$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa File: efdcb43b-2f19-4107-a0a3-c55daccb2714.roa (raw, json) Hash identifier: Z+y0yPllh7bVL6ZwuGJwbGOyHyExdJ40mQne4FTsEp0= Subject key identifier: 5D:16:BB:77:4B:0C:36:65:6D:30:15:2F:DC:18:E7:01:59:4D:89:2F Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 63AEBC0FA04A2D02F0EE1C3DE75E94100CB2C236 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa Signing time: Tue 24 Feb 2026 00:10:35 +0000 ROA not before: Tue 24 Feb 2026 00:10:35 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80a0:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:ae:bc:0f:a0:4a:2d:02:f0:ee:1c:3d:e7:5e:94:10:0c:b2:c2:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Feb 24 00:10:35 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=c05879f201b467ebf7fbd5a2fd5deaacb4691d8eda3d5b556b99bc4761582fb5, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:61:e3:cd:42:19:4d:c9:7e:67:64:5e:52:5c: a8:c1:c0:01:72:d2:72:c3:cf:fb:bd:30:fb:51:05: 11:27:8d:af:9c:89:a4:3f:5f:d9:3f:c2:84:46:f2: 6d:4c:30:d5:19:b9:86:ca:f1:13:ca:f4:f1:f6:d1: ce:9a:d3:9a:8d:84:64:8d:4b:6c:ba:71:dc:03:48: 0e:b1:3f:c2:2d:2f:29:30:42:34:f7:d8:79:12:2f: 79:54:ab:b5:92:37:e0:80:81:f3:5c:d4:88:33:07: 06:6f:5d:8e:98:6f:33:73:9b:ae:90:c3:5b:2f:c1: e3:ff:c4:63:18:2b:7f:ef:2e:a6:8f:46:96:3c:ce: 5a:6b:e5:c6:c1:fb:ee:1b:c6:f1:ac:6b:8a:f9:8b: 9c:9c:3b:19:32:27:5b:32:e7:39:ad:3e:cd:74:f2: 9a:a9:a6:58:e3:cd:d1:77:2a:33:7f:d0:0c:22:fb: 94:e2:ba:23:31:aa:20:55:8d:dd:05:2c:02:27:fd: b2:4f:b3:e5:4c:60:c1:60:1a:9e:9e:34:45:93:88: 68:93:4c:f9:41:ed:de:94:56:2d:4f:ed:95:01:12: 66:59:a8:10:f4:b4:b5:35:2a:09:e4:7a:22:e2:c3: 74:de:16:5d:1f:43:4b:b6:93:2c:bc:97:93:a9:e5: 6e:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:16:BB:77:4B:0C:36:65:6D:30:15:2F:DC:18:E7:01:59:4D:89:2F X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/efdcb43b-2f19-4107-a0a3-c55daccb2714.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80a0:4000::/40 Signature Algorithm: sha256WithRSAEncryption 71:39:03:a9:31:41:24:90:82:05:4f:ce:39:f6:4c:eb:d0:66: 3e:51:33:e8:89:9b:2d:83:dc:e7:a4:39:23:40:d4:cd:76:cd: 55:8c:48:c9:32:6d:f4:63:c6:91:b3:4e:44:24:2e:8a:83:66: de:75:6b:21:21:c9:47:1e:8c:55:ee:ee:4a:b5:38:58:e0:ac: 10:9d:6b:fa:0c:42:8f:50:51:54:50:39:94:e5:ea:47:f8:df: 3a:4e:5f:a5:89:df:e9:00:20:de:35:b1:07:ba:74:fa:c0:e2: 15:95:13:18:e5:83:72:fe:06:ff:90:e9:c7:db:a1:f4:c5:2f: 88:54:b2:1b:30:b5:ae:ae:0b:f7:b6:64:dd:45:ab:04:f6:cf: 15:79:c8:15:ff:cf:67:7b:db:82:52:0c:10:0c:21:14:0e:a2: d4:29:ce:0b:1a:0f:8e:5f:23:36:bf:bd:a3:05:ca:e0:a0:e4: 16:9e:42:b4:f0:f5:fd:76:ce:5c:70:92:cd:3d:e0:8b:10:e3: 9a:7f:fc:68:ec:c3:b3:41:e8:88:6b:c7:69:d2:b5:47:f7:0e: 7d:98:93:c1:f3:9b:5e:62:e8:b2:2a:f1:0a:c3:dd:65:db:ee: 26:8a:00:84:f0:e5:86:98:3a:07:93:8d:e9:24:27:dd:d2:77: 9b:7c:13:50 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUY668D6BKLQLw7hw9516UEAyywjYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDIyNDAwMTAzNVoX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAYzA1ODc5ZjIwMWI0NjdlYmY3ZmJk NWEyZmQ1ZGVhYWNiNDY5MWQ4ZWRhM2Q1YjU1NmI5OWJjNDc2MTU4MmZiNTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumHjzUIZTcl+Z2ReUlyowcABctJy w8/7vTD7UQURJ42vnImkP1/ZP8KERvJtTDDVGbmGyvETyvTx9tHOmtOajYRkjUts unHcA0gOsT/CLS8pMEI099h5Ei95VKu1kjfggIHzXNSIMwcGb12OmG8zc5uukMNb L8Hj/8RjGCt/7y6mj0aWPM5aa+XGwfvuG8bxrGuK+YucnDsZMidbMuc5rT7NdPKa qaZY483Rdyozf9AMIvuU4rojMaogVY3dBSwCJ/2yT7PlTGDBYBqenjRFk4hok0z5 Qe3elFYtT+2VARJmWagQ9LS1NSoJ5Hoi4sN03hZdH0NLtpMsvJeTqeVuyQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFF0Wu3dLDDZlbTAVL9wY5wFZTYkvMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2VmZGNiNDNiLTJmMTktNDEwNy1hMGEzLWM1NWRhY2NiMjcxNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AoEAwDQYJKoZIhvcNAQELBQADggEBAHE5A6kxQSSQggVPzjn2 TOvQZj5RM+iJmy2D3OekOSNA1M12zVWMSMkybfRjxpGzTkQkLoqDZt51ayEhyUce jFXu7kq1OFjgrBCda/oMQo9QUVRQOZTl6kf43zpOX6WJ3+kAIN41sQe6dPrA4hWV Exjlg3L+Bv+Q6cfbofTFL4hUshswta6uC/e2ZN1FqwT2zxV5yBX/z2d724JSDBAM IRQOotQpzgsaD45fIza/vaMFyuCg5BaeQrTw9f12zlxwks094IsQ45p//Gjsw7NB 6Ihrx2nStUf3Dn2Yk8Hzm15i6LIq8QrD3WXb7iaKAITw5YaYOgeTjekkJ93Sd5t8 E1A= -----END CERTIFICATE-----Generated at Sun Mar 1 23:21:24 2026 by rpki-client