$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa File: 7cf17e61-b049-438c-8aaf-2d4714b51857.roa (raw, json) Hash identifier: ALyWeSoBLj0PwykMwWQ6ZX+jvq078L7Ei6b3Vomgui4= Subject key identifier: 65:55:5F:07:40:FF:D3:9A:51:67:EE:14:5C:F8:BB:49:42:EB:0F:48 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 644D750F3D14438B513ED54ACE208394D54671CF Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa Signing time: Tue 24 Feb 2026 00:10:39 +0000 ROA not before: Tue 24 Feb 2026 00:10:39 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fa:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 00:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:4d:75:0f:3d:14:43:8b:51:3e:d5:4a:ce:20:83:94:d5:46:71:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: Feb 24 00:10:39 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=55c4377841677a06a708b70b735a48faff71c73c5167baf4167b08ca43aa56e5, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:bc:da:52:31:25:a2:ae:4e:b0:a4:e4:25:98: 3c:ec:38:a2:19:0e:48:8f:3c:18:68:9d:36:9e:17: d4:87:eb:a9:dd:20:29:f0:ea:ea:6c:53:8a:9d:0e: 0a:4f:12:80:86:08:79:91:c9:6b:bb:42:ad:1d:73: 65:24:dc:e5:b8:7f:e7:5e:4c:6e:a3:ff:0c:52:f4: 38:ec:5d:a6:5a:91:73:8c:18:12:b8:53:38:f7:a4: e7:71:01:0e:9d:27:3b:7a:c1:18:07:7f:66:e6:4d: 95:9b:ab:50:d7:a7:fd:66:48:1d:2d:31:65:24:35: 86:01:d6:5d:63:e9:f6:1e:21:c1:63:9c:9c:18:60: 0a:67:94:53:d9:27:08:7c:1c:02:a1:23:ae:f5:74: 89:da:35:a1:1c:0b:35:97:5a:ac:0c:a8:07:31:45: ab:5a:5b:f6:45:a3:85:e4:8a:d3:97:94:ab:b4:8e: 39:a6:9a:08:45:7d:58:86:9a:30:2f:7b:0c:89:f8: cc:88:e7:e5:6d:bf:d4:f3:0e:a9:4c:80:c1:7f:33: 53:bc:ed:a1:b6:9c:26:7e:71:e8:20:55:e1:78:3e: 34:bf:65:d4:69:15:89:bc:51:79:59:96:41:1b:ad: 43:a3:b2:bc:d7:da:d3:3f:1c:dd:d2:9b:20:0c:b8: 70:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:55:5F:07:40:FF:D3:9A:51:67:EE:14:5C:F8:BB:49:42:EB:0F:48 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fa:4000::/40 Signature Algorithm: sha256WithRSAEncryption 1e:3b:37:df:15:d3:28:9d:00:f1:73:f7:28:08:42:42:20:10: fb:8c:59:d7:60:e8:0f:c4:6c:c7:16:97:5f:35:94:bc:75:98: 77:7b:35:af:ad:61:4a:ce:ed:a0:3f:04:86:0c:ba:83:38:24: 0b:73:20:7c:dc:25:f3:85:c5:b8:c4:31:9c:d8:f6:a8:cb:48: 8b:76:fe:e5:0b:3e:77:b1:43:19:8b:1f:74:69:9c:d6:f9:a7: 62:41:ca:6e:ff:0a:33:6b:a6:01:f1:20:c5:d3:0a:9d:f6:4d: 57:36:25:c3:87:26:be:5d:ba:34:05:36:45:75:39:b3:9c:3e: d0:aa:d9:ea:b6:7d:c3:87:3a:c6:b0:d5:f4:9d:dd:46:44:0f: 82:a1:db:54:67:24:aa:d1:cb:7c:8b:f0:dd:74:b0:83:39:0d: 53:2d:5f:20:99:08:23:13:21:44:f8:a3:1d:c2:22:81:2e:41: e0:1d:af:0c:ad:45:09:7d:e3:f0:7c:9c:ba:f0:c3:f0:36:da: db:50:ac:ea:2f:b0:86:0d:d3:ac:c8:dc:36:6f:79:e8:6d:26: bf:d3:f8:18:aa:89:15:70:91:d5:5f:c0:6d:b0:b5:54:68:79: fd:4e:06:c1:31:ad:d3:f9:3a:63:8b:69:c4:93:9f:54:fe:cb: 62:05:b4:21 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZE11Dz0UQ4tRPtVKziCDlNVGcc8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDIyNDAwMTAzOVoX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNANTVjNDM3Nzg0MTY3N2EwNmE3MDhi NzBiNzM1YTQ4ZmFmZjcxYzczYzUxNjdiYWY0MTY3YjA4Y2E0M2FhNTZlNTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbzaUjEloq5OsKTkJZg87DiiGQ5I jzwYaJ02nhfUh+up3SAp8OrqbFOKnQ4KTxKAhgh5kclru0KtHXNlJNzluH/nXkxu o/8MUvQ47F2mWpFzjBgSuFM496TncQEOnSc7esEYB39m5k2Vm6tQ16f9ZkgdLTFl JDWGAdZdY+n2HiHBY5ycGGAKZ5RT2ScIfBwCoSOu9XSJ2jWhHAs1l1qsDKgHMUWr Wlv2RaOF5IrTl5SrtI45ppoIRX1YhpowL3sMifjMiOflbb/U8w6pTIDBfzNTvO2h tpwmfnHoIFXheD40v2XUaRWJvFF5WZZBG61Do7K819rTPxzd0psgDLhwiwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGVVXwdA/9OaUWfuFFz4u0lC6w9IMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzdjZjE3ZTYxLWIwNDktNDM4Yy04YWFmLTJkNDcxNGI1MTg1Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+kAwDQYJKoZIhvcNAQELBQADggEBAB47N98V0yidAPFz9ygI QkIgEPuMWddg6A/EbMcWl181lLx1mHd7Na+tYUrO7aA/BIYMuoM4JAtzIHzcJfOF xbjEMZzY9qjLSIt2/uULPnexQxmLH3RpnNb5p2JBym7/CjNrpgHxIMXTCp32TVc2 JcOHJr5dujQFNkV1ObOcPtCq2eq2fcOHOsaw1fSd3UZED4Kh21RnJKrRy3yL8N10 sIM5DVMtXyCZCCMTIUT4ox3CIoEuQeAdrwytRQl94/B8nLrww/A22ttQrOovsIYN 06zI3DZveehtJr/T+BiqiRVwkdVfwG2wtVRoef1OBsExrdP5OmOLacSTn1T+y2IF tCE= -----END CERTIFICATE-----Generated at Thu Feb 26 11:41:49 2026 by rpki-client