$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/64aa0337-4cf9-42c7-b236-4cd36e69005e.roa File: 64aa0337-4cf9-42c7-b236-4cd36e69005e.roa (raw, json) Hash identifier: QTAbwj9bKSMshmcezgtmVncMOBmPUvKRDDwIhv+M5RU= Subject key identifier: 9D:54:EA:56:83:93:58:56:02:80:FB:CD:F8:9D:6E:7D:EB:68:67:78 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 376AF7766E29D5F413E8C28DB2CB8C8B5FF63C90 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/64aa0337-4cf9-42c7-b236-4cd36e69005e.roa Signing time: Wed 25 Feb 2026 00:00:36 +0000 ROA not before: Wed 25 Feb 2026 00:00:36 +0000 ROA not after: Tue 26 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80f1::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:6a:f7:76:6e:29:d5:f4:13:e8:c2:8d:b2:cb:8c:8b:5f:f6:3c:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Feb 25 00:00:36 2026 GMT Not After : May 26 23:59:59 2026 GMT Subject: serialNumber=0bcd6ad5f792ab35671d683ef03c5f81625c5d27c910b9c408c3aba903feb53b, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:64:f9:3a:21:59:ec:23:9b:10:08:94:5d:98: 45:ff:c6:1e:e4:6c:79:94:26:66:8d:3d:f5:15:ff: d3:f1:38:53:e7:d7:cc:b0:de:a0:56:cf:69:38:4a: 15:0f:5b:7a:f9:ff:4a:30:34:66:56:37:39:d7:12: c4:06:33:39:ce:3f:78:d9:a8:3b:86:66:9e:dc:1a: 31:9f:1d:07:7d:05:cd:d5:80:80:d7:da:4b:89:4d: 2b:f4:f9:7d:5f:20:b5:34:d0:37:9b:2f:8d:fe:a0: 66:e6:5a:e8:97:cd:17:ec:82:1e:f7:b3:33:12:54: 86:6c:55:b4:35:5a:72:d2:68:3e:5e:8b:dd:2d:ba: e6:83:7b:17:c6:98:82:be:5a:b6:b4:e7:60:c5:a1: 54:bf:ab:ad:d2:9f:a0:76:51:9f:4d:fb:41:55:b9: 42:30:cf:5f:94:82:78:a0:d0:b0:68:31:15:b0:82: 0b:cd:1a:38:14:32:a7:b1:24:be:f3:3d:0d:c7:05: f4:64:22:ea:cb:26:16:a1:12:c6:84:74:f1:d6:81: db:b5:cb:f8:3c:cf:04:d5:27:c4:a1:23:1d:f7:4a: 1e:69:55:97:8b:21:47:3c:02:a7:15:26:e5:4c:9d: d6:33:95:38:fb:33:12:35:4f:5a:18:46:58:3f:74: b5:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:54:EA:56:83:93:58:56:02:80:FB:CD:F8:9D:6E:7D:EB:68:67:78 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/64aa0337-4cf9-42c7-b236-4cd36e69005e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80f1::/32 Signature Algorithm: sha256WithRSAEncryption 83:1c:5d:c2:a2:f5:8b:81:55:15:ef:8e:94:f3:4f:f5:c9:be: b6:b5:9c:5d:ac:a0:ad:d2:f2:bf:01:dd:24:13:41:88:dd:4c: 1f:28:a5:19:67:4a:2e:2a:ab:94:20:45:1d:22:67:ee:cf:7d: 4f:12:54:c4:a9:8a:cd:94:c0:1f:98:09:b9:4d:59:e1:1e:79: 2d:6a:fc:c8:87:f4:10:ab:e6:e2:b4:57:01:ca:33:67:2c:c1: ce:f8:e0:9d:44:53:2c:34:8f:04:d3:ed:61:ed:0f:05:f5:c6: 6e:81:e4:ca:05:40:1f:ed:a2:2b:88:41:49:18:70:7d:47:71: 35:6a:52:a6:73:5f:0b:8d:b0:95:da:3f:0b:95:3e:19:b3:45: ab:dc:9f:5b:47:1d:2e:79:4e:56:3f:c7:dd:12:3a:be:c2:0b: 36:24:1f:86:5b:65:e1:f6:45:0b:ff:0f:19:02:a7:5b:04:a2: 6c:e9:ae:20:01:e9:e6:db:08:22:e1:93:89:b3:60:91:75:1d: 94:a9:be:d1:e5:71:61:ee:09:53:47:63:e8:6b:31:fd:f9:7c: 83:84:61:ee:7c:13:12:a1:ea:c9:e4:73:50:43:67:80:34:bb: 41:d0:00:81:3f:85:5e:f0:19:8b:67:13:9c:a1:6a:4e:33:e8: 92:7a:71:3a -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUN2r3dm4p1fQT6MKNssuMi1/2PJAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDIyNTAwMDAzNloX DTI2MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAMGJjZDZhZDVmNzkyYWIzNTY3MWQ2 ODNlZjAzYzVmODE2MjVjNWQyN2M5MTBiOWM0MDhjM2FiYTkwM2ZlYjUzYjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGT5OiFZ7CObEAiUXZhF/8Ye5Gx5 lCZmjT31Ff/T8ThT59fMsN6gVs9pOEoVD1t6+f9KMDRmVjc51xLEBjM5zj942ag7 hmae3Boxnx0HfQXN1YCA19pLiU0r9Pl9XyC1NNA3my+N/qBm5lrol80X7IIe97Mz ElSGbFW0NVpy0mg+XovdLbrmg3sXxpiCvlq2tOdgxaFUv6ut0p+gdlGfTftBVblC MM9flIJ4oNCwaDEVsIILzRo4FDKnsSS+8z0NxwX0ZCLqyyYWoRLGhHTx1oHbtcv4 PM8E1SfEoSMd90oeaVWXiyFHPAKnFSblTJ3WM5U4+zMSNU9aGEZYP3S1LQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFJ1U6laDk1hWAoD7zfidbn3raGd4MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzY0YWEwMzM3LTRjZjktNDJjNy1iMjM2LTRjZDM2ZTY5MDA1ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+A8TANBgkqhkiG9w0BAQsFAAOCAQEAgxxdwqL1i4FVFe+OlPNP 9cm+trWcXaygrdLyvwHdJBNBiN1MHyilGWdKLiqrlCBFHSJn7s99TxJUxKmKzZTA H5gJuU1Z4R55LWr8yIf0EKvm4rRXAcozZyzBzvjgnURTLDSPBNPtYe0PBfXGboHk ygVAH+2iK4hBSRhwfUdxNWpSpnNfC42wldo/C5U+GbNFq9yfW0cdLnlOVj/H3RI6 vsILNiQfhltl4fZFC/8PGQKnWwSibOmuIAHp5tsIIuGTibNgkXUdlKm+0eVxYe4J U0dj6Gsx/fl8g4Rh7nwTEqHqyeRzUENngDS7QdAAgT+FXvAZi2cTnKFqTjPoknpx Og== -----END CERTIFICATE-----Generated at Mon Mar 2 01:00:59 2026 by rpki-client