$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa File: 3523c675-14b3-4d2d-90e1-e439500ecaca.roa (raw, json) Hash identifier: 0BO79U/rK8kyMwYsE401FS1qHwMWRe9+oCXwSGV4jE8= Subject key identifier: 8E:DA:9E:65:D7:5F:33:2B:66:69:A3:CF:DF:5C:C5:1C:AA:1B:19:3B Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 7CB47A55221715662949F385C53126B71A96161B Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa Signing time: Sat 16 May 2026 00:00:41 +0000 ROA not before: Sat 16 May 2026 00:00:41 +0000 ROA not after: Fri 14 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 00:05:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:b4:7a:55:22:17:15:66:29:49:f3:85:c5:31:26:b7:1a:96:16:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 16 00:00:41 2026 GMT Not After : Aug 14 23:59:59 2026 GMT Subject: serialNumber=85ad97b0cdfc1b2267b14c98d72b15a013459c5f89cfe148c155619a4870be35, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:fb:92:cb:b5:71:ff:c4:83:40:3d:8e:15:3c: ce:cd:db:f9:17:4b:f4:1e:81:a6:00:c2:78:78:a8: 02:a8:32:04:c9:a4:07:e2:c5:55:0b:14:19:3f:5c: a2:77:7f:4d:10:37:e0:c9:6b:de:76:ba:d9:ed:ca: 52:8e:55:d7:74:ad:07:06:1a:ed:93:ac:03:aa:cc: 3c:1c:42:2a:36:44:99:70:b9:f1:6e:9b:9b:bf:f1: 9a:2e:92:03:d4:33:d6:03:76:15:08:d6:22:7f:44: 62:50:da:7d:af:da:90:33:e1:23:71:29:f5:f5:0c: cf:53:1d:d8:93:09:e3:5a:cb:82:78:66:da:88:08: 58:75:1d:9c:a7:af:c1:4d:66:aa:50:da:5c:b3:75: c7:a7:fe:80:11:1d:c4:8a:bf:fa:ab:d9:95:ab:7e: d3:59:83:b4:5f:28:0d:52:73:fe:fe:9d:62:89:9b: 53:5f:bc:39:88:7c:9d:17:53:f6:67:df:60:08:da: 84:23:91:b8:8b:3f:04:3d:ac:ad:b4:2c:a8:91:91: 21:08:07:cf:2c:c1:45:1f:14:0a:c9:60:a3:e8:08: e9:71:b7:d0:54:84:ff:fa:a0:65:b5:56:01:fb:75: 02:af:ea:c4:6d:b4:93:6e:d2:32:73:e7:9d:c4:60: be:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:DA:9E:65:D7:5F:33:2B:66:69:A3:CF:DF:5C:C5:1C:AA:1B:19:3B X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/3523c675-14b3-4d2d-90e1-e439500ecaca.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f0::/32 Signature Algorithm: sha256WithRSAEncryption 93:e6:ff:a5:bd:57:89:f0:c6:16:f5:05:7c:e3:96:44:bd:14: 00:f8:46:66:f8:61:3f:0b:19:db:2a:03:5d:75:f2:ec:d2:9a: 43:19:f2:6a:99:27:ba:a3:6e:99:59:29:97:56:06:a1:36:a3: ca:b5:57:04:7f:1e:26:a4:a5:e2:41:28:f4:a6:7d:fb:f0:f7: bb:70:63:68:96:d5:59:9b:f4:24:e2:09:74:19:42:83:11:4b: 77:0e:45:96:b5:da:af:5f:be:9f:e6:21:65:89:40:9d:d1:6b: 44:e1:08:97:0c:7e:e5:88:d5:13:32:f9:77:cb:d2:9e:77:e6: 2a:38:f5:6e:60:20:b0:e7:d0:87:5e:98:14:96:bb:6a:7d:3e: c5:7f:16:1f:52:0a:8a:04:62:26:e1:ec:3d:4e:2d:14:eb:85: a9:c3:d9:c3:08:fc:4c:f7:01:4a:13:65:ed:e3:1f:32:fb:4e: c2:04:76:93:a5:b8:b5:fd:df:59:b4:e6:87:7b:dc:bd:78:2d: 08:08:12:08:d3:11:8e:9a:38:9d:3c:60:a7:0d:f9:c5:05:ee: 23:8f:21:86:9e:22:6f:39:27:cc:e9:8a:ae:90:29:30:f1:c2: b9:e3:74:2b:05:4f:69:07:74:28:b8:8a:f4:38:1f:04:ad:17: 84:08:27:49 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUfLR6VSIXFWYpSfOFxTEmtxqWFhswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDUxNjAwMDA0MVoX DTI2MDgxNDIzNTk1OVowejFJMEcGA1UEBRNAODVhZDk3YjBjZGZjMWIyMjY3YjE0 Yzk4ZDcyYjE1YTAxMzQ1OWM1Zjg5Y2ZlMTQ4YzE1NTYxOWE0ODcwYmUzNTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/uSy7Vx/8SDQD2OFTzOzdv5F0v0 HoGmAMJ4eKgCqDIEyaQH4sVVCxQZP1yid39NEDfgyWvedrrZ7cpSjlXXdK0HBhrt k6wDqsw8HEIqNkSZcLnxbpubv/GaLpID1DPWA3YVCNYif0RiUNp9r9qQM+EjcSn1 9QzPUx3YkwnjWsuCeGbaiAhYdR2cp6/BTWaqUNpcs3XHp/6AER3Eir/6q9mVq37T WYO0XygNUnP+/p1iiZtTX7w5iHydF1P2Z99gCNqEI5G4iz8EPayttCyokZEhCAfP LMFFHxQKyWCj6AjpcbfQVIT/+qBltVYB+3UCr+rEbbSTbtIyc+edxGC+BwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFI7anmXXXzMrZmmjz99cxRyqGxk7MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzM1MjNjNjc1LTE0YjMtNGQyZC05MGUxLWU0Mzk1MDBlY2FjYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+A8DANBgkqhkiG9w0BAQsFAAOCAQEAk+b/pb1XifDGFvUFfOOW RL0UAPhGZvhhPwsZ2yoDXXXy7NKaQxnyapknuqNumVkpl1YGoTajyrVXBH8eJqSl 4kEo9KZ9+/D3u3BjaJbVWZv0JOIJdBlCgxFLdw5FlrXar1++n+YhZYlAndFrROEI lwx+5YjVEzL5d8vSnnfmKjj1bmAgsOfQh16YFJa7an0+xX8WH1IKigRiJuHsPU4t FOuFqcPZwwj8TPcBShNl7eMfMvtOwgR2k6W4tf3fWbTmh3vcvXgtCAgSCNMRjpo4 nTxgpw35xQXuI48hhp4ibzknzOmKrpApMPHCueN0KwVPaQd0KLiK9DgfBK0XhAgn SQ== -----END CERTIFICATE-----Generated at Sat Jun 13 05:39:32 2026 by rpki-client