$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa File: 2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa (raw, json) Hash identifier: eBYXnsPiaNJ7X/+oy39tXqsNvQTfcMyw+f33irnssgI= Subject key identifier: 3F:25:33:6B:BF:6F:37:22:FE:F4:3C:49:36:FC:59:6E:A7:03:10:0F Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 18DE6496B398EA3C315F6ECDD7CD065F0620679F Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa Signing time: Tue 24 Feb 2026 00:10:37 +0000 ROA not before: Tue 24 Feb 2026 00:10:37 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f9:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:02:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:de:64:96:b3:98:ea:3c:31:5f:6e:cd:d7:cd:06:5f:06:20:67:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Feb 24 00:10:37 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=ce3882fac4f635f7cd2f46c1e8c5cf4255d06afbc67352d6987925ef20d0d1d3, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:34:24:55:6c:9f:a4:0c:22:33:6f:61:56:b5: 1c:93:7a:97:de:ef:fc:8a:d8:7f:03:f3:e7:5c:1a: 11:db:ea:5b:59:cd:53:43:60:21:57:1d:a4:80:b2: df:f2:82:ad:34:50:64:aa:f0:d2:99:fa:0c:2f:f8: 84:61:23:6d:3c:a4:0a:94:e0:48:44:f8:bb:64:96: 04:19:d0:c1:1f:a6:e1:f3:1d:2a:bc:b6:67:14:40: 44:bc:14:07:99:07:85:4d:f2:b2:1c:00:85:e2:0f: 5c:4f:11:c8:9c:71:e5:89:ab:61:95:cf:a2:7b:9b: ac:40:88:98:97:82:31:77:32:ea:52:a9:7c:89:71: aa:9e:be:b9:1b:32:f0:db:bd:02:22:a6:2f:00:b5: b9:9c:0d:d6:62:ce:9d:19:8e:a0:7e:7e:e4:36:e4: 01:dc:2f:ad:6d:22:d9:29:28:9d:3a:82:1d:fa:b4: 74:13:7c:35:30:0b:1d:e4:c4:1d:cd:85:1f:49:f5: 64:4f:e3:66:73:9f:3c:15:e0:3b:ad:57:98:d3:37: 15:98:7f:35:86:67:da:78:3a:80:59:be:07:6a:2a: cf:20:e6:65:e8:16:4c:09:0b:ca:22:76:06:ef:d9: 82:cb:d7:75:e2:9a:e4:11:a5:f9:a9:7e:2a:55:26: 4a:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:25:33:6B:BF:6F:37:22:FE:F4:3C:49:36:FC:59:6E:A7:03:10:0F X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2247f34f-e5b1-423c-ac0f-7142ad86bd9b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f9:8000::/40 Signature Algorithm: sha256WithRSAEncryption 3a:fb:f6:d3:9d:b3:7b:14:62:b0:a6:cc:bf:d8:cb:35:0c:42: b1:c1:d1:5d:fb:d9:2b:6f:5c:5d:38:26:bb:34:ca:da:ce:94: 93:8b:f8:78:0d:1b:39:ef:08:fe:1d:31:0b:e1:60:c0:d7:9c: 74:54:05:97:ec:eb:a9:92:81:1f:0c:36:9f:9f:af:90:3e:9f: 92:01:9d:0a:58:6c:94:38:65:79:c8:3c:8e:80:78:78:95:09: e0:54:bf:17:d1:4e:eb:5f:b6:9f:73:f5:9d:57:9a:c2:9e:83: cd:b2:2f:04:92:40:d6:3d:73:7c:37:12:92:1a:b2:b8:0a:25: fd:79:36:e0:93:3d:dd:59:86:32:1b:c9:ed:13:c0:0b:1d:2e: 39:36:1a:c0:6b:56:6e:56:09:8a:65:69:59:35:2c:e7:93:26: 08:12:b7:1a:4c:a1:32:cd:6f:67:c2:52:b2:82:43:2d:c5:02: 74:8f:eb:43:ad:2d:3c:b9:f8:bb:39:e9:ec:8b:c7:9d:68:45: ee:26:78:ad:26:df:50:7b:b3:c1:10:48:b1:17:7c:73:0c:15: d7:84:9c:7d:e3:b9:66:15:04:53:0a:58:41:4d:a4:42:14:58: 56:79:b7:9f:6f:87:91:6f:93:ea:0f:99:bc:86:ce:56:25:58: de:62:25:97 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGN5klrOY6jwxX27N180GXwYgZ58wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDIyNDAwMTAzN1oX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAY2UzODgyZmFjNGY2MzVmN2NkMmY0 NmMxZThjNWNmNDI1NWQwNmFmYmM2NzM1MmQ2OTg3OTI1ZWYyMGQwZDFkMzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTQkVWyfpAwiM29hVrUck3qX3u/8 ith/A/PnXBoR2+pbWc1TQ2AhVx2kgLLf8oKtNFBkqvDSmfoML/iEYSNtPKQKlOBI RPi7ZJYEGdDBH6bh8x0qvLZnFEBEvBQHmQeFTfKyHACF4g9cTxHInHHliathlc+i e5usQIiYl4IxdzLqUql8iXGqnr65GzLw270CIqYvALW5nA3WYs6dGY6gfn7kNuQB 3C+tbSLZKSidOoId+rR0E3w1MAsd5MQdzYUfSfVkT+Nmc588FeA7rVeY0zcVmH81 hmfaeDqAWb4HairPIOZl6BZMCQvKInYG79mCy9d14prkEaX5qX4qVSZKRQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFD8lM2u/bzci/vQ8STb8WW6nAxAPMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzIyNDdmMzRmLWU1YjEtNDIzYy1hYzBmLTcxNDJhZDg2YmQ5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+YAwDQYJKoZIhvcNAQELBQADggEBADr79tOds3sUYrCmzL/Y yzUMQrHB0V372StvXF04Jrs0ytrOlJOL+HgNGznvCP4dMQvhYMDXnHRUBZfs66mS gR8MNp+fr5A+n5IBnQpYbJQ4ZXnIPI6AeHiVCeBUvxfRTutftp9z9Z1XmsKeg82y LwSSQNY9c3w3EpIasrgKJf15NuCTPd1ZhjIbye0TwAsdLjk2GsBrVm5WCYplaVk1 LOeTJggStxpMoTLNb2fCUrKCQy3FAnSP60OtLTy5+Ls56eyLx51oRe4meK0m31B7 s8EQSLEXfHMMFdeEnH3juWYVBFMKWEFNpEIUWFZ5t59vh5Fvk+oPmbyGzlYlWN5i JZc= -----END CERTIFICATE-----Generated at Mon Mar 2 02:46:14 2026 by rpki-client