$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/baa1273d-7883-4b5d-8e1c-23ebac490846.roa File: baa1273d-7883-4b5d-8e1c-23ebac490846.roa (raw, json) Hash identifier: ATmRMyAShm6xcm/3HjDls/+48GPwhYODyWuwcLwRQno= Subject key identifier: E5:74:83:6F:44:9B:D3:BE:14:D7:ED:9F:95:15:05:C7:B9:40:9E:15 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 0D25DCD4B43EF258EB8F2CECA79E7FF7396E23E0 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/baa1273d-7883-4b5d-8e1c-23ebac490846.roa Signing time: Wed 25 Feb 2026 00:00:53 +0000 ROA not before: Wed 25 Feb 2026 00:00:53 +0000 ROA not after: Tue 26 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:4040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:25:dc:d4:b4:3e:f2:58:eb:8f:2c:ec:a7:9e:7f:f7:39:6e:23:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Feb 25 00:00:53 2026 GMT Not After : May 26 23:59:59 2026 GMT Subject: serialNumber=9835c951931a97adec45c68f0c25d329b243c6c52b2df97259b69f8622b0b68a, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:9d:88:de:60:fb:93:1f:81:8f:0d:09:64:5c: 37:da:c0:81:11:5f:e4:c6:41:2b:cf:59:87:01:ad: cc:f8:99:bd:cc:61:e2:e0:35:2e:f3:f6:3f:ad:0c: 4a:1b:f9:3c:59:b4:28:17:6b:ce:fb:ca:e9:2f:19: ac:a2:d4:bb:bd:97:f4:a5:1b:fc:6c:6e:67:f0:67: 80:c8:54:35:00:c5:77:67:51:27:65:f0:a9:20:5a: 34:40:55:a2:55:89:03:06:52:4f:81:3a:b8:52:4e: 2c:e9:6b:69:ee:81:8f:d9:ec:af:25:41:ad:cb:33: 4c:be:e1:e3:97:f9:4b:50:5d:dd:1c:2b:41:75:fa: da:69:4e:fe:cd:0b:bf:76:32:a9:a8:fd:e9:b7:79: 8c:ad:d9:5e:c9:3e:4c:fd:60:7e:78:29:06:ac:e0: bd:99:b5:8a:ed:6e:27:05:d5:fd:10:8f:bb:28:a5: 99:3a:67:5e:be:4e:71:99:bb:cd:35:68:9b:c0:6f: 0c:03:c8:d5:68:37:b4:b3:14:ab:93:79:62:92:e4: 29:1f:f2:2a:3d:c0:19:2b:88:da:59:9c:cc:71:ce: e6:5d:ec:19:5b:67:87:38:d6:fd:06:f0:c5:df:fa: b3:7b:48:70:79:70:b9:e8:48:44:a4:06:8c:f1:60: c2:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:74:83:6F:44:9B:D3:BE:14:D7:ED:9F:95:15:05:C7:B9:40:9E:15 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/baa1273d-7883-4b5d-8e1c-23ebac490846.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:4040::/48 Signature Algorithm: sha256WithRSAEncryption 92:79:b3:38:aa:84:11:ee:b7:1e:5c:fe:13:55:52:17:17:44: f5:fc:af:b9:60:54:34:6d:40:16:d0:c9:41:02:d2:bd:8c:8e: 02:45:61:51:53:08:68:a0:75:6a:0f:7b:db:51:6e:17:4b:12: e2:e7:3f:79:e1:e2:b2:18:d5:7c:0a:a7:c9:71:34:dc:6b:7f: 50:d4:45:ed:ad:72:74:cb:8c:b6:0e:1e:8e:16:7b:43:90:8b: 7f:b7:a1:b0:85:f6:04:40:07:bb:9d:7b:24:93:dc:79:d5:8a: 09:54:9f:6c:7f:c0:cc:27:6c:6b:91:71:cb:c0:7d:31:85:9c: 03:bf:77:ef:78:14:be:4a:d9:46:b4:7b:43:f5:e4:16:cb:c7: 62:ef:64:83:46:03:a9:a7:e5:6f:5a:0b:5f:8c:3a:79:81:7d: fa:cb:47:1d:9d:15:c4:04:35:e7:d3:4d:fd:ab:44:94:0b:97: 9b:f7:98:c4:c1:4e:39:79:60:9a:8e:a0:22:44:26:08:bb:09: 9d:a0:2c:fb:e4:d7:0e:fa:4b:a4:44:c4:e8:dd:cc:a2:da:cb: 26:cc:fe:8c:98:db:54:11:ce:37:f9:d5:52:91:bf:f3:b3:b9: a2:cc:91:fe:b0:e6:8c:a7:fe:45:9c:e7:65:c5:98:c6:47:56: 1f:6b:fa:ef -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUDSXc1LQ+8ljrjyzsp55/9zluI+AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDIyNTAwMDA1M1oX DTI2MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAOTgzNWM5NTE5MzFhOTdhZGVjNDVj NjhmMGMyNWQzMjliMjQzYzZjNTJiMmRmOTcyNTliNjlmODYyMmIwYjY4YTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv52I3mD7kx+Bjw0JZFw32sCBEV/k xkErz1mHAa3M+Jm9zGHi4DUu8/Y/rQxKG/k8WbQoF2vO+8rpLxmsotS7vZf0pRv8 bG5n8GeAyFQ1AMV3Z1EnZfCpIFo0QFWiVYkDBlJPgTq4Uk4s6Wtp7oGP2eyvJUGt yzNMvuHjl/lLUF3dHCtBdfraaU7+zQu/djKpqP3pt3mMrdleyT5M/WB+eCkGrOC9 mbWK7W4nBdX9EI+7KKWZOmdevk5xmbvNNWibwG8MA8jVaDe0sxSrk3likuQpH/Iq PcAZK4jaWZzMcc7mXewZW2eHONb9BvDF3/qze0hweXC56EhEpAaM8WDCfwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFOV0g29Em9O+FNftn5UVBce5QJ4VMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2JhYTEyNzNkLTc4ODMtNGI1ZC04ZTFjLTIzZWJhYzQ5MDg0Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/0BAMA0GCSqGSIb3DQEBCwUAA4IBAQCSebM4qoQR7rceXP4T VVIXF0T1/K+5YFQ0bUAW0MlBAtK9jI4CRWFRUwhooHVqD3vbUW4XSxLi5z954eKy GNV8CqfJcTTca39Q1EXtrXJ0y4y2Dh6OFntDkIt/t6GwhfYEQAe7nXskk9x51YoJ VJ9sf8DMJ2xrkXHLwH0xhZwDv3fveBS+StlGtHtD9eQWy8di72SDRgOpp+VvWgtf jDp5gX36y0cdnRXEBDXn0039q0SUC5eb95jEwU45eWCajqAiRCYIuwmdoCz75NcO +kukRMTo3cyi2ssmzP6MmNtUEc43+dVSkb/zs7mizJH+sOaMp/5FnOdlxZjGR1Yf a/rv -----END CERTIFICATE-----Generated at Sun Mar 1 23:21:20 2026 by rpki-client