$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/045f365a-d378-4715-9b15-1b09a05b7ff1.roa File: 045f365a-d378-4715-9b15-1b09a05b7ff1.roa (raw, json) Hash identifier: 04oG1UBQntb5ysnhTdjgzS7q2QKFKpuY3jIIt3znWu0= Subject key identifier: F8:81:4E:77:41:C9:C7:6C:94:ED:C6:B6:A7:0C:A0:89:62:D1:DA:6E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5B0238AF03B611A16D681567A5C0CBFDB1BB222C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/045f365a-d378-4715-9b15-1b09a05b7ff1.roa Signing time: Sun 22 Feb 2026 00:00:37 +0000 ROA not before: Sun 22 Feb 2026 00:00:37 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1b:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:02:38:af:03:b6:11:a1:6d:68:15:67:a5:c0:cb:fd:b1:bb:22:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:00:37 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=596f9c52309fdc3ec798f9f5164ca06b812414b03d5c2ad634f354bad4b13e42, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:c6:00:d9:00:f4:4d:9c:b2:d7:49:77:c9:0e: 59:74:eb:38:f7:3e:30:67:de:a6:2a:e8:ff:f4:c3: 11:9a:53:c1:0e:c0:98:c9:0c:66:6a:bc:cb:65:e6: 43:99:0b:17:9c:ff:a2:2f:e3:69:00:1b:9f:17:0a: b6:fe:0b:c6:28:71:33:f5:1a:f3:e6:4c:95:14:1a: 92:9b:fc:28:e5:a6:4a:ce:b6:cf:cb:ee:31:dd:2f: 35:56:ef:d2:1c:22:a7:18:58:68:04:f5:24:b0:1f: ff:0d:5e:ce:f3:da:c0:7e:55:5c:ef:bc:8c:f0:5a: 25:21:86:69:ca:12:34:fa:ed:3c:52:d5:d8:28:80: bb:c0:bf:60:47:0a:57:8a:c9:8f:a8:bf:96:38:fa: d8:c9:84:8a:67:a7:f5:6e:f5:63:1d:10:45:ca:56: 9e:42:3d:c6:7d:85:32:bc:28:ba:11:9f:0e:bd:1d: 75:f4:95:cb:21:58:f0:e2:93:2a:73:19:87:80:dc: 26:03:8d:51:fb:eb:6e:89:f4:d5:c3:19:23:20:86: 81:ff:90:3d:be:2e:16:cc:16:50:c8:00:fb:01:84: f6:ac:8f:00:20:5b:ba:3a:28:0e:9f:db:7a:e1:61: 9a:f7:7f:a5:3a:36:6c:06:4f:ba:29:3e:16:d1:6a: 9b:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:81:4E:77:41:C9:C7:6C:94:ED:C6:B6:A7:0C:A0:89:62:D1:DA:6E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/045f365a-d378-4715-9b15-1b09a05b7ff1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1b:400::/38 Signature Algorithm: sha256WithRSAEncryption 95:32:70:92:0a:1a:91:c0:be:ce:ef:e7:0b:6f:82:2f:bb:49: c6:42:e0:a1:f6:7a:a5:07:4b:ab:fe:fe:fc:32:0e:ab:ec:cb: 7a:b0:1f:59:e5:cb:50:f0:b3:9a:1f:fa:08:5c:92:1a:84:03: 5b:e0:08:ed:f5:7e:3f:a0:fb:34:d8:fe:6c:64:72:7f:c7:48: 87:9b:87:42:30:fa:3b:17:47:cb:1f:72:5b:dd:db:2c:ae:71: d0:47:a8:ce:13:a4:a0:44:da:cb:47:68:d6:c3:55:b3:8d:ca: 3e:18:70:32:90:8e:28:7a:bf:4b:57:ac:30:54:89:fd:1b:a1: e8:ff:f9:98:3b:fb:8b:0f:19:de:49:60:d3:97:be:9b:89:4b: 7a:3e:93:7e:4d:b4:1f:ea:30:6a:fb:77:a3:f7:3b:6b:26:b3: 7f:da:ee:f8:14:db:a7:45:e9:73:df:f8:20:a0:01:d7:e2:e5: d5:a7:7e:d3:27:00:a1:3d:d0:af:dc:a3:f0:1b:94:7b:e2:84: 0c:b1:d0:6d:a3:3f:d6:9f:a7:30:3c:6e:1c:7c:da:78:12:64: 9d:ab:7d:14:cc:5e:58:17:49:2b:72:44:7d:10:ef:9f:90:ce: e9:47:65:fa:bf:e9:00:ff:68:e8:22:dd:8a:97:87:e4:0d:9a: 13:e7:07:b8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWwI4rwO2EaFtaBVnpcDL/bG7IiwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMDAzN1oX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNANTk2ZjljNTIzMDlmZGMzZWM3OThm OWY1MTY0Y2EwNmI4MTI0MTRiMDNkNWMyYWQ2MzRmMzU0YmFkNGIxM2U0MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMYA2QD0TZyy10l3yQ5ZdOs49z4w Z96mKuj/9MMRmlPBDsCYyQxmarzLZeZDmQsXnP+iL+NpABufFwq2/gvGKHEz9Rrz 5kyVFBqSm/wo5aZKzrbPy+4x3S81Vu/SHCKnGFhoBPUksB//DV7O89rAflVc77yM 8FolIYZpyhI0+u08UtXYKIC7wL9gRwpXismPqL+WOPrYyYSKZ6f1bvVjHRBFylae Qj3GfYUyvCi6EZ8OvR119JXLIVjw4pMqcxmHgNwmA41R++tuifTVwxkjIIaB/5A9 vi4WzBZQyAD7AYT2rI8AIFu6OigOn9t64WGa93+lOjZsBk+6KT4W0WqbWQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPiBTndBycdslO3GtqcMoIli0dpuMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA0NWYzNjVhLWQzNzgtNDcxNS05YjE1LTFiMDlhMDViN2ZmMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaGwQwDQYJKoZIhvcNAQELBQADggEBAJUycJIKGpHAvs7v5wtv gi+7ScZC4KH2eqUHS6v+/vwyDqvsy3qwH1nly1Dws5of+ghckhqEA1vgCO31fj+g +zTY/mxkcn/HSIebh0Iw+jsXR8sfclvd2yyucdBHqM4TpKBE2stHaNbDVbONyj4Y cDKQjih6v0tXrDBUif0boej/+Zg7+4sPGd5JYNOXvpuJS3o+k35NtB/qMGr7d6P3 O2sms3/a7vgU26dF6XPf+CCgAdfi5dWnftMnAKE90K/co/AblHvihAyx0G2jP9af pzA8bhx82ngSZJ2rfRTMXlgXSStyRH0Q75+QzulHZfq/6QD/aOgi3YqXh+QNmhPn B7g= -----END CERTIFICATE-----Generated at Sun Mar 1 22:13:40 2026 by rpki-client