$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/f54cd21d-ebef-4509-8295-1f7547d0d717.roa File: f54cd21d-ebef-4509-8295-1f7547d0d717.roa (raw, json) Hash identifier: IArcZ7IFEnaNHN6NLfxKu5ltJwhY3XEHKKnmT07Ng7E= Subject key identifier: 43:D5:92:93:E6:50:32:A9:4D:78:9D:16:8B:74:EB:37:01:97:69:83 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 7E1E0E1F6122383463BFD7A71FFA9D81D67AAF01 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/f54cd21d-ebef-4509-8295-1f7547d0d717.roa Signing time: Wed 25 Feb 2026 00:00:52 +0000 ROA not before: Wed 25 Feb 2026 00:00:52 +0000 ROA not after: Tue 26 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:1e:0e:1f:61:22:38:34:63:bf:d7:a7:1f:fa:9d:81:d6:7a:af:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Feb 25 00:00:52 2026 GMT Not After : May 26 23:59:59 2026 GMT Subject: serialNumber=e3d446938478df621724582540a6288d5bea2cf889cf43c0845ea6c16a17fd08, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:d4:e8:ff:c8:1f:d0:c8:6c:23:a4:11:8e:fe: 79:4a:2c:f2:d1:4c:2b:58:8a:88:88:2e:fd:9f:38: dc:44:32:98:2b:63:11:e2:9b:bb:41:36:dd:68:e1: d5:63:16:72:5d:bd:50:05:b1:c5:55:b4:91:c7:f0: e0:29:4a:b8:43:04:7a:36:81:ad:72:9d:68:0f:c3: c3:48:ec:3e:3a:03:8f:b8:a6:94:ca:fa:22:21:6d: 7f:69:9b:bd:96:2d:ee:2f:eb:3e:01:a0:b0:9d:10: 5e:c1:7b:22:2a:c9:4b:47:79:55:59:6d:df:ee:c4: fc:f5:28:98:74:9f:41:19:d6:41:c2:3d:ea:be:89: f6:2f:b4:3a:c4:51:3a:ea:e1:84:29:7f:99:f0:19: 17:58:cc:6f:5b:93:03:93:da:5a:3b:32:3e:31:50: 3e:ee:8e:ab:5f:18:89:d6:80:bc:ae:67:23:76:e3: 8a:5d:c1:42:c2:18:0a:53:58:b2:a5:49:fc:78:a4: f3:5a:48:4e:47:72:bc:0b:f4:f6:89:28:9e:ee:db: fa:c8:3a:9a:0a:eb:7b:3b:8f:47:3d:b8:5f:aa:a1: 78:80:78:2e:80:be:cb:7e:25:54:93:3f:28:c2:23: 1a:17:31:cc:82:2e:b9:43:96:2d:5b:c8:54:dd:80: c0:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:D5:92:93:E6:50:32:A9:4D:78:9D:16:8B:74:EB:37:01:97:69:83 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/f54cd21d-ebef-4509-8295-1f7547d0d717.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018:400::/38 Signature Algorithm: sha256WithRSAEncryption 5b:66:44:bc:0f:bc:e1:69:a2:b4:99:01:c7:29:be:e1:11:ac: d2:d6:a8:5d:af:68:6e:2d:57:d1:81:d0:18:39:f7:d5:fe:3b: 43:91:5d:a9:a1:8c:63:51:4d:37:1f:cb:64:53:99:99:3f:ea: dd:d9:2d:c4:35:e0:8f:5f:b3:4d:d5:7e:2c:af:af:17:0d:ae: 20:ca:c9:59:43:46:25:cc:fa:62:f5:1b:59:6f:ca:09:f6:55: b7:68:59:d6:78:5e:87:81:0b:97:11:93:50:f5:77:90:7f:b1: 4d:ec:d9:9c:16:c2:17:8e:4f:07:44:7e:f1:c0:16:62:7a:f3: e2:9f:fa:f8:9b:65:c5:80:48:a2:13:28:c8:41:12:af:8c:bc: 6b:ce:f3:18:a9:d1:3f:0f:b7:98:24:05:bc:ba:f7:52:ad:64: fc:31:39:df:90:1b:aa:07:51:a9:34:7c:07:5d:0d:38:42:cd: 45:73:2f:45:ea:38:46:54:aa:b9:2c:12:d4:d9:ec:28:f7:1d: 71:de:e1:24:f6:c7:38:70:49:98:b5:ed:85:78:25:8c:f0:3c: ba:f9:3d:97:9d:07:ca:5e:cc:5f:3a:08:78:58:bc:ea:34:d1: dc:37:3f:6a:a3:fa:f0:b1:2e:f8:83:b8:2c:44:7e:bd:00:08: 2b:cf:b3:6a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfh4OH2EiODRjv9enH/qdgdZ6rwEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDIyNTAwMDA1MloX DTI2MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAZTNkNDQ2OTM4NDc4ZGY2MjE3MjQ1 ODI1NDBhNjI4OGQ1YmVhMmNmODg5Y2Y0M2MwODQ1ZWE2YzE2YTE3ZmQwODEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19To/8gf0MhsI6QRjv55Sizy0Uwr WIqIiC79nzjcRDKYK2MR4pu7QTbdaOHVYxZyXb1QBbHFVbSRx/DgKUq4QwR6NoGt cp1oD8PDSOw+OgOPuKaUyvoiIW1/aZu9li3uL+s+AaCwnRBewXsiKslLR3lVWW3f 7sT89SiYdJ9BGdZBwj3qvon2L7Q6xFE66uGEKX+Z8BkXWMxvW5MDk9paOzI+MVA+ 7o6rXxiJ1oC8rmcjduOKXcFCwhgKU1iypUn8eKTzWkhOR3K8C/T2iSie7tv6yDqa Cut7O49HPbhfqqF4gHgugL7LfiVUkz8owiMaFzHMgi65Q5YtW8hU3YDASQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEPVkpPmUDKpTXidFot06zcBl2mDMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2Y1NGNkMjFkLWViZWYtNDUwOS04Mjk1LTFmNzU0N2QwZDcxNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AGAQwDQYJKoZIhvcNAQELBQADggEBAFtmRLwPvOFporSZAccp vuERrNLWqF2vaG4tV9GB0Bg599X+O0ORXamhjGNRTTcfy2RTmZk/6t3ZLcQ14I9f s03VfiyvrxcNriDKyVlDRiXM+mL1G1lvygn2VbdoWdZ4XoeBC5cRk1D1d5B/sU3s 2ZwWwheOTwdEfvHAFmJ68+Kf+vibZcWASKITKMhBEq+MvGvO8xip0T8Pt5gkBby6 91KtZPwxOd+QG6oHUak0fAddDThCzUVzL0XqOEZUqrksEtTZ7Cj3HXHe4ST2xzhw SZi17YV4JYzwPLr5PZedB8pezF86CHhYvOo00dw3P2qj+vCxLviDuCxEfr0ACCvP s2o= -----END CERTIFICATE-----Generated at Sun Mar 1 21:43:44 2026 by rpki-client