$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/08cfc748-a0fe-40b0-9306-6b4fecf097e6.roa File: 08cfc748-a0fe-40b0-9306-6b4fecf097e6.roa (raw, json) Hash identifier: 44UrC6FrBUG5fDxy3Ti/hwmknGssXj3qlaQG9ngXkEk= Subject key identifier: 23:8C:D1:6A:87:E7:E6:B3:F9:F9:9D:C7:E2:7C:40:93:37:34:39:37 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 43A3A6CC15066B0D7C3B1229147B69A006B43DBC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/08cfc748-a0fe-40b0-9306-6b4fecf097e6.roa Signing time: Sat 28 Feb 2026 00:00:43 +0000 ROA not before: Sat 28 Feb 2026 00:00:43 +0000 ROA not after: Fri 29 May 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:a3:a6:cc:15:06:6b:0d:7c:3b:12:29:14:7b:69:a0:06:b4:3d:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 28 00:00:43 2026 GMT Not After : May 29 23:59:59 2026 GMT Subject: serialNumber=c1013c0e3318278eb521864af59e97ba437312de4daa91d31cc8175e4e886e4c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:f4:1c:33:01:20:04:65:0d:2d:e4:2f:e5:e4: 7b:29:ae:bb:0e:38:b8:7f:e3:28:7f:e2:03:ce:9c: 1c:e6:97:66:d8:ec:da:cf:55:37:7e:19:49:93:c5: 9d:8c:52:c9:64:5e:90:b0:3e:c7:a0:70:b1:31:c7: fa:d0:5c:59:c5:12:4b:1c:ab:47:20:1a:e2:64:b3: 76:01:01:8c:49:d7:78:e5:8c:08:ef:1b:d9:d5:ab: ce:5d:72:f8:0e:32:48:4d:65:8e:46:d0:87:a8:1d: 1f:9e:21:24:6c:ee:c9:e2:90:c2:42:47:c1:0f:be: f6:41:19:1b:fb:91:99:a4:3a:9f:45:50:eb:a3:df: 67:2e:81:ca:78:13:c9:01:62:dd:7e:4b:95:bb:f0: ea:e2:a1:0c:e6:a1:cd:f2:ca:05:51:59:a3:bc:5f: 73:d7:11:27:74:58:88:c7:62:01:6a:5d:7f:0c:e3: 8d:76:5a:d3:d2:3b:9a:fe:43:87:60:da:36:64:8c: 97:3c:53:33:5c:40:16:8a:5a:1f:a6:35:bb:66:e6: ed:48:a5:8c:a5:99:6f:a7:63:3f:8c:fc:4c:00:85: 77:80:22:9a:6b:c7:2a:84:4a:8c:39:53:c5:bc:69: 76:df:65:5d:57:c7:31:94:27:71:03:be:4f:29:d4: 9b:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:8C:D1:6A:87:E7:E6:B3:F9:F9:9D:C7:E2:7C:40:93:37:34:39:37 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/08cfc748-a0fe-40b0-9306-6b4fecf097e6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:2000::/40 Signature Algorithm: sha256WithRSAEncryption b3:51:f8:0a:44:99:57:af:51:bc:76:46:1d:b2:25:0c:22:9c: 7d:37:6a:e4:01:4e:42:23:c4:14:72:7f:54:6a:6c:6d:3e:3b: 09:78:79:f8:1c:c9:cc:35:43:fd:0a:8d:f9:29:31:23:3b:57: e1:5e:42:69:db:25:87:40:87:fe:6b:e9:14:d3:52:4d:cf:d2: 39:dd:d6:c5:64:8b:80:bc:6c:6f:01:fb:a9:b3:c7:38:a9:94: 98:a2:fb:be:f0:66:02:7b:c6:67:ea:00:5e:a0:e2:00:93:91: a0:f8:e6:0d:c6:ff:5d:43:24:35:c0:5b:05:c5:7e:bf:98:6a: 38:c4:f2:1f:9f:de:a5:43:ae:5b:4e:71:ad:8f:e7:e5:43:34: 93:29:2a:f4:16:f1:94:0b:e7:5a:5f:2b:49:bd:a9:a3:64:0b: e3:36:97:69:b5:9a:77:0f:48:e6:17:f1:f4:fb:1a:90:06:2b: 92:fc:53:d6:06:0a:40:d3:59:e6:62:f7:ce:15:1e:eb:a8:81: 3d:b3:d6:31:90:ba:c9:57:6f:9a:f4:d7:51:a4:9d:5a:dc:ee: 61:88:0b:86:c3:5f:0c:03:41:9c:4b:41:34:57:73:4e:c8:b9: ce:5f:65:78:be:65:ec:a1:f7:72:29:47:1c:18:ec:e0:c2:a9: 1f:4e:ac:01 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQ6OmzBUGaw18OxIpFHtpoAa0PbwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyODAwMDA0M1oX DTI2MDUyOTIzNTk1OVowejFJMEcGA1UEBRNAYzEwMTNjMGUzMzE4Mjc4ZWI1MjE4 NjRhZjU5ZTk3YmE0MzczMTJkZTRkYWE5MWQzMWNjODE3NWU0ZTg4NmU0YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5/QcMwEgBGUNLeQv5eR7Ka67Dji4 f+Mof+IDzpwc5pdm2Ozaz1U3fhlJk8WdjFLJZF6QsD7HoHCxMcf60FxZxRJLHKtH IBriZLN2AQGMSdd45YwI7xvZ1avOXXL4DjJITWWORtCHqB0fniEkbO7J4pDCQkfB D772QRkb+5GZpDqfRVDro99nLoHKeBPJAWLdfkuVu/Dq4qEM5qHN8soFUVmjvF9z 1xEndFiIx2IBal1/DOONdlrT0jua/kOHYNo2ZIyXPFMzXEAWilofpjW7ZubtSKWM pZlvp2M/jPxMAIV3gCKaa8cqhEqMOVPFvGl232VdV8cxlCdxA75PKdSbhwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCOM0WqH5+az+fmdx+J8QJM3NDk3MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA4Y2ZjNzQ4LWEwZmUtNDBiMC05MzA2LTZiNGZlY2YwOTdlNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7yAwDQYJKoZIhvcNAQELBQADggEBALNR+ApEmVevUbx2Rh2y JQwinH03auQBTkIjxBRyf1RqbG0+Owl4efgcycw1Q/0KjfkpMSM7V+FeQmnbJYdA h/5r6RTTUk3P0jnd1sVki4C8bG8B+6mzxziplJii+77wZgJ7xmfqAF6g4gCTkaD4 5g3G/11DJDXAWwXFfr+YajjE8h+f3qVDrltOca2P5+VDNJMpKvQW8ZQL51pfK0m9 qaNkC+M2l2m1mncPSOYX8fT7GpAGK5L8U9YGCkDTWeZi984VHuuogT2z1jGQuslX b5r011GknVrc7mGIC4bDXwwDQZxLQTRXc07Iuc5fZXi+Zeyh93IpRxwY7ODCqR9O rAE= -----END CERTIFICATE-----Generated at Mon Mar 2 15:50:01 2026 by rpki-client