$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa File: 33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa (raw, json) Hash identifier: lA0ytWcRDEfGTUJYK0TCaMBVq02btHKFwXaByMlAs8U= Subject key identifier: 8C:D8:31:51:C6:2A:9D:A1:B8:EE:D9:D0:19:12:BE:3A:AA:08:6D:DE Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 4CF9AE191FFA1230584E3CA28CFAF49248D6E59C Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa Signing time: Wed 25 Feb 2026 00:00:37 +0000 ROA not before: Wed 25 Feb 2026 00:00:37 +0000 ROA not after: Tue 26 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:4080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:f9:ae:19:1f:fa:12:30:58:4e:3c:a2:8c:fa:f4:92:48:d6:e5:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Feb 25 00:00:37 2026 GMT Not After : May 26 23:59:59 2026 GMT Subject: serialNumber=d2617a9535ea6bc9ad01095ba4ac5aeee474f3e127d86625fb35207094ebee97, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:fb:bc:c8:8a:48:5e:f8:9f:88:e3:28:f0:e4: c7:1a:3c:ba:84:5e:4c:83:17:e5:74:d9:7b:01:4a: aa:68:52:9f:d9:0e:70:a4:8c:f4:77:43:5d:5b:ae: 49:70:15:b7:fc:01:32:1d:fe:c9:98:0c:91:e0:ec: 6d:27:31:4f:95:28:fd:ba:e6:e2:7f:f2:6a:14:c2: 79:55:85:0e:f1:d4:a1:b3:8b:dc:d1:30:da:df:45: 04:96:0e:5c:83:53:84:d3:a4:d1:f5:b6:08:85:27: 99:29:ff:3c:b7:bb:a1:b8:c7:b0:35:df:7f:e0:93: 5b:c5:f9:ae:bb:bf:cc:59:7f:cd:1c:30:80:32:4d: 88:8b:b6:50:27:dc:09:2c:63:cd:b2:c2:ae:6c:b1: bd:3e:01:c1:90:5d:57:72:36:fa:81:ff:04:4a:c9: 45:6a:9b:57:a3:b0:77:8a:08:94:1d:f2:41:9b:5f: 44:f9:b5:ae:9a:7f:05:e6:99:3e:b0:73:d2:74:92: 0d:ef:4c:c3:56:e9:fa:3d:03:d5:db:e4:35:ad:92: 2f:17:5a:1d:0c:85:0c:d5:f4:d0:e9:ea:7a:fa:f0: 61:05:4c:31:8b:25:b4:33:f6:1c:0a:77:12:5d:a6: 03:ab:be:3c:e0:4c:c6:4c:f5:f1:54:3b:0c:02:15: 75:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:D8:31:51:C6:2A:9D:A1:B8:EE:D9:D0:19:12:BE:3A:AA:08:6D:DE X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:4080::/48 Signature Algorithm: sha256WithRSAEncryption a4:61:ef:b0:98:7d:80:83:7d:0b:22:b5:a4:9f:94:90:a7:2f: 42:f3:90:e8:55:ca:80:17:27:6a:56:09:2d:7f:ba:a0:df:64: 75:6e:47:04:1b:cf:f6:e6:49:58:09:fe:5d:40:b6:42:37:5c: 28:51:cc:e1:01:d4:4c:99:30:c6:53:4f:00:80:05:03:2f:85: 13:19:6e:2f:0a:25:9d:bb:a0:64:03:86:ba:55:24:17:08:d6: a1:74:f2:49:b2:fa:e4:43:c0:05:77:c9:72:31:eb:c1:fc:87: cc:01:bb:ba:94:ec:7d:ae:f6:0c:18:9a:00:a9:18:65:84:7b: 0f:5a:a9:b9:ac:67:11:05:9e:63:64:04:11:c7:59:b5:3d:b9: 3e:cd:11:16:30:67:a1:43:b3:aa:8e:59:5c:83:9d:c0:37:6c: 55:4d:e4:5a:a3:3a:a3:ab:69:65:07:38:cb:f1:5a:67:c7:42: 81:9f:17:ca:75:c2:33:4a:1c:62:f3:f5:68:e8:4b:d2:47:9a: d0:9a:58:c1:bb:db:c1:ea:90:90:cc:0d:6c:34:cc:9d:9b:42: f3:81:28:28:22:f5:46:92:d3:78:c9:94:83:87:43:f4:ae:ee: 68:31:44:51:b5:c4:90:91:8d:e1:74:77:b5:1e:e7:35:9f:6a: 32:9f:72:76 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUTPmuGR/6EjBYTjyijPr0kkjW5ZwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDIyNTAwMDAzN1oX DTI2MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAZDI2MTdhOTUzNWVhNmJjOWFkMDEw OTViYTRhYzVhZWVlNDc0ZjNlMTI3ZDg2NjI1ZmIzNTIwNzA5NGViZWU5NzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPu8yIpIXvifiOMo8OTHGjy6hF5M gxfldNl7AUqqaFKf2Q5wpIz0d0NdW65JcBW3/AEyHf7JmAyR4OxtJzFPlSj9uubi f/JqFMJ5VYUO8dShs4vc0TDa30UElg5cg1OE06TR9bYIhSeZKf88t7uhuMewNd9/ 4JNbxfmuu7/MWX/NHDCAMk2Ii7ZQJ9wJLGPNssKubLG9PgHBkF1Xcjb6gf8ESslF aptXo7B3igiUHfJBm19E+bWumn8F5pk+sHPSdJIN70zDVun6PQPV2+Q1rZIvF1od DIUM1fTQ6ep6+vBhBUwxiyW0M/YcCncSXaYDq7484EzGTPXxVDsMAhV1ywIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIzYMVHGKp2huO7Z0BkSvjqqCG3eMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzMzZGQzMWUwLTcwMzktNGZmOC1hYWZlLTk3ZjdiOTViMDdkMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/0CAMA0GCSqGSIb3DQEBCwUAA4IBAQCkYe+wmH2Ag30LIrWk n5SQpy9C85DoVcqAFydqVgktf7qg32R1bkcEG8/25klYCf5dQLZCN1woUczhAdRM mTDGU08AgAUDL4UTGW4vCiWdu6BkA4a6VSQXCNahdPJJsvrkQ8AFd8lyMevB/IfM Abu6lOx9rvYMGJoAqRhlhHsPWqm5rGcRBZ5jZAQRx1m1Pbk+zREWMGehQ7Oqjllc g53AN2xVTeRaozqjq2llBzjL8Vpnx0KBnxfKdcIzShxi8/Vo6EvSR5rQmljBu9vB 6pCQzA1sNMydm0LzgSgoIvVGktN4yZSDh0P0ru5oMURRtcSQkY3hdHe1Huc1n2oy n3J2 -----END CERTIFICATE-----Generated at Sun Mar 1 23:21:29 2026 by rpki-client