$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa File: c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa (raw, json) Hash identifier: W268L1gIcFJyPanN7dTzXmIYsacZu4SL/8p8l9TcFRQ= Subject key identifier: 5A:28:1E:A5:47:07:D4:80:CD:3B:20:2D:8E:03:83:63:2E:C6:C5:7A Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 73FBDA5B354011F2DDE03C1E0C421133A185531C Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa Signing time: Wed 25 Feb 2026 00:00:51 +0000 ROA not before: Wed 25 Feb 2026 00:00:51 +0000 ROA not after: Tue 26 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80ff:40c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:fb:da:5b:35:40:11:f2:dd:e0:3c:1e:0c:42:11:33:a1:85:53:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Feb 25 00:00:51 2026 GMT Not After : May 26 23:59:59 2026 GMT Subject: serialNumber=4641de600fa68f381327a32702cd7a1eae0813bade01508866afeab75dfe0e76, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:1d:8c:61:e5:c9:91:b5:9f:c2:88:ec:88:01: d0:b2:2e:7c:70:b6:99:b9:0a:3d:ac:55:5c:a9:e0: 86:64:1f:f9:e1:d3:a1:40:da:31:27:17:74:4c:01: 84:45:3f:09:e0:d2:eb:76:4e:51:61:6e:56:6b:66: 23:72:e3:05:49:59:b1:d3:51:f2:14:3b:82:69:89: 84:d1:17:0c:e5:c4:ce:cb:1f:af:ff:38:51:50:48: 61:5a:a1:15:42:9e:da:79:ff:46:5b:d6:61:bf:9c: 0f:c8:c4:d8:5b:dd:84:f0:34:ef:91:0e:4f:55:b0: f9:79:f7:95:d8:20:a8:f3:3d:1f:2a:21:83:8e:4d: 84:67:34:41:4e:5d:0f:a3:62:a8:62:56:42:89:a6: 03:cd:bd:e8:7a:6d:42:d9:8f:04:75:1e:9d:5e:ca: 28:62:0c:5f:c9:b5:26:9c:f6:1b:06:70:97:45:06: d9:1f:a0:47:0d:3a:a3:8b:e9:52:e2:a9:20:a0:c7: 91:84:2c:4b:20:73:d8:09:d7:6c:6e:13:05:b2:50: 1e:6e:db:33:69:31:0e:4d:d5:58:88:bb:38:36:06: 8c:d5:bf:3b:95:d2:16:cf:0a:1c:70:db:11:a4:33: fb:77:a5:63:b0:0f:3c:c7:b0:58:49:b6:72:5e:45: 85:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:28:1E:A5:47:07:D4:80:CD:3B:20:2D:8E:03:83:63:2E:C6:C5:7A X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c9f7dbd2-1c7e-42e8-a7f9-00bd76e70248.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80ff:40c0::/48 Signature Algorithm: sha256WithRSAEncryption 11:33:fa:aa:d2:55:c4:c2:91:c4:73:b5:77:ef:6c:b5:57:10: c7:44:64:40:94:42:20:c7:8f:2a:99:f2:7f:84:84:2b:cd:94: b5:f8:4e:7d:3a:ea:cf:c9:0a:26:74:b1:8e:e0:14:d2:57:63: 2a:6a:a9:2c:56:e4:6f:15:a4:57:d4:64:e7:6a:ba:94:1d:5e: 3e:b3:4e:85:fd:c4:a4:e6:3d:eb:51:f5:76:72:3b:18:6d:5a: 5c:e7:de:93:40:42:f6:a8:e2:f4:9b:bd:f3:75:31:0b:e2:be: 4a:09:8a:11:7d:09:a4:24:50:4d:75:76:17:af:1c:b9:8f:4f: d7:04:31:ed:9d:36:2d:2f:34:46:c1:c7:2a:f5:07:d6:27:99: 08:1a:88:d5:9d:21:c2:42:b7:3a:57:e4:22:70:34:ec:12:cd: 1e:c2:d0:f6:19:81:1f:09:41:36:56:5c:03:85:2d:d9:78:3f: 0a:5e:03:7c:e4:5e:dd:25:af:de:8f:b6:c0:02:a9:67:3d:b0: dc:c1:b6:6d:74:50:47:84:ca:14:cd:c9:3a:b5:fe:51:3b:0d: 0b:6c:12:39:50:02:19:37:2d:72:a7:14:8c:49:1c:97:4b:a2: 50:c1:a5:fa:26:37:f8:cf:dc:f2:ad:a2:fe:a3:85:a3:b9:9f: 44:15:cc:23 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUc/vaWzVAEfLd4DweDEIRM6GFUxwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDIyNTAwMDA1MVoX DTI2MDUyNjIzNTk1OVowejFJMEcGA1UEBRNANDY0MWRlNjAwZmE2OGYzODEzMjdh MzI3MDJjZDdhMWVhZTA4MTNiYWRlMDE1MDg4NjZhZmVhYjc1ZGZlMGU3NjEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5x2MYeXJkbWfwojsiAHQsi58cLaZ uQo9rFVcqeCGZB/54dOhQNoxJxd0TAGERT8J4NLrdk5RYW5Wa2YjcuMFSVmx01Hy FDuCaYmE0RcM5cTOyx+v/zhRUEhhWqEVQp7aef9GW9Zhv5wPyMTYW92E8DTvkQ5P VbD5efeV2CCo8z0fKiGDjk2EZzRBTl0Po2KoYlZCiaYDzb3oem1C2Y8EdR6dXsoo YgxfybUmnPYbBnCXRQbZH6BHDTqji+lS4qkgoMeRhCxLIHPYCddsbhMFslAebtsz aTEOTdVYiLs4NgaM1b87ldIWzwoccNsRpDP7d6VjsA88x7BYSbZyXkWFcwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFooHqVHB9SAzTsgLY4Dg2MuxsV6MB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2M5ZjdkYmQyLTFjN2UtNDJlOC1hN2Y5LTAwYmQ3NmU3MDI0OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJA+A/0DAMA0GCSqGSIb3DQEBCwUAA4IBAQARM/qq0lXEwpHEc7V3 72y1VxDHRGRAlEIgx48qmfJ/hIQrzZS1+E59OurPyQomdLGO4BTSV2MqaqksVuRv FaRX1GTnarqUHV4+s06F/cSk5j3rUfV2cjsYbVpc596TQEL2qOL0m73zdTEL4r5K CYoRfQmkJFBNdXYXrxy5j0/XBDHtnTYtLzRGwccq9QfWJ5kIGojVnSHCQrc6V+Qi cDTsEs0ewtD2GYEfCUE2VlwDhS3ZeD8KXgN85F7dJa/ej7bAAqlnPbDcwbZtdFBH hMoUzck6tf5ROw0LbBI5UAIZNy1ypxSMSRyXS6JQwaX6Jjf4z9zyraL+o4WjuZ9E Fcwj -----END CERTIFICATE-----Generated at Sun Mar 1 21:40:59 2026 by rpki-client