$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/07cfb406-d628-472a-94e3-493598a051d0.roa File: 07cfb406-d628-472a-94e3-493598a051d0.roa (raw, json) Hash identifier: Hq/dirNiC2CBFmwgns+QgVTa2M+JaeSZDWSvhJUoxIg= Subject key identifier: FB:FF:3B:C5:50:D8:92:DE:34:0A:00:4E:56:B6:36:04:4B:E1:42:87 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 517134E856278462356ECB89543AFA635A152D20 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/07cfb406-d628-472a-94e3-493598a051d0.roa Signing time: Fri 20 Feb 2026 00:10:08 +0000 ROA not before: Fri 20 Feb 2026 00:10:08 +0000 ROA not after: Thu 21 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:2040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:71:34:e8:56:27:84:62:35:6e:cb:89:54:3a:fa:63:5a:15:2d:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 20 00:10:08 2026 GMT Not After : May 21 23:59:59 2026 GMT Subject: serialNumber=57d11a5f461c03ccdaa88721c592da52b7fd5fae56a3020526716371702b7064, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:9d:34:fa:77:5d:9f:c7:e4:c7:4b:6d:37:33: a2:8b:40:90:c3:30:5e:01:7c:b9:73:f7:25:8f:b4: e1:a5:3e:25:61:4f:08:7a:ca:e0:23:6c:69:ff:6e: cd:09:7c:68:c0:be:55:a7:2a:c0:5c:6f:08:6c:12: 6f:d5:11:2c:cb:b3:3a:40:71:b2:24:9f:b1:18:9a: bc:88:db:3a:77:d7:4b:20:e5:63:5e:be:16:90:7f: a6:f4:9b:1b:1f:8d:39:f1:8a:58:61:4b:85:86:cf: e7:71:e5:e6:92:ff:eb:b6:ce:63:c0:29:7c:12:3a: b2:28:11:ce:ac:a6:e8:37:3a:9f:07:9b:d4:1b:87: 1c:e1:39:db:aa:2f:c0:4c:16:5f:df:2f:1a:25:b9: f6:07:70:75:8f:60:b9:0e:ee:84:83:71:0b:dd:06: 7b:b5:a3:5b:7e:e4:04:dc:8e:b1:7c:e3:48:a6:5e: 03:19:f5:d7:44:c1:e6:84:a0:01:e4:bd:fa:4c:0c: 5e:51:a7:b2:1d:73:b4:37:f7:fe:5c:f0:88:87:db: 86:f3:99:1a:2a:d1:44:90:10:30:39:52:76:ea:36: d8:be:85:19:15:fd:f0:46:2e:03:74:28:2d:53:b7: 76:7f:5f:45:f6:ff:eb:9c:07:65:f9:09:c0:6d:97: 5c:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:FF:3B:C5:50:D8:92:DE:34:0A:00:4E:56:B6:36:04:4B:E1:42:87 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/07cfb406-d628-472a-94e3-493598a051d0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:2040::/48 Signature Algorithm: sha256WithRSAEncryption 81:11:47:1f:33:55:cb:bf:fa:cf:24:57:b2:b5:ee:24:7b:02: 21:76:d4:3b:50:d3:73:45:cc:0f:c1:a6:12:85:c3:06:a2:e8: 74:60:e0:07:b7:1b:1f:bc:b3:30:d7:30:8d:84:ed:11:b6:d7: c5:be:db:60:55:59:ac:0e:66:3f:48:a8:46:cf:98:d5:96:47: 9d:de:39:44:8c:3b:da:93:28:96:0b:72:b9:3b:5f:cd:fd:89: 60:2e:b2:9c:10:7b:9b:cb:02:e5:df:13:ed:92:99:0f:7a:c1: 80:85:cf:65:88:52:d0:e9:9d:0f:50:7d:cd:1c:36:97:33:d0: de:a7:81:22:06:38:70:24:a6:54:4a:02:b5:3f:f8:99:52:b3: 56:cd:2e:f5:98:a0:2f:ed:96:13:60:f9:02:c3:96:8c:7c:ab: 23:6c:94:c8:79:7b:8f:8c:b5:92:12:ae:d4:fa:00:26:2f:d7: 74:9b:d1:3f:f5:dc:1a:c5:6b:ba:fc:ce:11:51:77:c6:b1:16: b4:3c:97:b9:d9:82:71:7c:3b:29:9e:37:67:3b:ec:17:26:43: 55:d6:54:88:47:ab:c0:3f:c6:b0:42:25:61:a5:b9:93:1f:c7: 38:52:1e:58:86:d9:61:e7:58:6e:71:aa:6b:23:22:fe:de:e7: 0d:19:9f:a8 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUUXE06FYnhGI1bsuJVDr6Y1oVLSAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMDAwMTAwOFoX DTI2MDUyMTIzNTk1OVowejFJMEcGA1UEBRNANTdkMTFhNWY0NjFjMDNjY2RhYTg4 NzIxYzU5MmRhNTJiN2ZkNWZhZTU2YTMwMjA1MjY3MTYzNzE3MDJiNzA2NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs500+nddn8fkx0ttNzOii0CQwzBe AXy5c/clj7ThpT4lYU8IesrgI2xp/27NCXxowL5VpyrAXG8IbBJv1REsy7M6QHGy JJ+xGJq8iNs6d9dLIOVjXr4WkH+m9JsbH4058YpYYUuFhs/nceXmkv/rts5jwCl8 EjqyKBHOrKboNzqfB5vUG4cc4Tnbqi/ATBZf3y8aJbn2B3B1j2C5Du6Eg3EL3QZ7 taNbfuQE3I6xfONIpl4DGfXXRMHmhKAB5L36TAxeUaeyHXO0N/f+XPCIh9uG85ka KtFEkBAwOVJ26jbYvoUZFf3wRi4DdCgtU7d2f19F9v/rnAdl+QnAbZdcmwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFPv/O8VQ2JLeNAoATla2NgRL4UKHMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA3Y2ZiNDA2LWQ2MjgtNDcyYS05NGUzLTQ5MzU5OGEwNTFkMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaACBAMA0GCSqGSIb3DQEBCwUAA4IBAQCBEUcfM1XLv/rPJFey te4kewIhdtQ7UNNzRcwPwaYShcMGouh0YOAHtxsfvLMw1zCNhO0RttfFvttgVVms DmY/SKhGz5jVlked3jlEjDvakyiWC3K5O1/N/YlgLrKcEHubywLl3xPtkpkPesGA hc9liFLQ6Z0PUH3NHDaXM9Dep4EiBjhwJKZUSgK1P/iZUrNWzS71mKAv7ZYTYPkC w5aMfKsjbJTIeXuPjLWSEq7U+gAmL9d0m9E/9dwaxWu6/M4RUXfGsRa0PJe52YJx fDspnjdnO+wXJkNV1lSIR6vAP8awQiVhpbmTH8c4Uh5Yhtlh51hucaprIyL+3ucN GZ+o -----END CERTIFICATE-----Generated at Sun Mar 1 23:52:58 2026 by rpki-client