$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa File: 31d36ece-9039-43a2-82a2-03e7d8e7f563.roa (raw, json) Hash identifier: J8rFnBdLgVcMxzYMk6CtIbMEUyLJ1hvUtuqE+pX8XR8= Subject key identifier: 62:1A:B4:A8:2D:2A:06:F8:73:3F:8F:29:46:B0:90:DF:16:14:8D:12 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 5996E62BA02E3E66E428F9BBC5242C3FA96A2FEC Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa Signing time: Wed 25 Feb 2026 00:00:36 +0000 ROA not before: Wed 25 Feb 2026 00:00:36 +0000 ROA not after: Tue 26 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fc::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:96:e6:2b:a0:2e:3e:66:e4:28:f9:bb:c5:24:2c:3f:a9:6a:2f:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Feb 25 00:00:36 2026 GMT Not After : May 26 23:59:59 2026 GMT Subject: serialNumber=0a873d51abc6bbe04b41df48a06a7532511b51f3ee73e100cfabdcdf1ac34249, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:36:af:17:e2:1b:d0:77:71:9a:ab:39:8e:e0: 40:cf:42:0c:99:76:d9:30:16:8e:b7:8d:15:1e:68: 3d:49:6b:db:e2:54:50:d0:92:1b:2a:29:75:32:0d: 52:d3:76:c2:bf:e4:b9:0d:15:0c:db:a0:54:17:61: 4b:90:8b:de:4e:10:9f:a9:86:b7:39:4d:03:09:e5: 43:30:3b:91:15:1b:bb:33:9c:4c:63:6f:68:c9:af: 3e:f7:16:ef:8a:d3:a5:f7:b2:c1:63:63:75:91:c4: 75:93:8c:6e:4b:01:e7:99:74:f7:f4:0e:de:df:5b: 4e:82:5d:fe:14:8e:31:98:bc:0b:87:b3:01:62:4b: 1d:39:21:98:dd:a1:0d:68:84:44:37:ad:c3:66:ef: 3c:e0:81:79:7f:2d:fe:64:3b:ea:72:d4:fe:6d:f3: 57:8e:88:26:9c:51:04:35:3d:1f:8a:70:e3:35:a2: d6:e9:99:84:14:ad:0b:00:b2:5e:aa:45:be:44:51: df:3b:9f:ec:7d:39:22:93:e2:38:ea:ae:25:fd:b3: 3e:51:1c:8d:ad:55:fb:ce:b1:00:a3:83:72:df:e8: 6c:37:30:1c:96:a2:ec:7d:80:6e:3a:39:2f:39:c4: 38:39:5d:47:5e:17:3f:e9:a7:10:9d:16:d1:1f:ce: 29:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:1A:B4:A8:2D:2A:06:F8:73:3F:8F:29:46:B0:90:DF:16:14:8D:12 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fc::/32 Signature Algorithm: sha256WithRSAEncryption 7c:a2:69:0c:79:ed:84:b5:35:70:4a:a4:91:a6:f4:b8:9e:c6: d9:c9:ef:9e:24:24:f8:03:c5:f5:c8:02:f0:8c:64:24:66:9d: ce:da:43:5b:98:8e:f0:28:3b:a5:79:d0:3c:9e:98:40:dc:51: 64:6e:7a:ac:1a:f2:9e:04:be:1b:a4:93:75:95:e2:7e:07:4d: f5:df:db:26:19:e7:0c:92:65:ca:27:a3:60:86:c9:9f:4b:d3: d5:0a:23:e6:01:ce:11:5e:ec:e6:ca:df:6c:c0:f0:26:29:0a: a2:82:d5:5f:3a:a4:d9:8d:98:54:78:61:0c:79:d4:4d:d9:e8: 26:2b:d5:19:80:11:3a:42:eb:b1:c4:55:c1:f8:0c:b5:79:aa: 55:08:b8:e9:91:7a:b1:eb:2f:c0:ba:4b:30:0f:44:8c:40:a2: 86:cb:c2:ec:ed:df:e8:d0:ab:db:be:53:b1:7f:35:59:93:92: be:2a:8c:8a:d0:7a:c8:4a:c7:d2:bd:d0:02:8a:97:64:c2:6f: 2b:3b:bc:60:24:7c:ab:fc:ca:61:fd:13:ce:9b:83:41:68:82: 63:28:e6:45:2e:35:66:98:aa:14:05:2b:31:90:38:c1:92:7c: 48:56:b1:b9:36:57:6e:cf:ad:71:a0:2f:ba:b7:e6:49:66:f4: 80:24:2c:05 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUWZbmK6AuPmbkKPm7xSQsP6lqL+wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDIyNTAwMDAzNloX DTI2MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAMGE4NzNkNTFhYmM2YmJlMDRiNDFk ZjQ4YTA2YTc1MzI1MTFiNTFmM2VlNzNlMTAwY2ZhYmRjZGYxYWMzNDI0OTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzavF+Ib0Hdxmqs5juBAz0IMmXbZ MBaOt40VHmg9SWvb4lRQ0JIbKil1Mg1S03bCv+S5DRUM26BUF2FLkIveThCfqYa3 OU0DCeVDMDuRFRu7M5xMY29oya8+9xbvitOl97LBY2N1kcR1k4xuSwHnmXT39A7e 31tOgl3+FI4xmLwLh7MBYksdOSGY3aENaIREN63DZu884IF5fy3+ZDvqctT+bfNX jogmnFEENT0finDjNaLW6ZmEFK0LALJeqkW+RFHfO5/sfTkik+I46q4l/bM+URyN rVX7zrEAo4Ny3+hsNzAclqLsfYBuOjkvOcQ4OV1HXhc/6acQnRbRH84p/wIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFGIatKgtKgb4cz+PKUawkN8WFI0SMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzMxZDM2ZWNlLTkwMzktNDNhMi04MmEyLTAzZTdkOGU3ZjU2My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+A/DANBgkqhkiG9w0BAQsFAAOCAQEAfKJpDHnthLU1cEqkkab0 uJ7G2cnvniQk+APF9cgC8IxkJGadztpDW5iO8Cg7pXnQPJ6YQNxRZG56rBryngS+ G6STdZXifgdN9d/bJhnnDJJlyiejYIbJn0vT1Qoj5gHOEV7s5srfbMDwJikKooLV Xzqk2Y2YVHhhDHnUTdnoJivVGYAROkLrscRVwfgMtXmqVQi46ZF6sesvwLpLMA9E jECihsvC7O3f6NCr275TsX81WZOSviqMitB6yErH0r3QAoqXZMJvKzu8YCR8q/zK Yf0TzpuDQWiCYyjmRS41ZpiqFAUrMZA4wZJ8SFaxuTZXbs+tcaAvurfmSWb0gCQs BQ== -----END CERTIFICATE-----Generated at Sun Mar 1 23:20:47 2026 by rpki-client