$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/005a9212-fea0-4bc0-be12-084b81124b8f.roa File: 005a9212-fea0-4bc0-be12-084b81124b8f.roa (raw, json) Hash identifier: NcG6U/6fe8AVZZ27hvJPSHchyx+lRrircHcAdJGgru8= Subject key identifier: 75:BB:4F:77:19:9B:A5:00:CE:D5:9B:20:5E:13:34:D5:B5:8E:30:14 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1FF32EB25D9A14C53F5461F1744968AC5EC55576 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/005a9212-fea0-4bc0-be12-084b81124b8f.roa Signing time: Wed 18 Feb 2026 00:00:09 +0000 ROA not before: Wed 18 Feb 2026 00:00:09 +0000 ROA not after: Tue 19 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:7040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:f3:2e:b2:5d:9a:14:c5:3f:54:61:f1:74:49:68:ac:5e:c5:55:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 18 00:00:09 2026 GMT Not After : May 19 23:59:59 2026 GMT Subject: serialNumber=90f3b95c5046bc9237da0cc92389ec070559b79812ffe996dbe414b552812a6d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:7a:e5:dc:28:21:3b:80:88:41:2d:79:99:c8: 66:39:22:60:7f:b4:30:7d:9d:53:3f:28:99:7f:67: d8:c8:a8:a3:e5:d2:66:f4:95:e2:45:16:ec:eb:f6: e0:6c:67:f3:19:3a:6f:ea:81:3a:da:7d:4e:12:0b: 39:2e:e9:2f:5c:f2:e8:c5:df:82:06:48:7d:03:32: 79:ed:1e:e4:8e:dd:df:f5:84:3f:4e:9e:90:b1:eb: 36:bd:ea:db:d5:72:b4:de:c7:8d:6d:67:19:ad:54: c1:fe:c7:44:70:14:89:4b:da:58:c0:b3:83:66:08: 3d:3d:08:f4:c6:55:f9:6b:c9:0f:82:4d:0c:ee:ba: 56:f3:93:48:8a:e5:50:ff:fe:79:39:49:96:39:69: af:4d:78:ed:8d:84:49:9b:35:f9:9c:9b:f8:b5:65: 3e:a9:b3:d0:73:42:b3:88:db:4f:59:f8:c4:9a:0f: ea:ac:39:c7:88:01:87:d1:9d:2e:75:ab:11:9d:28: f0:3f:17:5a:29:b5:a1:7f:0b:39:d9:20:28:04:14: 09:e4:96:1d:6f:89:16:83:97:8d:1e:7c:1d:8b:eb: 24:7c:37:1f:ba:81:fe:6a:54:8c:e8:de:a4:f3:9b: 61:dc:bc:d5:d5:7f:f3:86:18:21:12:a9:b8:00:e2: c0:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:BB:4F:77:19:9B:A5:00:CE:D5:9B:20:5E:13:34:D5:B5:8E:30:14 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/005a9212-fea0-4bc0-be12-084b81124b8f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:7040::/48 Signature Algorithm: sha256WithRSAEncryption 48:fc:b2:66:e3:80:bb:79:22:3a:4b:76:4e:67:95:e3:a1:f8: 6e:67:33:44:e2:e2:a7:81:bc:94:8f:68:eb:24:c7:b9:90:63: 27:a9:2b:e7:de:f9:b5:49:cc:63:aa:95:73:0b:e2:e2:fa:c4: f5:76:e8:82:7e:67:ef:55:47:dc:60:83:b7:b6:92:38:6e:5a: 62:99:0b:bf:d8:1d:70:08:0b:66:86:ad:f2:4d:5c:04:99:39: a6:39:1d:12:9e:d0:a5:7d:05:dd:bb:14:6b:16:aa:27:57:24: 0e:f1:1f:ad:1c:02:d0:40:bc:23:c5:bb:8e:f5:db:a4:d0:30: 93:30:ac:58:33:cc:10:cb:8a:5c:0a:63:d2:ac:92:87:04:4d: b7:88:20:cb:02:3f:41:f8:9c:87:a9:b5:be:25:82:92:27:4e: 00:ab:32:2a:75:be:43:a4:81:de:21:90:97:cd:c8:61:f6:e8: a5:14:f6:bd:65:d0:91:f0:e7:12:e3:35:5d:07:37:1f:53:36: f9:94:ab:a5:39:7a:3c:82:01:bb:a5:f1:e0:9c:f2:54:82:38: b2:48:20:5f:16:d6:69:d5:e5:c6:a2:eb:74:84:0c:b2:3b:88: 43:ac:2d:56:5b:a3:d5:c4:40:c0:09:d6:fc:4c:f4:73:d0:15: 18:98:e5:5b -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUH/Musl2aFMU/VGHxdElorF7FVXYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxODAwMDAwOVoX DTI2MDUxOTIzNTk1OVowejFJMEcGA1UEBRNAOTBmM2I5NWM1MDQ2YmM5MjM3ZGEw Y2M5MjM4OWVjMDcwNTU5Yjc5ODEyZmZlOTk2ZGJlNDE0YjU1MjgxMmE2ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Hrl3CghO4CIQS15mchmOSJgf7Qw fZ1TPyiZf2fYyKij5dJm9JXiRRbs6/bgbGfzGTpv6oE62n1OEgs5LukvXPLoxd+C Bkh9AzJ57R7kjt3f9YQ/Tp6Qses2verb1XK03seNbWcZrVTB/sdEcBSJS9pYwLOD Zgg9PQj0xlX5a8kPgk0M7rpW85NIiuVQ//55OUmWOWmvTXjtjYRJmzX5nJv4tWU+ qbPQc0KziNtPWfjEmg/qrDnHiAGH0Z0udasRnSjwPxdaKbWhfws52SAoBBQJ5JYd b4kWg5eNHnwdi+skfDcfuoH+alSM6N6k85th3LzV1X/zhhghEqm4AOLAoQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFHW7T3cZm6UAztWbIF4TNNW1jjAUMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAwNWE5MjEyLWZlYTAtNGJjMC1iZTEyLTA4NGI4MTEyNGI4Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAHBAMA0GCSqGSIb3DQEBCwUAA4IBAQBI/LJm44C7eSI6S3ZO Z5XjofhuZzNE4uKngbyUj2jrJMe5kGMnqSvn3vm1ScxjqpVzC+Li+sT1duiCfmfv VUfcYIO3tpI4blpimQu/2B1wCAtmhq3yTVwEmTmmOR0SntClfQXduxRrFqonVyQO 8R+tHALQQLwjxbuO9duk0DCTMKxYM8wQy4pcCmPSrJKHBE23iCDLAj9B+JyHqbW+ JYKSJ04AqzIqdb5DpIHeIZCXzchh9uilFPa9ZdCR8OcS4zVdBzcfUzb5lKulOXo8 ggG7pfHgnPJUgjiySCBfFtZp1eXGout0hAyyO4hDrC1WW6PVxEDACdb8TPRz0BUY mOVb -----END CERTIFICATE-----Generated at Sun Mar 1 22:05:27 2026 by rpki-client