$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3080b31-8684-4ce8-b4e6-33db63d13627.roa File: a3080b31-8684-4ce8-b4e6-33db63d13627.roa (raw, json) Hash identifier: d4l5dS+FJ9joHCn2URycSGDGBtCqE1BrEAcEV04w7NU= Subject key identifier: 10:17:84:3B:4C:03:C7:7E:98:E5:04:F5:0F:0E:28:60:30:53:6E:A2 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 572F372E329E1B363AA5A4AE966BC14C94856A55 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3080b31-8684-4ce8-b4e6-33db63d13627.roa Signing time: Wed 25 Feb 2026 00:00:48 +0000 ROA not before: Wed 25 Feb 2026 00:00:48 +0000 ROA not after: Tue 26 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8060::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:2f:37:2e:32:9e:1b:36:3a:a5:a4:ae:96:6b:c1:4c:94:85:6a:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Feb 25 00:00:48 2026 GMT Not After : May 26 23:59:59 2026 GMT Subject: serialNumber=aa4248cf510c51a543554cf9d7940eb6fa12c0095d67497b5d2e08c31976002e, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:74:39:9c:52:5f:cb:71:1c:e9:0f:35:f1:a1: cd:c9:12:39:05:ce:9f:89:8e:54:43:34:c7:d8:ad: 72:ce:4f:77:44:39:a0:7e:4c:3e:6d:45:df:d6:a5: e4:46:a7:4b:fd:ff:cc:50:aa:47:78:d0:da:e0:3e: 88:54:f3:fd:36:aa:32:55:57:40:db:6c:74:e1:3d: 7c:e8:be:f4:1d:89:6e:93:e7:0c:2a:d4:37:15:b0: a3:2f:88:da:8b:c5:23:da:a3:b9:95:d9:d3:25:c5: 0f:f9:47:96:4d:3e:c9:35:03:45:1f:aa:fd:48:fe: ac:ae:40:b2:f8:c5:1d:b7:ad:0d:22:a9:2c:86:1e: 70:56:ab:bf:56:bc:c4:99:d5:ef:03:87:94:36:28: 0d:ef:5e:ba:8e:30:39:48:1f:c4:e8:4a:52:cb:53: 3c:0a:f9:49:4b:36:a4:6d:54:a3:97:7c:18:cd:6e: 6e:b9:33:ce:65:d6:15:da:16:dc:34:1a:66:35:d3: c8:5c:e6:ba:90:bc:fb:c6:dc:21:1e:fa:77:6b:b2: 95:ca:03:c7:06:c0:19:11:32:1e:31:6d:59:ce:c3: 3d:1b:47:16:51:1f:4e:34:ec:b0:73:bc:3d:91:4b: ee:cf:1d:6d:5c:b7:a8:b0:1a:a8:97:bb:b6:41:2d: d0:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:17:84:3B:4C:03:C7:7E:98:E5:04:F5:0F:0E:28:60:30:53:6E:A2 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3080b31-8684-4ce8-b4e6-33db63d13627.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8060::/32 Signature Algorithm: sha256WithRSAEncryption ac:2d:1c:d6:fc:b2:fc:1e:16:cc:b7:a6:4c:7e:e7:79:25:3c: 23:ed:68:b7:2a:d1:0f:47:22:e1:4b:38:b4:42:e3:42:ca:b7: 86:51:56:13:09:28:47:df:e7:52:d6:96:cf:a5:43:0e:31:89: bf:3d:34:1c:e2:dd:42:be:ae:5e:08:63:df:5e:c2:17:4d:f3: 27:0e:dd:1e:e0:be:ee:90:96:ac:a3:40:f2:07:1d:76:a6:31: af:e9:d6:3e:2d:d6:fd:3e:86:37:47:80:a9:10:6e:f7:55:d7: 1f:42:e6:7a:f6:8f:77:3b:b7:09:17:e8:e5:f4:b3:63:19:08: 47:63:1e:65:5d:2e:63:3c:fe:be:d9:8b:76:0f:c1:af:8a:6e: 00:6c:da:1e:52:49:5f:95:49:24:78:ea:24:f8:88:b5:49:9c: 27:54:91:9f:74:f6:63:d2:76:b1:92:f8:96:0f:9d:25:af:79: 16:ae:65:ac:43:d3:59:37:b5:87:1e:bd:b7:a2:26:13:1b:f4: 53:ae:fd:3d:f0:ba:1a:8d:0b:ef:66:b0:ec:7c:f9:60:13:32: cd:03:e9:59:94:af:2d:3e:71:c8:84:e3:ba:13:9d:44:69:c8: e3:cb:f2:2b:25:ec:9d:ee:3c:39:2b:95:ab:2e:0e:7f:ce:8d: c4:95:05:02 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUVy83LjKeGzY6paSulmvBTJSFalUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDIyNTAwMDA0OFoX DTI2MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAYWE0MjQ4Y2Y1MTBjNTFhNTQzNTU0 Y2Y5ZDc5NDBlYjZmYTEyYzAwOTVkNjc0OTdiNWQyZTA4YzMxOTc2MDAyZTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4nQ5nFJfy3Ec6Q818aHNyRI5Bc6f iY5UQzTH2K1yzk93RDmgfkw+bUXf1qXkRqdL/f/MUKpHeNDa4D6IVPP9NqoyVVdA 22x04T186L70HYluk+cMKtQ3FbCjL4jai8Uj2qO5ldnTJcUP+UeWTT7JNQNFH6r9 SP6srkCy+MUdt60NIqkshh5wVqu/VrzEmdXvA4eUNigN7166jjA5SB/E6EpSy1M8 CvlJSzakbVSjl3wYzW5uuTPOZdYV2hbcNBpmNdPIXOa6kLz7xtwhHvp3a7KVygPH BsAZETIeMW1ZzsM9G0cWUR9ONOywc7w9kUvuzx1tXLeosBqol7u2QS3QqwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFBAXhDtMA8d+mOUE9Q8OKGAwU26iMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2EzMDgwYjMxLTg2ODQtNGNlOC1iNGU2LTMzZGI2M2QxMzYyNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJA+AYDANBgkqhkiG9w0BAQsFAAOCAQEArC0c1vyy/B4WzLemTH7n eSU8I+1otyrRD0ci4Us4tELjQsq3hlFWEwkoR9/nUtaWz6VDDjGJvz00HOLdQr6u Xghj317CF03zJw7dHuC+7pCWrKNA8gcddqYxr+nWPi3W/T6GN0eAqRBu91XXH0Lm evaPdzu3CRfo5fSzYxkIR2MeZV0uYzz+vtmLdg/Br4puAGzaHlJJX5VJJHjqJPiI tUmcJ1SRn3T2Y9J2sZL4lg+dJa95Fq5lrEPTWTe1hx69t6ImExv0U679PfC6Go0L 72aw7Hz5YBMyzQPpWZSvLT5xyITjuhOdRGnI48vyKyXsne48OSuVqy4Of86NxJUF Ag== -----END CERTIFICATE-----Generated at Sun Mar 1 21:40:58 2026 by rpki-client