$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/29fe4454-f7a8-42fd-8c35-77a6d6f8e60f.roa File: 29fe4454-f7a8-42fd-8c35-77a6d6f8e60f.roa (raw, json) Hash identifier: 1g/b2exq+I3qB/RXcMs0ZssvvBrt8OoZ+OND33Ic4+c= Subject key identifier: 21:D2:B2:52:07:02:13:9C:EF:EE:EE:87:1C:A1:CA:5F:8D:4A:4F:59 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 645482301B251B0E36DFB0037210BF33E8159FFC Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/29fe4454-f7a8-42fd-8c35-77a6d6f8e60f.roa Signing time: Wed 25 Feb 2026 00:00:48 +0000 ROA not before: Wed 25 Feb 2026 00:00:48 +0000 ROA not after: Tue 26 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:54:82:30:1b:25:1b:0e:36:df:b0:03:72:10:bf:33:e8:15:9f:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Feb 25 00:00:48 2026 GMT Not After : May 26 23:59:59 2026 GMT Subject: serialNumber=3c048651a0502f0bccc6fa3176219f97f014a9827d65e5c40e586aa62a66b44d, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:fa:d5:6c:19:4d:bb:64:72:f5:74:87:e8:3a: ef:2d:5d:ff:98:30:f8:30:ae:16:35:d2:82:f1:e8: 93:e1:b7:92:49:3b:8c:9d:2c:7c:8c:c3:9c:70:91: bd:66:0d:30:bb:bc:33:32:aa:04:08:cb:4c:b0:da: 05:32:f0:d3:e3:08:78:29:32:bc:6f:c3:1f:a7:93: b1:c7:44:fa:46:50:b9:8e:1d:75:8d:45:52:99:06: f5:9a:90:12:91:8c:68:43:b2:b3:10:20:f2:31:5b: 35:57:49:a1:c8:d2:8a:fa:37:c9:ea:fa:2b:ab:60: 33:8d:3f:aa:8d:c8:9f:bb:8e:45:89:9f:e6:36:4c: 54:e1:69:09:ac:cf:c2:39:94:d2:29:15:17:fe:84: 4b:0d:c1:62:c1:32:05:05:47:fa:a8:f7:1a:aa:77: d1:ce:44:23:a4:a1:6a:b6:f8:1f:87:d6:dd:c6:46: 2b:be:e3:b3:0e:0f:8a:10:8f:33:7b:43:4f:86:9c: ac:08:3b:ea:a6:3f:c7:13:9e:f2:e2:6c:92:09:cd: b6:cb:4a:7d:90:7c:fa:87:ff:20:65:a0:52:77:e1: 79:38:e4:30:9e:02:82:9f:6e:fa:20:8b:b3:5c:44: 00:1c:4b:27:1c:69:c7:5c:e9:39:b5:0e:c2:a1:b6: 5d:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:D2:B2:52:07:02:13:9C:EF:EE:EE:87:1C:A1:CA:5F:8D:4A:4F:59 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/29fe4454-f7a8-42fd-8c35-77a6d6f8e60f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018:c00::/38 Signature Algorithm: sha256WithRSAEncryption 41:0b:3e:56:e1:93:b8:db:fc:75:59:fa:18:49:54:49:16:c9: d8:cc:da:2a:db:40:e7:28:e2:50:2c:0d:be:d2:76:bc:d1:7d: 09:8b:fe:3f:91:cf:ea:44:a5:46:b8:5c:83:c9:b2:3c:82:17: 94:dc:ef:7e:2e:70:f9:44:93:12:81:96:34:9a:2e:ad:96:6f: c1:b3:8e:00:7d:f1:0a:ac:79:3b:49:99:3a:b3:e4:9d:01:15: 52:02:51:4e:f5:f4:0f:c8:f6:fb:e0:86:35:a6:9f:d5:56:b2: d5:d5:6c:a2:47:91:36:94:4b:7c:ca:f4:99:5f:fd:da:75:19: b5:89:b5:44:f3:55:1b:ae:36:d1:fc:45:a1:e0:b3:2f:f2:73: 12:5c:e8:a8:b9:45:43:e1:c1:35:15:cf:20:97:f7:44:ac:cd: 82:9a:d8:44:24:a9:8f:90:b9:44:20:ea:4b:a0:fe:b3:c4:8d: 41:33:9b:1c:c6:2d:eb:b8:25:b8:40:fa:76:1b:e6:a3:e7:b8: c4:39:b9:2e:a6:a6:80:90:a5:45:9d:bd:dd:eb:f3:08:1d:12: 94:5c:85:91:1f:c8:eb:c2:fb:a1:1f:15:ef:49:f3:5d:50:09: f8:a2:cf:89:1d:fe:cf:90:0e:ba:9d:e3:48:f8:ae:6d:27:0f: 28:40:91:76 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZFSCMBslGw4237ADchC/M+gVn/wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDIyNTAwMDA0OFoX DTI2MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAM2MwNDg2NTFhMDUwMmYwYmNjYzZm YTMxNzYyMTlmOTdmMDE0YTk4MjdkNjVlNWM0MGU1ODZhYTYyYTY2YjQ0ZDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvrVbBlNu2Ry9XSH6DrvLV3/mDD4 MK4WNdKC8eiT4beSSTuMnSx8jMOccJG9Zg0wu7wzMqoECMtMsNoFMvDT4wh4KTK8 b8Mfp5Oxx0T6RlC5jh11jUVSmQb1mpASkYxoQ7KzECDyMVs1V0mhyNKK+jfJ6vor q2AzjT+qjcifu45FiZ/mNkxU4WkJrM/COZTSKRUX/oRLDcFiwTIFBUf6qPcaqnfR zkQjpKFqtvgfh9bdxkYrvuOzDg+KEI8ze0NPhpysCDvqpj/HE57y4mySCc22y0p9 kHz6h/8gZaBSd+F5OOQwngKCn276IIuzXEQAHEsnHGnHXOk5tQ7CobZdZwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCHSslIHAhOc7+7uhxyhyl+NSk9ZMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzI5ZmU0NDU0LWY3YTgtNDJmZC04YzM1LTc3YTZkNmY4ZTYwZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AGAwwDQYJKoZIhvcNAQELBQADggEBAEELPlbhk7jb/HVZ+hhJ VEkWydjM2irbQOco4lAsDb7SdrzRfQmL/j+Rz+pEpUa4XIPJsjyCF5Tc734ucPlE kxKBljSaLq2Wb8GzjgB98QqseTtJmTqz5J0BFVICUU719A/I9vvghjWmn9VWstXV bKJHkTaUS3zK9Jlf/dp1GbWJtUTzVRuuNtH8RaHgsy/ycxJc6Ki5RUPhwTUVzyCX 90SszYKa2EQkqY+QuUQg6kug/rPEjUEzmxzGLeu4JbhA+nYb5qPnuMQ5uS6mpoCQ pUWdvd3r8wgdEpRchZEfyOvC+6EfFe9J811QCfiiz4kd/s+QDrqd40j4rm0nDyhA kXY= -----END CERTIFICATE-----Generated at Sun Mar 1 21:48:31 2026 by rpki-client