$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa File: 3523c675-14b3-4d2d-90e1-e439500ecaca.roa (raw, json) Hash identifier: ZfU0bzl5PVutdfLJJ00+ZQ6pGFIQTfL6zQ6TkRFse+E= Subject key identifier: 00:B5:EB:50:B3:93:D1:57:54:F5:94:F9:A1:03:28:1B:6C:6D:BD:2D Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 446FADB040223F1DFEC266E95A811BEEE9844EAD Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa Signing time: Wed 25 Feb 2026 00:00:37 +0000 ROA not before: Wed 25 Feb 2026 00:00:37 +0000 ROA not after: Tue 26 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:6f:ad:b0:40:22:3f:1d:fe:c2:66:e9:5a:81:1b:ee:e9:84:4e:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Feb 25 00:00:37 2026 GMT Not After : May 26 23:59:59 2026 GMT Subject: serialNumber=ab329de9508b0500aa28fc617f728f5cf5ddd1c609ac569d6df1c0422d1711dd, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:a2:99:ba:44:51:16:17:16:4d:6a:c7:2e:8d: 1b:2c:44:00:9b:a2:fe:2b:50:91:79:4c:a3:04:37: 94:ba:13:df:78:5c:46:5f:5c:47:b5:a6:ba:b7:8b: 16:57:73:53:10:f8:72:b4:47:0d:f5:14:b3:c3:6c: 2d:f2:43:b2:98:d9:1a:12:ee:22:58:db:7d:82:bb: c1:d7:6d:52:02:95:bf:71:ec:9a:c2:e5:83:a3:8f: a2:39:9b:71:4e:96:ee:fb:a9:f4:01:f5:b9:43:81: 07:27:ed:cd:40:1a:0f:c8:0f:da:e6:12:38:71:69: df:91:79:d4:41:b3:c1:f5:45:1e:e2:66:4a:96:0d: 00:2e:81:5d:a3:91:ff:65:dd:83:b7:cd:ca:72:85: 22:56:80:47:ca:fd:eb:cf:19:28:36:46:58:bc:e7: 6a:ef:04:53:09:0a:71:b8:5d:40:5d:06:9c:c4:ba: c6:d3:eb:10:94:6f:3e:bf:c3:4a:86:cb:5a:38:e9: 5d:d6:e5:f6:dc:5e:c2:b3:90:b4:a2:78:53:29:f4: 90:86:89:75:b4:ad:ef:23:16:da:7f:f8:da:b9:58: 5c:63:0d:8f:4a:c6:8f:16:1b:3d:96:2f:06:9e:d5: 95:9d:f3:88:5d:ff:8a:fe:1a:84:b2:5e:ad:e0:57: 9d:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:B5:EB:50:B3:93:D1:57:54:F5:94:F9:A1:03:28:1B:6C:6D:BD:2D X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f0::/32 Signature Algorithm: sha256WithRSAEncryption 7e:fd:b1:1f:f4:b0:c0:3f:e5:52:c3:b2:c9:08:de:ec:9d:78: 13:d2:1b:4f:af:d0:bf:0c:25:df:04:f1:ff:a4:83:34:a7:97: 73:df:3a:69:52:ed:ec:9d:b3:45:9c:91:b1:74:7e:cf:7a:4f: b3:11:f3:50:f5:b4:be:84:bd:01:6f:94:52:2f:d2:8f:99:cd: db:14:96:f2:be:22:7a:ba:6b:ca:3d:ba:71:0b:f1:d9:1c:44: b5:07:30:3c:89:2a:26:b5:48:b9:c6:26:54:39:e6:fa:ac:93: be:4d:ac:86:14:dd:b4:54:7b:ed:4d:d6:b0:c5:1b:90:13:cb: 7a:6d:f7:00:d0:4b:c0:0f:21:42:81:3b:7c:ee:4f:37:72:0b: 1e:88:a2:a4:11:28:5d:67:b5:96:2b:27:c1:70:8e:4d:f4:5b: d3:fc:4b:ab:d3:31:4d:46:b7:4a:b7:9c:ea:9b:61:59:44:42: ca:af:61:b1:56:29:37:f9:29:5b:46:79:14:36:76:ca:ab:77: 17:e0:f9:f5:8a:22:d7:13:5c:07:ca:35:66:04:71:2c:03:4e: 0a:67:f6:fb:b5:11:4e:8a:1d:82:7f:14:13:50:cb:8e:39:23: 44:15:36:d9:9d:eb:5a:be:80:d4:cc:bc:01:17:da:cd:91:59: ed:77:54:5a -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIURG+tsEAiPx3+wmbpWoEb7umETq0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDIyNTAwMDAzN1oX DTI2MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAYWIzMjlkZTk1MDhiMDUwMGFhMjhm YzYxN2Y3MjhmNWNmNWRkZDFjNjA5YWM1NjlkNmRmMWMwNDIyZDE3MTFkZDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKKZukRRFhcWTWrHLo0bLEQAm6L+ K1CReUyjBDeUuhPfeFxGX1xHtaa6t4sWV3NTEPhytEcN9RSzw2wt8kOymNkaEu4i WNt9grvB121SApW/ceyawuWDo4+iOZtxTpbu+6n0AfW5Q4EHJ+3NQBoPyA/a5hI4 cWnfkXnUQbPB9UUe4mZKlg0ALoFdo5H/Zd2Dt83KcoUiVoBHyv3rzxkoNkZYvOdq 7wRTCQpxuF1AXQacxLrG0+sQlG8+v8NKhstaOOld1uX23F7Cs5C0onhTKfSQhol1 tK3vIxbaf/jauVhcYw2PSsaPFhs9li8GntWVnfOIXf+K/hqEsl6t4FedBwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFAC161Czk9FXVPWU+aEDKBtsbb0tMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzM1MjNjNjc1LTE0YjMtNGQyZC05MGUxLWU0Mzk1MDBlY2FjYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+A8DANBgkqhkiG9w0BAQsFAAOCAQEAfv2xH/SwwD/lUsOyyQje 7J14E9IbT6/Qvwwl3wTx/6SDNKeXc986aVLt7J2zRZyRsXR+z3pPsxHzUPW0voS9 AW+UUi/Sj5nN2xSW8r4ierpryj26cQvx2RxEtQcwPIkqJrVIucYmVDnm+qyTvk2s hhTdtFR77U3WsMUbkBPLem33ANBLwA8hQoE7fO5PN3ILHoiipBEoXWe1lisnwXCO TfRb0/xLq9MxTUa3Srec6pthWURCyq9hsVYpN/kpW0Z5FDZ2yqt3F+D59Yoi1xNc B8o1ZgRxLANOCmf2+7URToodgn8UE1DLjjkjRBU22Z3rWr6A1My8ARfazZFZ7XdU Wg== -----END CERTIFICATE-----Generated at Sun Mar 1 23:20:32 2026 by rpki-client