$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/fcc4293c-b24f-4fac-9395-546f748b3b13.roa File: fcc4293c-b24f-4fac-9395-546f748b3b13.roa (raw, json) Hash identifier: GDiHw+97fWK0jHE27n8V1gR14keeSvWwqEVlXirYVeY= Subject key identifier: 70:A7:85:C4:8C:D9:50:A8:47:CE:DC:7B:CA:F0:FD:38:9F:DF:1B:81 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 6D6B5E9FCF1544B2442BE2F00E8F7C3550C33336 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/fcc4293c-b24f-4fac-9395-546f748b3b13.roa Signing time: Wed 25 Feb 2026 00:00:55 +0000 ROA not before: Wed 25 Feb 2026 00:00:55 +0000 ROA not after: Tue 26 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:8018::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:6b:5e:9f:cf:15:44:b2:44:2b:e2:f0:0e:8f:7c:35:50:c3:33:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Feb 25 00:00:55 2026 GMT Not After : May 26 23:59:59 2026 GMT Subject: serialNumber=e9193ed8c9749b7bb87ce73d6ae99a636cdc8ec5650c94e525d81937174af853, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:a3:c6:ae:7c:a4:33:25:0b:ff:de:fd:db:cd: e5:07:e4:fe:dc:37:67:5a:70:01:d4:4e:ea:c2:69: 9d:39:d2:c0:2e:0c:78:51:da:46:a0:30:fc:43:ac: 10:6f:eb:6b:88:21:96:55:fe:ab:69:1e:d0:ea:64: b5:7a:ef:1c:22:1d:12:00:07:cd:be:f5:45:fc:a9: ba:a7:b7:7b:b1:94:94:81:77:cf:a3:e7:d6:5f:02: 8d:d2:01:f7:4f:d9:73:c8:a2:84:98:2a:81:5f:5e: f7:cc:52:67:c1:6b:a6:a4:22:17:46:9e:ae:38:53: 39:63:7c:66:1a:a1:ba:7f:ba:a4:b0:21:29:3b:09: 23:70:0b:b5:90:0e:b0:c1:f2:e3:35:c1:0c:86:b7: b7:50:c4:07:58:87:82:32:24:57:84:02:d1:7b:11: ad:66:8d:a4:dc:99:33:dc:1d:f9:3d:00:0e:0f:e3: 7f:c1:ff:0e:ec:f7:b8:fd:90:1b:83:37:33:03:d6: 9c:be:48:81:2b:20:51:32:3c:f5:cb:8f:4c:3d:52: c4:71:0f:84:ab:3b:fd:1f:b4:6f:9d:15:bf:d2:01: de:8e:06:60:21:ce:aa:26:1f:9c:1d:28:43:e3:68: d2:90:a1:aa:a8:89:f3:df:81:c2:09:41:73:fd:f6: c3:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:A7:85:C4:8C:D9:50:A8:47:CE:DC:7B:CA:F0:FD:38:9F:DF:1B:81 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/fcc4293c-b24f-4fac-9395-546f748b3b13.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:8018::/38 Signature Algorithm: sha256WithRSAEncryption 2f:63:f2:2d:aa:ff:0c:15:53:23:6f:68:4c:d9:cd:01:07:df: fc:db:2c:25:9d:5e:c0:64:17:ca:3c:58:3f:14:c8:23:d8:dc: 20:ce:51:6f:f5:89:40:0a:7f:55:19:87:f4:26:95:85:5b:d4: b9:d7:49:8d:e6:52:c2:5d:a9:12:4c:ee:d3:d9:0a:44:8b:ac: a0:47:a5:43:b0:97:d5:57:64:ad:3a:00:f6:48:0d:b1:5a:0a: 36:6f:eb:6e:14:2f:a9:aa:09:55:cc:d8:7d:9b:f0:ce:c7:4f: 37:a4:20:db:0d:6b:28:ae:3e:44:bb:9d:d5:67:48:ef:7a:f7: 6c:ed:e3:2b:94:07:c9:41:41:ed:e2:6a:3b:3b:4c:a8:2e:5d: c2:4e:f3:f3:08:aa:0b:4e:c9:23:89:4c:67:f7:7a:7b:a7:9f: 22:fb:00:c8:fe:c6:54:35:ab:ea:a5:e0:bb:a5:5d:37:f5:41: 40:7c:d1:ce:53:88:b5:61:ae:21:c9:c5:eb:56:e4:08:a7:8c: fb:20:7d:19:b0:a9:1a:fa:f3:7b:04:25:e2:50:78:cc:26:4f: 5e:7b:c4:eb:96:74:25:34:a5:20:8a:e4:ea:30:d0:8a:07:10: 95:3f:32:bb:e2:7c:e7:e7:72:92:8d:7e:88:f6:95:74:df:bf: f5:75:eb:f6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUbWten88VRLJEK+LwDo98NVDDMzYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDIyNTAwMDA1NVoX DTI2MDUyNjIzNTk1OVowejFJMEcGA1UEBRNAZTkxOTNlZDhjOTc0OWI3YmI4N2Nl NzNkNmFlOTlhNjM2Y2RjOGVjNTY1MGM5NGU1MjVkODE5MzcxNzRhZjg1MzEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaPGrnykMyUL/979283lB+T+3Ddn WnAB1E7qwmmdOdLALgx4UdpGoDD8Q6wQb+triCGWVf6raR7Q6mS1eu8cIh0SAAfN vvVF/Km6p7d7sZSUgXfPo+fWXwKN0gH3T9lzyKKEmCqBX173zFJnwWumpCIXRp6u OFM5Y3xmGqG6f7qksCEpOwkjcAu1kA6wwfLjNcEMhre3UMQHWIeCMiRXhALRexGt Zo2k3Jkz3B35PQAOD+N/wf8O7Pe4/ZAbgzczA9acvkiBKyBRMjz1y49MPVLEcQ+E qzv9H7RvnRW/0gHejgZgIc6qJh+cHShD42jSkKGqqInz34HCCUFz/fbDCQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHCnhcSM2VCoR87ce8rw/Tif3xuBMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 L2ZjYzQyOTNjLWIyNGYtNGZhYy05Mzk1LTU0NmY3NDhiM2IxMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJA+AGAAwDQYJKoZIhvcNAQELBQADggEBAC9j8i2q/wwVUyNvaEzZ zQEH3/zbLCWdXsBkF8o8WD8UyCPY3CDOUW/1iUAKf1UZh/QmlYVb1LnXSY3mUsJd qRJM7tPZCkSLrKBHpUOwl9VXZK06APZIDbFaCjZv624UL6mqCVXM2H2b8M7HTzek INsNayiuPkS7ndVnSO9692zt4yuUB8lBQe3iajs7TKguXcJO8/MIqgtOySOJTGf3 enunnyL7AMj+xlQ1q+ql4LulXTf1QUB80c5TiLVhriHJxetW5AinjPsgfRmwqRr6 83sEJeJQeMwmT157xOuWdCU0pSCK5Oow0IoHEJU/MrvifOfncpKNfoj2lXTfv/V1 6/Y= -----END CERTIFICATE-----Generated at Mon Mar 2 01:25:46 2026 by rpki-client