$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa File: 2720640e-9111-44dd-a0b8-a005f04956a0.roa (raw, json) Hash identifier: NB72BfTxXXhodXcDNywWhKce6VnADsePMdv27msr1gg= Subject key identifier: FC:5C:C7:03:E9:49:BB:FD:BC:7D:47:B9:A4:C2:0C:B6:54:C9:25:DF Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 1C6CF18845902F4BDA5D4667BCBAC4F4DD7C2A7E Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa Signing time: Tue 24 Feb 2026 00:10:40 +0000 ROA not before: Tue 24 Feb 2026 00:10:40 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80a0:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:6c:f1:88:45:90:2f:4b:da:5d:46:67:bc:ba:c4:f4:dd:7c:2a:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Feb 24 00:10:40 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=0b8a37578b02bcfc0b7413d43a1eb561092c18104e33b351c1e81f183e77ab5d, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:ec:31:b0:b2:66:4b:e3:eb:6c:40:14:b0:42: 3b:9b:c4:15:d3:3c:ad:3c:fe:28:fe:30:cf:24:0e: f7:43:5c:7d:38:ec:6d:18:cf:e3:bd:be:61:59:64: e3:22:0b:6b:46:8c:31:f7:1d:5c:ae:95:a8:39:10: b8:a9:42:18:24:78:2d:12:69:70:56:e8:08:d8:00: 0c:0e:99:f2:87:02:e2:4e:61:e0:a2:aa:c9:fd:ba: 58:9b:0f:e3:1d:79:ec:91:ac:a7:8b:cd:a5:0f:e4: 45:e6:55:2f:71:14:e8:62:cc:51:f2:a6:97:24:c9: 00:d7:a1:6e:10:b9:c2:90:c1:e3:27:3c:c0:cc:a9: 69:1b:be:ba:57:6d:ac:51:01:19:3e:e8:7d:24:0e: 2f:3e:61:17:d3:14:f9:4a:0f:7f:61:8c:96:13:b7: a6:5f:42:c2:fb:66:c8:f1:2d:a7:dd:1a:57:cd:da: 99:13:9e:0e:d1:68:62:21:29:ca:c4:6f:29:9c:a2: 72:b8:3c:51:51:f0:4d:4f:25:2f:cb:ac:84:54:42: 86:1e:75:3e:30:8a:2c:16:c5:be:49:8b:60:68:97: ef:8f:78:37:12:da:1e:77:a9:f7:c6:1c:fe:4a:4c: 3a:09:80:93:8a:86:54:0f:2c:a3:5c:0c:8f:b1:68: 94:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:5C:C7:03:E9:49:BB:FD:BC:7D:47:B9:A4:C2:0C:B6:54:C9:25:DF X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80a0:8000::/40 Signature Algorithm: sha256WithRSAEncryption af:42:03:22:bf:ed:39:58:6e:f5:be:7e:bb:35:a0:db:fa:83: c7:94:89:4f:e7:36:f8:dd:a7:2b:0f:2d:22:73:9e:2e:74:68: 24:39:f6:27:71:5f:2d:e5:c6:00:9d:25:04:b9:90:05:44:f8: 2f:7e:37:ee:bd:df:ed:34:5b:03:74:ee:6b:3a:72:45:a9:e3: 36:ca:4d:b7:4c:57:03:ed:02:78:c2:9d:6f:1a:f5:ab:e7:bd: 43:f0:2c:5e:61:74:e1:ea:3e:4d:78:72:cf:b6:cf:29:d7:d0: 9d:70:b7:0b:22:6b:84:ec:eb:bf:f9:e2:8b:94:9a:37:9f:cf: 30:a3:41:34:e0:96:35:d2:41:ef:d1:8f:e0:8a:d1:b2:f1:ad: e6:f6:66:b8:62:23:c2:4a:16:b5:01:6b:21:ea:8b:69:d9:05: 5a:17:fa:83:ca:6f:57:7d:dd:72:0d:92:1b:07:fd:2d:35:05: cb:8f:92:24:ca:a8:1c:2a:50:78:f0:7c:c3:36:12:26:0c:41: 69:33:7a:3d:7d:a0:30:73:ba:71:b7:e5:c0:21:d7:d7:55:06: 4e:3d:95:bf:95:12:09:8d:95:f0:6a:67:92:5e:04:6c:62:84: 9c:d1:e3:ff:f4:52:e4:76:de:ef:d2:02:33:c8:2f:8b:df:af: 7b:58:c4:ba -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUHGzxiEWQL0vaXUZnvLrE9N18Kn4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDIyNDAwMTA0MFoX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAMGI4YTM3NTc4YjAyYmNmYzBiNzQx M2Q0M2ExZWI1NjEwOTJjMTgxMDRlMzNiMzUxYzFlODFmMTgzZTc3YWI1ZDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ewxsLJmS+PrbEAUsEI7m8QV0zyt PP4o/jDPJA73Q1x9OOxtGM/jvb5hWWTjIgtrRowx9x1crpWoORC4qUIYJHgtEmlw VugI2AAMDpnyhwLiTmHgoqrJ/bpYmw/jHXnskayni82lD+RF5lUvcRToYsxR8qaX JMkA16FuELnCkMHjJzzAzKlpG766V22sUQEZPuh9JA4vPmEX0xT5Sg9/YYyWE7em X0LC+2bI8S2n3RpXzdqZE54O0WhiISnKxG8pnKJyuDxRUfBNTyUvy6yEVEKGHnU+ MIosFsW+SYtgaJfvj3g3Etoed6n3xhz+Skw6CYCTioZUDyyjXAyPsWiU4wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPxcxwPpSbv9vH1HuaTCDLZUySXfMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzI3MjA2NDBlLTkxMTEtNDRkZC1hMGI4LWEwMDVmMDQ5NTZhMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AoIAwDQYJKoZIhvcNAQELBQADggEBAK9CAyK/7TlYbvW+frs1 oNv6g8eUiU/nNvjdpysPLSJzni50aCQ59idxXy3lxgCdJQS5kAVE+C9+N+693+00 WwN07ms6ckWp4zbKTbdMVwPtAnjCnW8a9avnvUPwLF5hdOHqPk14cs+2zynX0J1w twsia4Ts67/54ouUmjefzzCjQTTgljXSQe/Rj+CK0bLxreb2ZrhiI8JKFrUBayHq i2nZBVoX+oPKb1d93XINkhsH/S01BcuPkiTKqBwqUHjwfMM2EiYMQWkzej19oDBz unG35cAh19dVBk49lb+VEgmNlfBqZ5JeBGxihJzR4//0UuR23u/SAjPIL4vfr3tY xLo= -----END CERTIFICATE-----Generated at Sun Mar 1 21:44:44 2026 by rpki-client