$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa File: a3f80673-8b1b-4af1-ae60-e74663f3df69.roa (raw, json) Hash identifier: 56sn6loSYaeAuvJodjDjTzV/Fg/+hpKC56eFdC/EiaI= Subject key identifier: 08:F1:EF:D6:62:BA:96:17:7C:4C:D4:7E:AC:E8:B3:5E:E6:32:75:D0 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 4F4161899057CDFBCF507FC988410CF2B5F7EDD6 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa Signing time: Wed 25 Feb 2026 00:00:53 +0000 ROA not before: Wed 25 Feb 2026 00:00:53 +0000 ROA not after: Tue 26 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8000:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:41:61:89:90:57:cd:fb:cf:50:7f:c9:88:41:0c:f2:b5:f7:ed:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Feb 25 00:00:53 2026 GMT Not After : May 26 23:59:59 2026 GMT Subject: serialNumber=080542df27fe77a1e40738a8e0e5fb635230961c263ac2a551234c6e6f538c4a, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:0e:93:fa:d4:57:de:ab:aa:40:99:07:b4:0c: 88:8c:46:98:c2:0d:c3:c7:fa:03:d9:05:9b:0b:50: 46:43:85:2f:52:9f:05:a9:92:2a:62:8b:1b:ed:89: c6:a3:05:29:3d:a9:a0:06:49:6a:a2:3c:4c:2c:65: f4:a8:47:a2:81:dd:81:85:d4:76:38:e0:f9:a7:82: 0f:3f:3f:d6:07:01:08:12:39:fe:5f:39:48:aa:68: c3:b6:23:d6:b4:5c:a6:48:13:79:fc:72:eb:af:ee: 78:10:39:2f:3d:94:a4:6e:97:c0:5d:c7:7c:d0:51: ec:27:a4:0a:73:8f:1f:ac:ab:03:62:39:5a:9f:7c: 85:38:f9:28:16:ff:a9:32:63:b1:92:de:a4:16:23: 93:20:ab:e4:23:d0:ef:7b:52:6a:50:03:2c:2f:75: c0:c9:8f:73:72:f6:bb:2f:40:2b:ea:71:6e:40:c1: 11:22:9f:aa:ed:df:b5:75:19:5d:fd:08:c5:a1:52: 65:ea:8d:21:fe:96:ed:70:0f:68:61:89:1e:24:17: 85:72:76:c1:ab:37:e4:31:36:89:5a:73:83:00:42: ae:ab:77:48:d0:28:d0:0e:a2:db:26:b4:9a:78:39: cc:56:68:32:1f:ad:32:46:3e:30:a8:d3:e9:28:81: b8:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:F1:EF:D6:62:BA:96:17:7C:4C:D4:7E:AC:E8:B3:5E:E6:32:75:D0 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8000:4000::/40 Signature Algorithm: sha256WithRSAEncryption b2:33:c8:41:10:cd:f2:da:be:58:d0:55:7c:52:08:8a:47:06: bd:1f:ad:2a:a4:45:cf:0c:db:9c:f8:7f:f0:4f:bf:b7:68:11: 60:98:02:0e:68:d4:9e:62:40:01:2e:30:6b:67:90:9d:b5:a9: e4:98:37:dc:61:e5:57:2c:06:ef:41:e5:03:e9:26:2c:dc:3c: d7:a1:cb:c2:66:f8:c0:c7:8b:23:45:f5:de:01:7c:e3:be:df: 29:6a:36:8e:d9:7b:6f:61:6f:d4:56:cc:af:f5:7f:fa:e7:6d: 8f:e9:1c:03:53:f3:e2:3b:8a:0b:99:74:3f:ab:de:ea:41:1c: 3a:e5:be:51:b7:5f:82:20:1d:fd:75:fb:af:57:3a:5d:05:4e: fb:49:3c:1e:47:33:d7:81:99:63:c2:6e:73:b1:40:27:11:59: 52:c6:01:dd:03:f2:78:6f:17:9c:7e:b7:d1:33:4c:86:25:a8: c7:f3:04:ff:43:0f:2b:d3:fc:c6:bf:ab:53:d9:f5:44:b7:e2: e6:b2:a8:e3:db:79:94:97:74:3d:e3:d6:c0:5d:30:f3:72:54: d5:e2:b3:b3:2e:bb:71:ed:c0:5c:13:c2:e5:a0:71:a7:dd:ea: 21:9c:75:44:91:37:e9:57:cb:69:71:20:47:6d:92:bf:ca:9a: ee:12:07:da -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUT0FhiZBXzfvPUH/JiEEM8rX37dYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDIyNTAwMDA1M1oX DTI2MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAMDgwNTQyZGYyN2ZlNzdhMWU0MDcz OGE4ZTBlNWZiNjM1MjMwOTYxYzI2M2FjMmE1NTEyMzRjNmU2ZjUzOGM0YTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsg6T+tRX3quqQJkHtAyIjEaYwg3D x/oD2QWbC1BGQ4UvUp8FqZIqYosb7YnGowUpPamgBklqojxMLGX0qEeigd2BhdR2 OOD5p4IPPz/WBwEIEjn+XzlIqmjDtiPWtFymSBN5/HLrr+54EDkvPZSkbpfAXcd8 0FHsJ6QKc48frKsDYjlan3yFOPkoFv+pMmOxkt6kFiOTIKvkI9Dve1JqUAMsL3XA yY9zcva7L0Ar6nFuQMERIp+q7d+1dRld/QjFoVJl6o0h/pbtcA9oYYkeJBeFcnbB qzfkMTaJWnODAEKuq3dI0CjQDqLbJrSaeDnMVmgyH60yRj4wqNPpKIG4OwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAjx79ZiupYXfEzUfqzos17mMnXQMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2EzZjgwNjczLThiMWItNGFmMS1hZTYwLWU3NDY2M2YzZGY2OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AAEAwDQYJKoZIhvcNAQELBQADggEBALIzyEEQzfLavljQVXxS CIpHBr0frSqkRc8M25z4f/BPv7doEWCYAg5o1J5iQAEuMGtnkJ21qeSYN9xh5Vcs Bu9B5QPpJizcPNehy8Jm+MDHiyNF9d4BfOO+3ylqNo7Ze29hb9RWzK/1f/rnbY/p HANT8+I7iguZdD+r3upBHDrlvlG3X4IgHf11+69XOl0FTvtJPB5HM9eBmWPCbnOx QCcRWVLGAd0D8nhvF5x+t9EzTIYlqMfzBP9DDyvT/Ma/q1PZ9US34uayqOPbeZSX dD3j1sBdMPNyVNXis7Muu3HtwFwTwuWgcafd6iGcdUSRN+lXy2lxIEdtkr/Kmu4S B9o= -----END CERTIFICATE-----Generated at Sun Mar 1 21:42:12 2026 by rpki-client