$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa File: 57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa (raw, json) Hash identifier: O/Sr9q+5oHwkAtYjgJdcoRzj29VGrVd0pc5fnkOMvf8= Subject key identifier: 2D:02:77:11:E8:7B:80:C4:87:D1:B5:99:B8:4A:55:6B:C5:A8:98:6C Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 798B101F840887C36C662023A83D2ABE4ACABFE3 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa Signing time: Tue 24 Feb 2026 00:10:41 +0000 ROA not before: Tue 24 Feb 2026 00:10:41 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f8:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:8b:10:1f:84:08:87:c3:6c:66:20:23:a8:3d:2a:be:4a:ca:bf:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Feb 24 00:10:41 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=5ff9c435368804545973a2766c85ba091cf5e8d5eff331e19e9132aaef5492fb, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:32:d8:ac:9e:17:3c:dd:68:78:39:2e:26:fa: 9c:53:5a:d3:96:bb:98:b2:a3:dd:ea:69:93:b9:4f: 80:7a:10:20:f7:e6:20:04:65:89:d5:60:e2:fc:96: 53:58:d3:23:c6:52:f7:21:19:47:7e:45:e5:aa:83: bb:92:4d:f0:26:2e:9e:81:66:76:10:55:9f:be:0a: 53:79:54:6c:28:13:a4:9d:ef:57:ca:e9:6a:63:79: 54:be:8f:06:1d:f1:26:a9:77:41:da:17:35:ad:7c: 43:68:6b:6c:99:60:51:fb:e2:16:78:2c:7f:01:b4: 12:09:2f:55:a3:84:0e:4b:8c:f0:2c:9c:84:06:6b: f5:ce:25:3f:ef:9e:c6:29:2c:66:0b:f0:9f:c7:d1: 45:59:23:15:44:38:da:72:b3:f6:62:77:f9:67:a6: 12:53:f4:f0:5d:c6:89:b8:f7:f3:ea:c9:4d:b2:35: 9e:c5:5c:61:eb:8c:33:13:c1:d3:e2:69:fb:24:84: fc:26:9c:45:2b:a7:53:2d:22:e2:4e:af:7d:91:13: e2:75:58:e6:16:0c:25:72:45:34:34:99:8e:9a:e6: bf:66:12:84:df:e0:6d:89:71:e1:61:15:4b:dd:6b: 8c:06:38:19:24:31:af:03:93:9e:b4:b2:db:8f:ef: 0d:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:02:77:11:E8:7B:80:C4:87:D1:B5:99:B8:4A:55:6B:C5:A8:98:6C X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f8:8000::/40 Signature Algorithm: sha256WithRSAEncryption 75:b9:5e:ba:23:52:76:fc:58:c9:9b:31:cd:92:2a:2f:6b:3d: fb:19:09:04:f9:e1:e8:4c:12:06:ab:dd:12:a8:49:c6:38:35: 20:e6:76:ae:cf:4b:5e:b7:a7:6a:d6:42:e4:e9:be:90:a8:c7: 53:d1:19:db:71:61:99:6d:11:3e:60:23:7b:23:d3:2f:de:7e: 2a:58:0e:ee:78:09:8e:8b:3e:df:d5:b9:c3:0e:f9:bc:89:92: 55:9b:4a:a1:39:65:f5:73:06:86:72:95:a0:f8:80:6c:42:e0: 51:79:e5:83:22:69:22:43:fd:dd:2a:10:0a:ea:53:5f:40:bc: 47:ba:0c:50:d7:8e:b1:44:75:34:0c:d0:b8:0d:fa:17:dd:ea: 35:eb:30:5d:80:2f:fd:0c:99:df:dc:ba:4f:e1:28:f0:81:cb: e7:8e:b3:82:1c:10:b3:88:a5:19:17:a6:79:af:61:3e:8d:e2: ba:95:ac:48:50:65:6f:a3:19:a2:e1:83:cd:db:2f:63:d4:e5: 6f:64:6e:3a:f1:57:ec:bc:18:5f:74:69:5b:bf:ae:bf:b4:04: b4:ca:dd:d4:f4:00:01:59:03:0e:25:3a:3c:50:74:a6:4b:f9: 39:18:7f:9d:81:20:69:80:49:32:15:95:4f:7b:8e:c8:59:12: 3a:e6:7e:54 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUeYsQH4QIh8NsZiAjqD0qvkrKv+MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDIyNDAwMTA0MVoX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNANWZmOWM0MzUzNjg4MDQ1NDU5NzNh Mjc2NmM4NWJhMDkxY2Y1ZThkNWVmZjMzMWUxOWU5MTMyYWFlZjU0OTJmYjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7zLYrJ4XPN1oeDkuJvqcU1rTlruY sqPd6mmTuU+AehAg9+YgBGWJ1WDi/JZTWNMjxlL3IRlHfkXlqoO7kk3wJi6egWZ2 EFWfvgpTeVRsKBOkne9XyulqY3lUvo8GHfEmqXdB2hc1rXxDaGtsmWBR++IWeCx/ AbQSCS9Vo4QOS4zwLJyEBmv1ziU/757GKSxmC/Cfx9FFWSMVRDjacrP2Ynf5Z6YS U/TwXcaJuPfz6slNsjWexVxh64wzE8HT4mn7JIT8JpxFK6dTLSLiTq99kRPidVjm FgwlckU0NJmOmua/ZhKE3+BtiXHhYRVL3WuMBjgZJDGvA5OetLLbj+8NiwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFC0CdxHoe4DEh9G1mbhKVWvFqJhsMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzU3Zjg0MzNjLWYxNjItNGIxMC04NTI3LWZiZjdjZGJiNmFhYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+IAwDQYJKoZIhvcNAQELBQADggEBAHW5XrojUnb8WMmbMc2S Ki9rPfsZCQT54ehMEgar3RKoScY4NSDmdq7PS163p2rWQuTpvpCox1PRGdtxYZlt ET5gI3sj0y/efipYDu54CY6LPt/VucMO+byJklWbSqE5ZfVzBoZylaD4gGxC4FF5 5YMiaSJD/d0qEArqU19AvEe6DFDXjrFEdTQM0LgN+hfd6jXrMF2AL/0Mmd/cuk/h KPCBy+eOs4IcELOIpRkXpnmvYT6N4rqVrEhQZW+jGaLhg83bL2PU5W9kbjrxV+y8 GF90aVu/rr+0BLTK3dT0AAFZAw4lOjxQdKZL+TkYf52BIGmASTIVlU97jshZEjrm flQ= -----END CERTIFICATE-----Generated at Sun Mar 1 21:57:28 2026 by rpki-client