$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/5484d331-446c-4042-9500-dd3002e6a910.roa File: 5484d331-446c-4042-9500-dd3002e6a910.roa (raw, json) Hash identifier: 6JBd7w5bAZl01ZWeNO0N6v5WAR3//vwcGSfSzF0l63U= Subject key identifier: AA:ED:20:06:52:14:4A:0F:63:0A:52:2E:FB:1C:18:A9:0D:65:9F:FE Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 3E7A094E7F27A54173622A23C8B12EBBA29F9D83 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/5484d331-446c-4042-9500-dd3002e6a910.roa Signing time: Wed 25 Feb 2026 00:00:54 +0000 ROA not before: Wed 25 Feb 2026 00:00:54 +0000 ROA not after: Tue 26 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8014:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:7a:09:4e:7f:27:a5:41:73:62:2a:23:c8:b1:2e:bb:a2:9f:9d:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Feb 25 00:00:54 2026 GMT Not After : May 26 23:59:59 2026 GMT Subject: serialNumber=1ef626362113ef802bf66db1a2028ff81afabac338277415d6257e7661e1aa03, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:d6:e4:e0:90:c4:dc:43:97:01:af:03:c9:cf: e0:6e:ea:cb:28:12:e4:3a:a7:27:3b:3b:83:6d:a8: 17:03:80:25:c9:9c:54:23:aa:30:53:5a:d6:09:00: 1c:e9:16:24:b3:57:6a:37:33:24:6d:c3:f4:59:c4: c1:fa:2f:32:1d:96:85:0c:e2:af:93:17:9c:17:26: e9:a4:3e:62:ab:e1:9f:b9:38:24:a1:bf:2c:52:5a: 1a:2a:b5:07:54:b9:c6:87:d8:3d:bf:87:99:bb:17: 0e:98:cc:44:54:cb:4e:c9:04:b0:7f:5a:be:2d:c3: d6:32:eb:80:b0:08:b5:10:9f:13:1a:5f:aa:07:e9: 5c:54:e4:31:62:c4:f0:ed:ef:01:0c:1f:7b:3d:40: 94:58:30:12:34:c5:66:a6:98:0d:48:cc:5d:5f:92: f6:eb:12:c1:6b:8d:f9:b0:79:8d:ab:b9:ca:84:6a: 09:36:26:a0:f7:eb:c2:9e:2e:5e:4d:1d:55:a5:16: bf:1d:39:ba:f9:5b:84:9e:0b:01:11:fe:e0:8d:61: 65:4a:00:e8:d7:c6:21:91:8e:c5:e9:db:31:7f:31: db:98:04:48:c3:e7:92:fb:0a:b1:43:eb:5a:35:24: f7:81:23:70:3d:1f:ba:82:8b:71:79:07:ed:74:c3: b4:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:ED:20:06:52:14:4A:0F:63:0A:52:2E:FB:1C:18:A9:0D:65:9F:FE X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/5484d331-446c-4042-9500-dd3002e6a910.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8014:c00::/38 Signature Algorithm: sha256WithRSAEncryption 68:58:8d:08:1a:66:a4:22:40:f5:a5:b5:3f:77:c1:0d:7f:e8: 0f:95:7b:cb:8c:b7:ca:65:4e:46:6f:00:e9:7a:ea:fd:fc:c6: af:6d:88:16:0b:80:4d:00:c1:1f:94:b8:8d:37:fb:f1:2f:e5: 8f:24:cc:b3:8c:16:ef:01:ba:08:23:80:5f:d1:a4:f3:80:fd: c3:f6:ea:a6:20:ab:0a:fc:b8:9a:73:6a:43:49:0b:9b:f4:98: f3:da:66:e5:ac:1b:b7:47:a1:86:d2:87:d7:80:0e:83:d1:8d: 86:5c:12:7a:9f:01:7a:a1:88:54:23:b7:2a:a6:e9:8d:10:c7: 09:63:75:b8:df:c6:df:52:14:11:bd:d3:89:4c:ea:78:0c:d0: 40:e4:b7:36:45:ec:3b:68:1c:69:46:f1:f1:0b:dd:ab:22:3d: 57:b1:48:2d:a9:53:aa:37:61:6e:e1:66:31:c4:98:43:9a:de: 12:65:76:88:d2:69:f9:d6:5e:ce:b0:87:4b:f1:8c:1a:4f:a6: cc:bf:95:8e:7b:56:3d:3c:ab:2d:e6:b0:b8:cb:76:b3:94:b9: b8:52:3a:c3:54:19:6c:43:6a:21:bd:0b:01:ed:16:99:ef:a2: 04:c3:67:20:03:33:c6:f9:d7:a7:31:9f:35:56:4d:19:2f:62: 4b:de:ab:11 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPnoJTn8npUFzYiojyLEuu6KfnYMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDIyNTAwMDA1NFoX DTI2MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAMWVmNjI2MzYyMTEzZWY4MDJiZjY2 ZGIxYTIwMjhmZjgxYWZhYmFjMzM4Mjc3NDE1ZDYyNTdlNzY2MWUxYWEwMzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Nbk4JDE3EOXAa8Dyc/gburLKBLk OqcnOzuDbagXA4AlyZxUI6owU1rWCQAc6RYks1dqNzMkbcP0WcTB+i8yHZaFDOKv kxecFybppD5iq+GfuTgkob8sUloaKrUHVLnGh9g9v4eZuxcOmMxEVMtOyQSwf1q+ LcPWMuuAsAi1EJ8TGl+qB+lcVOQxYsTw7e8BDB97PUCUWDASNMVmppgNSMxdX5L2 6xLBa435sHmNq7nKhGoJNiag9+vCni5eTR1VpRa/HTm6+VuEngsBEf7gjWFlSgDo 18YhkY7F6dsxfzHbmARIw+eS+wqxQ+taNST3gSNwPR+6gotxeQftdMO0awIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKrtIAZSFEoPYwpSLvscGKkNZZ/+MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzU0ODRkMzMxLTQ0NmMtNDA0Mi05NTAwLWRkMzAwMmU2YTkxMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AFAwwDQYJKoZIhvcNAQELBQADggEBAGhYjQgaZqQiQPWltT93 wQ1/6A+Ve8uMt8plTkZvAOl66v38xq9tiBYLgE0AwR+UuI03+/Ev5Y8kzLOMFu8B uggjgF/RpPOA/cP26qYgqwr8uJpzakNJC5v0mPPaZuWsG7dHoYbSh9eADoPRjYZc EnqfAXqhiFQjtyqm6Y0Qxwljdbjfxt9SFBG904lM6ngM0EDktzZF7DtoHGlG8fEL 3asiPVexSC2pU6o3YW7hZjHEmEOa3hJldojSafnWXs6wh0vxjBpPpsy/lY57Vj08 qy3msLjLdrOUubhSOsNUGWxDaiG9CwHtFpnvogTDZyADM8b516cxnzVWTRkvYkve qxE= -----END CERTIFICATE-----Generated at Mon Mar 2 01:24:16 2026 by rpki-client