:0d:82:25:bf:80:84:18:e5:64:2b: e9:df:7e:49:f9:ec:59:2c:ef:ab:fe:62:eb:59:8c: 37:3a:2e:31:4e:c0:f7:3d:4a:e0:3c:fd:af:8e:f1: a7:48:76:2e:a2:34:0e:5e:36:a4:d6:e3:3d:8e:8e: 6b:a7:69:82:72:f2:0f:93:6e:a3:5f:14:d2:f4:02: 01:89:a0:38:2d:23:e6:8e:92:b9:4a:fc:28:e5:e5: 74:66:e5:46:bb:9c:16:68:ea:2e:e5:15:24:4b:5d: 71:f3:46:b6:e5:4e:af:67:08:04:87:3b:83:25:3d: 53:a6:4b:7a:0b:d1:f1:49:b6:63:b2:b3:36:d0:4b: 10:1f:7a:1b:6b:46:fe:fa:24:21:d1:33:6c:85:6f: 2e:39:f1:71:66:46:15:48:ed:31:5b:31:c8:cf:d9: d4:57:76:fc:3d:b3:9d:c4:6e:87:17:ec:c2:e8:d0: 4b:1f:2f:75:71:a0:92:8f:f8:7b:fd:87:84:87:8c: 0f:e4:09:35:a8:1d:dc:21:6b:d5:f7:0f:37:55:58: b1:0c:fa:3b:a7:e5:3a:65:3b:5f:8a:0c:07:69:54: ca:a0:8c:d5:2c:62:3b:aa:3c:81:ec:06:a1:a6:07: a9:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:02:F5:A6:1B:4C:0F:2A:52:44:FA:77:3D:0F:6D:1A:64:03:02:2F X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500::/32 Signature Algorithm: sha256WithRSAEncryption 6f:71:bd:48:8a:a4:70:ed:bf:eb:3e:a5:dc:db:ed:72:ff:47: 37:d4:d7:84:bb:28:f4:e8:42:bf:1d:40:26:1f:69:c2:ea:57: 2e:86:7c:f3:8b:29:93:ae:23:15:58:8f:10:5f:ae:81:ee:8c: a8:9c:18:b6:bf:cd:e4:61:ce:7f:97:47:0c:38:8b:2f:f4:35: b6:65:46:82:07:4c:26:a3:43:09:73:ae:3e:56:6d:b1:5a:a3: 0a:35:9e:a4:4e:b2:3c:12:5f:54:b8:9e:70:fb:c2:49:66:6c: 4f:f1:98:d7:4e:7b:14:ab:ef:8d:68:f7:11:8a:32:88:54:a5: 08:4a:a9:18:08:5b:5f:c6:72:fc:36:41:50:6f:97:ad:e6:41: 0f:25:60:ce:c0:a2:b2:91:73:3f:91:4b:c6:90:41:da:f6:ec: 5f:6b:be:b6:e9:4b:e8:52:29:7f:cb:52:9e:d4:d2:32:79:af: da:4e:8a:a6:a2:4f:e4:10:2d:5b:92:79:b5:eb:34:fd:9a:e2: f7:de:82:28:0e:99:f9:90:c4:4a:ed:31:ca:14:74:01:fa:6b: 93:0b:c5:72:49:b4:b5:de:8f:fb:df:94:85:50:a1:b5:f4:b4: 6c:9d:10:7e:cc:95:e5:90:9b:80:ef:60:c2:13:21:a4:f0:a3: 26:70:1d:e6 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUfxN2rPC9UrNOZpnkGmXrY2qsZQUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI2MDIwNjAwMDAzMVoX DTI2MDUwNzIzNTk1OVowejFJMEcGA1UEBRNAYWI0Yzg0MzRlZjk4YTY5MTIyYzI0 OTE5NGJiMzYyNWRiYTY4NTUxOWYzYTM2MzM4MDk1NzE5YzQyMmYxY2UyYjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztR46kusyYRD6i8xA8icr2ClRA2C Jb+AhBjlZCvp335J+exZLO+r/mLrWYw3Oi4xTsD3PUrgPP2vjvGnSHYuojQOXjak 1uM9jo5rp2mCcvIPk26jXxTS9AIBiaA4LSPmjpK5Svwo5eV0ZuVGu5wWaOou5RUk S11x80a25U6vZwgEhzuDJT1Tpkt6C9HxSbZjsrM20EsQH3oba0b++iQh0TNshW8u OfFxZkYVSO0xWzHIz9nUV3b8PbOdxG6HF+zC6NBLHy91caCSj/h7/YeEh4wP5Ak1 qB3cIWvV9w83VVixDPo7p+U6ZTtfigwHaVTKoIzVLGI7qjyB7AahpgepwwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFDAC9aYbTA8qUkT6dz0PbRpkAwIvMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NlYmVmMzIyLTQ2MGMtNGY2ZS04YThhLTJmNGI0MWRlYmQ5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABlADANBgkqhkiG9w0BAQsFAAOCAQEAb3G9SIqkcO2/6z6l3Nvt cv9HN9TXhLso9OhCvx1AJh9pwupXLoZ884spk64jFViPEF+uge6MqJwYtr/N5GHO f5dHDDiLL/Q1tmVGggdMJqNDCXOuPlZtsVqjCjWepE6yPBJfVLiecPvCSWZsT/GY 1057FKvvjWj3EYoyiFSlCEqpGAhbX8Zy/DZBUG+XreZBDyVgzsCispFzP5FLxpBB 2vbsX2u+tulL6FIpf8tSntTSMnmv2k6KpqJP5BAtW5J5tes0/Zri996CKA6Z+ZDE Su0xyhR0AfprkwvFckm0td6P+9+UhVChtfS0bJ0QfsyV5ZCbgO9gwhMhpPCjJnAd 5g== -----END CERTIFICATE-----Generated at Sun Mar 1 21:43:53 2026 by rpki-client