$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/018dea0d-42eb-4d58-8914-636d25ca3b3c.roa File: 018dea0d-42eb-4d58-8914-636d25ca3b3c.roa (raw, json) Hash identifier: wDwQSZaA/CXa9HEQXPeN2iqIyErBKcTW/xzv+YJpQQU= Subject key identifier: 8A:9E:55:3F:B3:42:8E:76:26:AF:F8:77:DE:95:6C:28:CF:01:2B:83 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 549C4AFFC69583157A1C6AE6411F9C8177F96EE6 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/018dea0d-42eb-4d58-8914-636d25ca3b3c.roa Signing time: Wed 25 Feb 2026 00:00:50 +0000 ROA not before: Wed 25 Feb 2026 00:00:50 +0000 ROA not after: Tue 26 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018:800::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:9c:4a:ff:c6:95:83:15:7a:1c:6a:e6:41:1f:9c:81:77:f9:6e:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Feb 25 00:00:50 2026 GMT Not After : May 26 23:59:59 2026 GMT Subject: serialNumber=0b337ee71f161f9694f2c37d25c4f0364ca49f71f4b0c1ebc5e05ff3f4ed24c4, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:b5:49:2a:3b:cc:4d:b3:f6:87:76:b0:c4:0d: 36:9d:97:81:49:f6:39:62:44:0d:6d:10:1c:11:a1: 4d:bd:31:91:9c:9e:7d:e5:7e:f0:08:97:40:7e:0e: fa:2a:0e:49:3d:60:1b:05:0d:86:11:1b:e6:b7:c0: 39:14:d7:fe:64:02:3c:05:7c:37:59:08:9b:fd:f6: c8:25:b1:43:53:fc:a6:ed:6b:02:c5:31:b9:a2:32: 9f:03:f5:b6:67:e2:e7:bf:d0:12:a9:c4:b7:18:a5: 93:bd:eb:06:c9:86:50:d0:6b:47:56:44:68:2d:01: 08:71:df:31:50:b4:dd:9d:2a:bc:e2:ad:db:95:3d: cc:e4:1d:36:1c:ae:8d:64:ed:fe:77:dc:89:1b:e3: f2:56:82:26:f1:58:a0:83:97:d6:bc:8b:19:90:eb: d1:4c:f9:21:e2:a9:a8:4c:7f:55:05:c4:eb:8b:84: 64:d9:c6:93:df:e0:e5:66:8c:a3:a0:d5:dd:eb:65: ce:47:66:38:28:35:b3:8e:d5:7d:09:67:e9:ac:da: c0:e0:46:b7:06:b3:f4:16:ae:9f:9d:fd:45:f6:cf: 68:61:71:dc:6b:48:e1:04:5a:1b:df:fa:b5:da:fa: 09:f8:90:81:1e:48:2e:59:33:0d:7d:b3:0f:3e:25: 5a:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:9E:55:3F:B3:42:8E:76:26:AF:F8:77:DE:95:6C:28:CF:01:2B:83 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/018dea0d-42eb-4d58-8914-636d25ca3b3c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018:800::/38 Signature Algorithm: sha256WithRSAEncryption 38:23:cb:61:f8:46:46:32:f8:42:b4:dc:3f:e6:91:a2:87:dd: 11:10:ce:8f:d0:39:e6:d4:6f:68:a1:9e:b3:82:bc:e7:b6:92: 7d:45:b9:8b:2d:ba:ed:a2:a3:d8:c4:d9:cb:f9:45:7c:50:a9: 05:e4:92:fc:c8:3f:26:6c:83:e4:ec:0c:ef:c6:da:78:ef:fb: c9:c5:3f:09:b1:f4:43:1d:78:40:5d:c3:d5:40:46:00:fb:ef: 07:59:b5:bf:30:30:1f:80:e5:38:74:a4:34:86:f7:a1:c6:ae: fe:87:50:e3:54:96:86:ad:42:53:80:64:59:35:b7:b0:e1:47: 0a:50:b3:f7:b5:cc:13:5b:b3:7b:0d:c6:0f:c1:c9:1d:e3:e4: 7a:fd:f8:ca:b9:43:5c:29:bc:35:f5:a6:15:ca:0c:e7:e7:dc: e5:97:44:75:9d:c3:d8:8c:97:a6:76:41:63:eb:28:98:8f:89: 50:13:39:dc:c5:b4:8f:84:27:0a:fc:16:84:e4:e9:92:d2:b1: b5:9d:d4:7a:ee:c5:fc:10:ef:03:1e:a9:0a:18:d1:e7:34:ab: dd:54:8d:02:86:f6:dc:8f:40:38:7d:fe:c2:54:bd:2f:47:4c: 6a:87:10:20:36:4b:aa:98:e8:d3:3b:8b:22:38:b8:a4:40:70: 55:cf:f9:79 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVJxK/8aVgxV6HGrmQR+cgXf5buYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDIyNTAwMDA1MFoX DTI2MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAMGIzMzdlZTcxZjE2MWY5Njk0ZjJj MzdkMjVjNGYwMzY0Y2E0OWY3MWY0YjBjMWViYzVlMDVmZjNmNGVkMjRjNDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LVJKjvMTbP2h3awxA02nZeBSfY5 YkQNbRAcEaFNvTGRnJ595X7wCJdAfg76Kg5JPWAbBQ2GERvmt8A5FNf+ZAI8BXw3 WQib/fbIJbFDU/ym7WsCxTG5ojKfA/W2Z+Lnv9ASqcS3GKWTvesGyYZQ0GtHVkRo LQEIcd8xULTdnSq84q3blT3M5B02HK6NZO3+d9yJG+PyVoIm8Vigg5fWvIsZkOvR TPkh4qmoTH9VBcTri4Rk2caT3+DlZoyjoNXd62XOR2Y4KDWzjtV9CWfprNrA4Ea3 BrP0Fq6fnf1F9s9oYXHca0jhBFob3/q12voJ+JCBHkguWTMNfbMPPiVaxQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIqeVT+zQo52Jq/4d96VbCjPASuDMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzAxOGRlYTBkLTQyZWItNGQ1OC04OTE0LTYzNmQyNWNhM2IzYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AGAgwDQYJKoZIhvcNAQELBQADggEBADgjy2H4RkYy+EK03D/m kaKH3REQzo/QOebUb2ihnrOCvOe2kn1FuYstuu2io9jE2cv5RXxQqQXkkvzIPyZs g+TsDO/G2njv+8nFPwmx9EMdeEBdw9VARgD77wdZtb8wMB+A5Th0pDSG96HGrv6H UONUloatQlOAZFk1t7DhRwpQs/e1zBNbs3sNxg/ByR3j5Hr9+Mq5Q1wpvDX1phXK DOfn3OWXRHWdw9iMl6Z2QWPrKJiPiVATOdzFtI+EJwr8FoTk6ZLSsbWd1HruxfwQ 7wMeqQoY0ec0q91UjQKG9tyPQDh9/sJUvS9HTGqHECA2S6qY6NM7iyI4uKRAcFXP +Xk= -----END CERTIFICATE-----Generated at Sun Mar 1 23:21:10 2026 by rpki-client