$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa File: c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa (raw, json) Hash identifier: xsNOVi4fgFpQS9WUgRZKKMqXRAxa2V19EH/9Hbo8VX4= Subject key identifier: DF:D7:8A:FE:1A:36:2F:23:5F:A8:98:8F:2B:3F:4A:71:7F:C1:D9:6E Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 72C45AC452BFD5FE9500812157A2088713573AA9 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa Signing time: Tue 24 Feb 2026 00:10:38 +0000 ROA not before: Tue 24 Feb 2026 00:10:38 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fe:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:c4:5a:c4:52:bf:d5:fe:95:00:81:21:57:a2:08:87:13:57:3a:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Feb 24 00:10:38 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=923859b2fbf4f8591b18a8dce35da83716aa00d69cd7d211af1179de69a199d9, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:90:34:d0:28:8f:7f:e2:9c:c6:34:5b:04:28: 4d:86:ce:e3:4e:a9:5f:28:74:6f:dc:b6:17:d6:d3: a8:53:75:da:85:e2:c5:c7:68:b3:61:8f:a1:ca:f8: 04:bd:5e:77:94:7e:cb:26:7c:67:79:23:d3:e9:d6: c7:ca:80:46:25:45:bb:06:5a:48:eb:bc:a0:9f:2c: 5d:3b:25:a6:13:45:db:eb:50:20:63:d5:fa:fb:f6: d7:20:ac:17:90:e5:c7:5f:24:c6:14:43:54:73:68: c4:9b:42:ef:a5:33:47:77:a0:1d:07:25:37:c3:52: 87:3f:96:21:e9:04:18:b5:84:a6:52:f0:ed:90:09: 6a:34:0d:a4:48:27:29:86:f1:b7:d0:f4:4d:81:9e: ec:e2:b4:c1:87:44:6a:8c:12:a8:e5:66:73:25:00: 79:3d:e7:3c:8d:85:b3:03:b3:b8:70:c9:89:e1:aa: 15:d0:46:4a:fe:5b:ad:2d:2d:63:a7:c7:96:3d:ca: 0f:fb:71:a9:8e:55:d0:0b:1f:23:d9:99:ac:a1:44: b6:cb:23:f7:be:f1:19:8f:1b:07:18:be:bf:47:61: 1e:99:7f:14:4d:18:d5:fc:b9:20:44:c6:3f:4f:79: f3:df:fc:d2:7d:4b:e0:48:d8:6c:42:b6:c4:bb:09: 43:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:D7:8A:FE:1A:36:2F:23:5F:A8:98:8F:2B:3F:4A:71:7F:C1:D9:6E X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fe:4000::/40 Signature Algorithm: sha256WithRSAEncryption b3:32:e7:d1:96:44:4a:8e:b8:63:73:51:af:c3:88:95:8d:1e: 07:9d:c5:2c:88:19:05:26:a9:79:f7:cd:57:e0:76:af:fd:e7: a3:63:1a:ed:e1:9d:bf:3e:03:6e:2a:b2:cc:9e:ec:d1:b6:df: f6:7c:43:c7:3a:07:c8:0c:58:e7:13:d1:69:92:00:bf:6b:5b: 9d:3c:15:84:cf:bd:e5:94:23:51:02:af:4d:0e:b2:7e:78:aa: 21:d7:2c:6f:fa:64:0c:df:af:10:2e:62:a7:a2:66:3f:b5:90: 0d:a8:a8:00:fc:3b:68:f2:9b:a9:a4:ed:e4:96:be:4b:c5:db: ac:87:da:2e:58:c1:40:5b:2b:3b:51:54:ed:3c:5a:ed:71:9b: 6d:37:d8:f1:c0:16:d0:3e:6a:17:ba:fc:0e:dd:ba:8e:7f:2c: 6b:8f:9c:ae:a9:5e:fb:c4:ac:3c:2e:67:60:27:24:6f:d7:05: 37:38:ad:58:91:c2:8a:a3:bd:54:3f:e0:89:06:b4:8c:7c:54: ad:44:de:63:c7:6f:41:0b:aa:80:ea:c5:7b:4e:09:fd:ea:63: 93:c1:bc:98:bc:ac:af:14:8c:7d:3e:43:15:f3:b9:79:07:56: c0:25:0d:30:85:87:51:d8:aa:a0:bc:b4:48:d5:62:a3:21:ea: a5:22:a9:f8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcsRaxFK/1f6VAIEhV6IIhxNXOqkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDIyNDAwMTAzOFoX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAOTIzODU5YjJmYmY0Zjg1OTFiMThh OGRjZTM1ZGE4MzcxNmFhMDBkNjljZDdkMjExYWYxMTc5ZGU2OWExOTlkOTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZA00CiPf+KcxjRbBChNhs7jTqlf KHRv3LYX1tOoU3XaheLFx2izYY+hyvgEvV53lH7LJnxneSPT6dbHyoBGJUW7BlpI 67ygnyxdOyWmE0Xb61AgY9X6+/bXIKwXkOXHXyTGFENUc2jEm0LvpTNHd6AdByU3 w1KHP5Yh6QQYtYSmUvDtkAlqNA2kSCcphvG30PRNgZ7s4rTBh0RqjBKo5WZzJQB5 Pec8jYWzA7O4cMmJ4aoV0EZK/lutLS1jp8eWPcoP+3GpjlXQCx8j2ZmsoUS2yyP3 vvEZjxsHGL6/R2EemX8UTRjV/LkgRMY/T3nz3/zSfUvgSNhsQrbEuwlDHQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFN/Xiv4aNi8jX6iYjys/SnF/wdluMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M4ODZmZGNjLWQ5YzQtNDg1YS1hOTQxLTdhYTJjN2QwOTNlMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A/kAwDQYJKoZIhvcNAQELBQADggEBALMy59GWREqOuGNzUa/D iJWNHgedxSyIGQUmqXn3zVfgdq/956NjGu3hnb8+A24qssye7NG23/Z8Q8c6B8gM WOcT0WmSAL9rW508FYTPveWUI1ECr00Osn54qiHXLG/6ZAzfrxAuYqeiZj+1kA2o qAD8O2jym6mk7eSWvkvF26yH2i5YwUBbKztRVO08Wu1xm2032PHAFtA+ahe6/A7d uo5/LGuPnK6pXvvErDwuZ2AnJG/XBTc4rViRwoqjvVQ/4IkGtIx8VK1E3mPHb0EL qoDqxXtOCf3qY5PBvJi8rK8UjH0+QxXzuXkHVsAlDTCFh1HYqqC8tEjVYqMh6qUi qfg= -----END CERTIFICATE-----Generated at Sun Mar 1 21:43:05 2026 by rpki-client