$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa File: 7cf17e61-b049-438c-8aaf-2d4714b51857.roa (raw, json) Hash identifier: D71mPCSCdDc5l/ouJ/zsp/dcO4O3FCtqHc5HEaPtqtI= Subject key identifier: AF:E1:94:A6:F0:9A:D5:8F:F3:C6:23:EE:EE:D8:CE:70:B3:43:17:05 Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 329FC2CDEB311C78DA76B38780CD17FF0A88B926 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa Signing time: Fri 15 May 2026 00:10:10 +0000 ROA not before: Fri 15 May 2026 00:10:10 +0000 ROA not after: Thu 13 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80fa:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 31 May 2026 00:02:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:9f:c2:cd:eb:31:1c:78:da:76:b3:87:80:cd:17:ff:0a:88:b9:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 15 00:10:10 2026 GMT Not After : Aug 13 23:59:59 2026 GMT Subject: serialNumber=89a4776897b39e3e822b5cf93fdaba4826260bdb57436ff2008a2879a0f9bca1, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:c2:ae:8e:ec:cd:f7:0a:85:d0:7a:ff:bc:ea: 55:4a:ce:47:be:bf:90:a0:b4:15:9b:8c:fb:84:e9: ce:a7:18:84:fa:7d:2e:1b:94:10:68:a6:37:f5:56: f3:85:4d:52:b5:54:9e:ec:09:ba:8b:08:c2:5b:36: 3a:b5:d6:dc:70:00:cb:b5:e2:0d:00:c3:e2:44:82: f4:6d:63:75:bf:da:d2:8d:a2:17:fb:30:6d:5d:8e: bc:e0:bf:66:41:a6:7f:e7:44:52:bd:2d:2c:9d:e5: 85:9e:2e:fc:e0:20:ab:41:5d:89:58:75:81:68:f7: fe:26:c7:2a:7f:86:86:a1:a5:ad:59:1c:4d:fa:79: 90:f3:84:49:31:14:9e:c7:bf:e2:8b:6d:d3:26:82: a0:a5:4c:ad:5d:12:4a:1b:49:fd:5a:97:96:3e:43: 3a:91:55:b0:b1:95:21:f7:54:0a:fe:fb:c1:15:de: c9:9e:e2:ee:a5:cb:d0:4b:ca:91:64:51:49:8b:9a: e6:ff:65:b5:7b:72:03:a8:cc:bb:e2:d7:85:67:89: 28:98:c7:8f:83:9e:df:c1:c5:2e:01:ef:e2:ce:03: 06:37:93:2a:de:e4:cb:72:5d:33:29:3d:db:a0:ba: 17:bb:52:26:f5:63:e5:b5:d8:9e:ef:7e:55:ed:a2: e1:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:E1:94:A6:F0:9A:D5:8F:F3:C6:23:EE:EE:D8:CE:70:B3:43:17:05 X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/7cf17e61-b049-438c-8aaf-2d4714b51857.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80fa:4000::/40 Signature Algorithm: sha256WithRSAEncryption 33:1f:ee:11:df:24:52:76:d1:45:b4:5a:a8:eb:5a:e1:d0:70: 25:81:ba:5a:36:a4:c6:52:ca:54:05:9f:18:ec:48:31:ad:ed: 9d:42:6c:3e:0b:45:bd:4d:47:a2:8c:bd:b4:fd:62:a1:d5:b2: d2:56:48:55:a7:0a:af:dc:5e:4a:d6:f3:70:2e:2a:ae:22:0e: ea:bb:2b:45:93:1b:c9:f4:11:26:cb:28:a9:88:8b:cf:44:cb: e7:fb:ff:99:d5:2f:e6:72:cc:48:6c:b2:98:17:7f:3f:cb:f9: c8:fa:45:1c:1f:7d:f5:75:83:f9:83:b1:26:f0:8f:fe:34:26: f0:26:82:60:fa:b2:97:4a:80:6f:01:96:cb:2e:28:08:c2:64: 5b:75:cd:73:a1:51:1f:1e:d3:f0:de:de:7e:37:e4:34:c5:c0: 3f:e0:1a:e4:32:e3:71:4f:19:d7:6f:1d:9b:d4:73:ed:7b:35: 99:e7:f9:3f:ba:e6:05:5d:53:99:f8:86:a6:ad:ae:5b:fe:33: d5:37:be:b1:94:ce:1b:5b:61:a5:51:4d:98:20:8c:37:57:63: 9c:b8:78:62:25:67:37:87:cb:a3:80:c6:33:af:4c:58:22:6e: 60:81:12:86:e0:c2:0c:ef:33:50:cc:f6:ea:56:2e:10:48:6f: e3:db:ac:db -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUMp/CzesxHHjadrOHgM0X/wqIuSYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDUxNTAwMTAxMFoX DTI2MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAODlhNDc3Njg5N2IzOWUzZTgyMmI1 Y2Y5M2ZkYWJhNDgyNjI2MGJkYjU3NDM2ZmYyMDA4YTI4NzlhMGY5YmNhMTEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcKujuzN9wqF0Hr/vOpVSs5Hvr+Q oLQVm4z7hOnOpxiE+n0uG5QQaKY39VbzhU1StVSe7Am6iwjCWzY6tdbccADLteIN AMPiRIL0bWN1v9rSjaIX+zBtXY684L9mQaZ/50RSvS0sneWFni784CCrQV2JWHWB aPf+Jscqf4aGoaWtWRxN+nmQ84RJMRSex7/ii23TJoKgpUytXRJKG0n9WpeWPkM6 kVWwsZUh91QK/vvBFd7JnuLupcvQS8qRZFFJi5rm/2W1e3IDqMy74teFZ4komMeP g57fwcUuAe/izgMGN5Mq3uTLcl0zKT3boLoXu1Im9WPltdie735V7aLhDwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFK/hlKbwmtWP88Yj7u7YznCzQxcFMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzdjZjE3ZTYxLWIwNDktNDM4Yy04YWFmLTJkNDcxNGI1MTg1Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+A+kAwDQYJKoZIhvcNAQELBQADggEBADMf7hHfJFJ20UW0Wqjr WuHQcCWBulo2pMZSylQFnxjsSDGt7Z1CbD4LRb1NR6KMvbT9YqHVstJWSFWnCq/c XkrW83AuKq4iDuq7K0WTG8n0ESbLKKmIi89Ey+f7/5nVL+ZyzEhsspgXfz/L+cj6 RRwfffV1g/mDsSbwj/40JvAmgmD6spdKgG8BlssuKAjCZFt1zXOhUR8e0/De3n43 5DTFwD/gGuQy43FPGddvHZvUc+17NZnn+T+65gVdU5n4hqatrlv+M9U3vrGUzhtb YaVRTZggjDdXY5y4eGIlZzeHy6OAxjOvTFgibmCBEobgwgzvM1DM9upWLhBIb+Pb rNs= -----END CERTIFICATE-----Generated at Wed May 27 12:42:23 2026 by rpki-client