$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0455dd06-6363-446d-beab-2728280200d6.roa File: 0455dd06-6363-446d-beab-2728280200d6.roa (raw, json) Hash identifier: f6IPAGhL1OgbzdFG/5ba8vKT/t377WecPw0PFpALuUI= Subject key identifier: B4:1E:89:52:90:7C:D3:1A:A4:83:38:9F:B3:F2:E4:6A:04:DD:62:DA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 65C592907B9A795E9718AE0E659C5CD6609E9F21 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0455dd06-6363-446d-beab-2728280200d6.roa Signing time: Wed 11 Feb 2026 00:21:01 +0000 ROA not before: Wed 11 Feb 2026 00:21:01 +0000 ROA not after: Tue 12 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:c5:92:90:7b:9a:79:5e:97:18:ae:0e:65:9c:5c:d6:60:9e:9f:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 11 00:21:01 2026 GMT Not After : May 12 23:59:59 2026 GMT Subject: serialNumber=d7945e71d5f520475ac0b701edbb2ebd51518a185b2156d4975438878d541f62, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:29:af:af:55:5c:17:e1:9d:22:95:90:1a:1d: 9d:8e:03:2a:61:55:35:1b:e1:8e:a6:af:7e:3b:15: 11:53:1b:30:ce:ee:e6:62:d9:0d:59:9c:ac:7b:7a: b6:27:f0:0f:15:f2:67:b5:99:76:fd:f3:ac:ed:a6: a3:11:e7:c0:36:3b:b7:37:38:74:01:23:63:44:59: d8:77:3c:df:f5:6d:5e:39:f6:51:61:2a:80:a0:f4: 52:17:c1:c0:2a:19:f8:f6:c2:d3:fb:2f:49:5b:29: 35:89:11:59:07:18:67:1c:da:08:a0:63:bc:f7:b9: b5:b8:b6:28:c7:ae:ce:07:e2:30:e5:c7:de:b8:e3: 8c:d5:d6:5a:9d:78:bd:d8:4f:a6:b5:aa:11:ad:54: c6:07:d4:82:0e:9d:e3:67:8f:0d:df:03:69:68:3b: d3:2c:4d:f4:46:d9:48:1a:1b:16:68:46:f8:37:1b: 0a:4d:5b:8d:02:9c:5c:c8:10:d8:23:d5:2c:72:ae: 74:6f:cd:5f:36:1f:e5:7a:47:20:ce:03:06:3c:b8: c1:b4:e7:d6:8d:2b:09:ee:28:f9:e9:84:89:9b:8c: 48:57:f9:92:25:28:4f:d1:1b:8d:52:8a:c9:8f:f7: 28:1c:c1:a5:f2:73:60:0e:10:10:aa:b0:3c:6a:07: 34:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:1E:89:52:90:7C:D3:1A:A4:83:38:9F:B3:F2:E4:6A:04:DD:62:DA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0455dd06-6363-446d-beab-2728280200d6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:e000::/40 Signature Algorithm: sha256WithRSAEncryption 42:cf:eb:2c:81:43:2b:43:dc:49:3f:ac:4a:e9:6b:82:22:f6: 73:1a:04:fb:ea:b7:d7:f4:f3:c5:2a:32:db:61:fc:a8:12:83: 00:76:3d:ab:4f:4f:c8:86:46:bb:ee:c0:56:10:41:6c:22:c0: d4:e2:bc:06:b8:06:1f:b1:e2:1f:3f:2d:aa:4c:04:2c:53:2d: 09:20:a3:da:57:b0:eb:c7:4f:5a:09:d2:3b:47:e5:a7:d9:a5: 1d:b3:92:59:39:2f:62:f3:f5:89:f0:03:36:56:af:2d:6e:38: 00:6d:79:b3:1b:63:0b:4f:a8:0b:9d:f9:55:4d:41:c2:6c:98: 39:b4:02:61:f8:48:0a:d9:b3:13:6d:8f:a0:83:38:19:e5:ea: ef:fa:c5:f7:ac:c8:ae:2f:8b:47:95:94:cb:0d:de:ba:84:de: c3:72:13:c6:98:48:ec:2d:9c:c5:4c:2e:d1:e0:cd:52:8a:a1: dd:ba:58:8d:36:51:10:cd:d6:3d:9e:49:8d:f6:5b:fc:61:c7: 8e:94:f5:e6:91:da:16:dc:a9:bf:17:1b:01:c8:2d:5e:96:6b: 4c:86:13:04:61:7c:69:45:d2:0e:eb:b5:99:4e:d7:b4:80:13: 9b:f7:05:3c:c8:74:69:d3:bb:28:96:3a:16:20:1b:b1:8f:4c: cd:f4:d9:3d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZcWSkHuaeV6XGK4OZZxc1mCenyEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxMTAwMjEwMVoX DTI2MDUxMjIzNTk1OVowejFJMEcGA1UEBRNAZDc5NDVlNzFkNWY1MjA0NzVhYzBi NzAxZWRiYjJlYmQ1MTUxOGExODViMjE1NmQ0OTc1NDM4ODc4ZDU0MWY2MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSmvr1VcF+GdIpWQGh2djgMqYVU1 G+GOpq9+OxURUxswzu7mYtkNWZyse3q2J/APFfJntZl2/fOs7aajEefANju3Nzh0 ASNjRFnYdzzf9W1eOfZRYSqAoPRSF8HAKhn49sLT+y9JWyk1iRFZBxhnHNoIoGO8 97m1uLYox67OB+Iw5cfeuOOM1dZanXi92E+mtaoRrVTGB9SCDp3jZ48N3wNpaDvT LE30RtlIGhsWaEb4NxsKTVuNApxcyBDYI9Uscq50b81fNh/lekcgzgMGPLjBtOfW jSsJ7ij56YSJm4xIV/mSJShP0RuNUorJj/coHMGl8nNgDhAQqrA8agc0ewIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLQeiVKQfNMapIM4n7Py5GoE3WLaMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA0NTVkZDA2LTYzNjMtNDQ2ZC1iZWFiLTI3MjgyODAyMDBkNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8+AwDQYJKoZIhvcNAQELBQADggEBAELP6yyBQytD3Ek/rErp a4Ii9nMaBPvqt9f088UqMtth/KgSgwB2PatPT8iGRrvuwFYQQWwiwNTivAa4Bh+x 4h8/LapMBCxTLQkgo9pXsOvHT1oJ0jtH5afZpR2zklk5L2Lz9YnwAzZWry1uOABt ebMbYwtPqAud+VVNQcJsmDm0AmH4SArZsxNtj6CDOBnl6u/6xfesyK4vi0eVlMsN 3rqE3sNyE8aYSOwtnMVMLtHgzVKKod26WI02URDN1j2eSY32W/xhx46U9eaR2hbc qb8XGwHILV6Wa0yGEwRhfGlF0g7rtZlO17SAE5v3BTzIdGnTuyiWOhYgG7GPTM30 2T0= -----END CERTIFICATE-----Generated at Sun Mar 1 23:54:23 2026 by rpki-client