$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa File: 9a94ee8c-7029-4ffb-af7f-435e161333de.roa (raw, json) Hash identifier: vb0aobYq1f6AcgIOGZzJjGgTZoYMYueYZUYa8DNriFE= Subject key identifier: 8F:CC:47:8D:3A:5B:17:E4:B5:7D:5B:E1:F1:49:76:58:07:7D:53:C7 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 71EDAC94CB35EEB6A2E77E487CCCF2A6859100B1 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa Signing time: Wed 25 Feb 2026 00:00:33 +0000 ROA not before: Wed 25 Feb 2026 00:00:33 +0000 ROA not after: Tue 26 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8000:8000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:ed:ac:94:cb:35:ee:b6:a2:e7:7e:48:7c:cc:f2:a6:85:91:00:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Feb 25 00:00:33 2026 GMT Not After : May 26 23:59:59 2026 GMT Subject: serialNumber=028b0cd52c3ec196007fba15fed52b37daf7c8998bc229995b3c2a6a2918c73c, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:28:45:a5:6d:ec:4e:21:2c:9f:cf:93:3f:7a: e2:bd:f0:2c:ed:05:9a:b1:ba:69:38:19:0d:30:24: b5:82:c7:a3:bf:97:ed:f6:34:ab:a5:20:b1:94:a4: 04:d5:33:87:cb:63:44:63:de:c6:da:f6:1a:ef:1f: c1:73:40:e5:c8:e2:a7:34:02:3c:93:2f:6f:f2:ed: a7:dd:41:4a:d7:14:11:f8:57:b2:c0:4c:05:14:66: db:95:0f:fe:42:9d:42:e9:ac:fd:47:b5:e1:c5:f5: c4:f2:9f:79:af:e4:81:12:a4:17:8e:27:9b:ac:3a: 3f:64:f4:b1:09:08:1a:f5:ab:be:93:e6:4b:c8:59: 22:70:61:30:c5:1f:79:99:ec:00:23:19:86:d1:54: 57:0f:25:00:3a:22:f2:f5:98:3f:54:aa:31:92:b1: 1f:46:93:59:74:de:39:46:b9:fc:cf:0f:a8:d9:27: b4:a2:83:e8:57:68:91:a1:46:51:54:cd:2b:4c:80: 48:bc:46:b7:55:6b:f3:f5:94:ce:f4:cc:e8:c4:b0: 81:80:83:2f:06:f0:bf:6a:09:98:df:a1:62:2c:a9: 8e:ea:99:27:e2:8d:28:76:a7:8e:f4:89:ba:de:91: ec:95:d6:fa:5e:0d:3d:01:94:77:93:97:21:da:67: 08:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:CC:47:8D:3A:5B:17:E4:B5:7D:5B:E1:F1:49:76:58:07:7D:53:C7 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000:8000::/40 Signature Algorithm: sha256WithRSAEncryption 21:68:e3:8b:03:23:ea:9b:11:c0:f6:ce:c5:33:e5:c1:7a:3a: 09:03:9d:cb:dd:3a:5d:8b:f9:b2:9d:1c:df:54:3d:d9:bb:f7: b1:2c:4e:fb:d6:15:e1:7b:e8:a2:f6:32:ef:07:32:97:28:5d: bb:0d:b2:f9:1e:2c:d2:6e:da:b0:e4:23:86:a2:26:51:9b:98: bd:0e:47:79:bf:56:c5:d6:77:d4:49:56:23:ed:61:b9:fd:58: b6:af:52:6e:5c:ed:88:ca:17:8d:a6:b0:ee:86:85:f9:02:ae: ad:84:07:9a:4b:19:05:5b:0e:cb:08:00:74:86:65:ed:70:79: 6d:b8:fe:62:7c:4d:07:0d:98:21:94:b6:85:2e:4f:29:1d:96: 48:24:e1:d9:7d:af:4d:9b:3a:7a:65:e3:0f:db:52:24:21:cf: 46:cc:a9:f7:0f:29:0f:fa:be:40:cd:75:80:38:a4:4e:f6:93: ac:a2:e1:cc:64:9c:04:5f:b8:82:ab:d9:e5:51:5d:ed:23:28: ac:a7:97:4d:43:4c:a4:b9:30:88:90:64:5a:fc:a5:5c:02:ef: 9d:cd:4d:e5:b3:15:79:f2:21:53:1f:de:80:ee:5b:dd:dc:83: ef:ee:84:c7:1d:5c:61:44:b1:2e:52:ac:cc:9e:15:ae:7b:63: a5:50:a1:85 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUce2slMs17rai535IfMzypoWRALEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDIyNTAwMDAzM1oX DTI2MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAMDI4YjBjZDUyYzNlYzE5NjAwN2Zi YTE1ZmVkNTJiMzdkYWY3Yzg5OThiYzIyOTk5NWIzYzJhNmEyOTE4YzczYzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArShFpW3sTiEsn8+TP3rivfAs7QWa sbppOBkNMCS1gsejv5ft9jSrpSCxlKQE1TOHy2NEY97G2vYa7x/Bc0DlyOKnNAI8 ky9v8u2n3UFK1xQR+FeywEwFFGbblQ/+Qp1C6az9R7XhxfXE8p95r+SBEqQXjieb rDo/ZPSxCQga9au+k+ZLyFkicGEwxR95mewAIxmG0VRXDyUAOiLy9Zg/VKoxkrEf RpNZdN45Rrn8zw+o2Se0ooPoV2iRoUZRVM0rTIBIvEa3VWvz9ZTO9MzoxLCBgIMv BvC/agmY36FiLKmO6pkn4o0odqeO9Im63pHsldb6Xg09AZR3k5ch2mcIGwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFI/MR406WxfktX1b4fFJdlgHfVPHMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzlhOTRlZThjLTcwMjktNGZmYi1hZjdmLTQzNWUxNjEzMzNkZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AAIAwDQYJKoZIhvcNAQELBQADggEBACFo44sDI+qbEcD2zsUz 5cF6OgkDncvdOl2L+bKdHN9UPdm797EsTvvWFeF76KL2Mu8HMpcoXbsNsvkeLNJu 2rDkI4aiJlGbmL0OR3m/VsXWd9RJViPtYbn9WLavUm5c7YjKF42msO6GhfkCrq2E B5pLGQVbDssIAHSGZe1weW24/mJ8TQcNmCGUtoUuTykdlkgk4dl9r02bOnpl4w/b UiQhz0bMqfcPKQ/6vkDNdYA4pE72k6yi4cxknARfuIKr2eVRXe0jKKynl01DTKS5 MIiQZFr8pVwC753NTeWzFXnyIVMf3oDuW93cg+/uhMcdXGFEsS5SrMyeFa57Y6VQ oYU= -----END CERTIFICATE-----Generated at Sun Mar 1 21:43:55 2026 by rpki-client