$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0af814db-c2b2-4898-91a6-126fc85c2a16.roa File: 0af814db-c2b2-4898-91a6-126fc85c2a16.roa (raw, json) Hash identifier: 9ndINW0rQu0mm1quClsQx6RiKAUpzZ5dbNhx2Ar4D48= Subject key identifier: 41:37:F5:83:F1:74:F9:15:19:94:A6:37:6A:41:90:30:A0:61:D3:9A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 399DB2FAF73060B4E51911C29800AA9A40A7755E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0af814db-c2b2-4898-91a6-126fc85c2a16.roa Signing time: Sat 21 Feb 2026 00:20:10 +0000 ROA not before: Sat 21 Feb 2026 00:20:10 +0000 ROA not after: Fri 22 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:20c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:9d:b2:fa:f7:30:60:b4:e5:19:11:c2:98:00:aa:9a:40:a7:75:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 21 00:20:10 2026 GMT Not After : May 22 23:59:59 2026 GMT Subject: serialNumber=497eac570a6e02a53fe968b3dd333b2c0aab7c30a263aebefc255b921305bfcd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:0c:cb:cb:32:f4:87:84:17:16:d8:8a:1d:3e: fc:f7:82:9d:58:c0:0e:a4:76:cb:1e:1b:cc:f9:00: ac:30:bd:0b:26:02:54:1b:22:b2:c4:eb:c9:6c:2f: 1a:24:83:e3:7c:dc:fa:1f:b6:8d:10:37:ad:64:e8: d2:12:46:c0:5e:b7:5e:11:5c:f0:27:8a:87:c2:b7: 9b:92:3d:9f:73:e5:bc:10:82:18:b1:86:c9:79:a9: 17:1d:cc:ec:cd:41:de:99:31:72:d1:3e:da:d0:c4: b6:11:ea:23:ae:57:0e:9a:bb:c0:6a:49:93:72:2b: 81:fd:da:29:df:61:6b:5d:ec:37:06:c7:16:5a:8e: 45:c8:36:14:40:ee:c3:8a:62:5a:4a:e7:98:da:b8: 31:bd:d3:25:b3:ec:05:2b:a8:40:ee:bf:b5:9e:a0: 50:9a:23:fb:1d:ec:53:7b:d9:60:66:27:33:5d:fa: 0e:7e:01:9f:9f:3e:8f:8d:35:15:4f:7f:e7:75:4c: 02:9c:b3:2d:16:7b:fb:2c:68:92:05:46:e7:e6:5b: aa:82:7e:71:4d:88:e6:16:a1:6e:68:ab:5c:26:c7: 42:dd:63:28:38:b6:76:46:4b:38:10:d5:40:53:06: fe:30:46:a3:fe:b6:2b:21:33:14:59:d5:35:fd:ad: 7f:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:37:F5:83:F1:74:F9:15:19:94:A6:37:6A:41:90:30:A0:61:D3:9A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0af814db-c2b2-4898-91a6-126fc85c2a16.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:20c0::/48 Signature Algorithm: sha256WithRSAEncryption 53:06:e2:1a:3f:e6:20:a7:a0:18:6d:97:e7:12:e2:f9:50:41: 7a:06:ac:b1:21:de:59:02:90:66:7a:62:e5:39:cc:67:16:7c: 3d:e8:c1:fe:ac:c4:66:54:65:94:ef:b3:f8:21:0d:7b:36:ff: 1d:b0:69:e2:47:f5:e2:e4:a7:61:85:52:fc:46:b2:ad:67:d4: 10:cc:cd:cd:f8:ee:7d:de:d0:60:27:e1:fa:31:fa:8a:70:a5: e2:9a:11:bf:1a:c3:1d:0f:44:51:e9:aa:65:37:2a:ba:c1:ba: 9c:90:11:86:7f:c1:d8:0b:df:79:3b:13:56:0f:68:23:11:b7: 94:e8:84:19:6a:dc:b0:6a:41:97:73:39:18:28:70:9f:57:ad: 41:56:aa:2e:2b:c4:88:7b:63:e3:12:59:0a:40:fd:5d:76:26: f4:ca:fa:54:27:10:60:1d:5f:88:4e:9f:90:96:e5:60:55:05: bb:a3:a5:f2:b7:4a:ab:30:23:55:df:61:43:95:e5:7d:22:7b: dc:23:46:6b:7b:81:8a:45:2b:38:44:1a:d1:2f:85:f2:fa:66: ae:49:69:3b:9c:82:ad:88:cb:66:71:35:3a:e2:b3:f1:ff:d7: fa:3f:a0:a9:e5:14:47:81:61:f9:7e:f1:93:6b:b6:06:6f:78: bb:80:51:80 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUOZ2y+vcwYLTlGRHCmACqmkCndV4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMTAwMjAxMFoX DTI2MDUyMjIzNTk1OVowejFJMEcGA1UEBRNANDk3ZWFjNTcwYTZlMDJhNTNmZTk2 OGIzZGQzMzNiMmMwYWFiN2MzMGEyNjNhZWJlZmMyNTViOTIxMzA1YmZjZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QzLyzL0h4QXFtiKHT7894KdWMAO pHbLHhvM+QCsML0LJgJUGyKyxOvJbC8aJIPjfNz6H7aNEDetZOjSEkbAXrdeEVzw J4qHwrebkj2fc+W8EIIYsYbJeakXHczszUHemTFy0T7a0MS2EeojrlcOmrvAakmT ciuB/dop32FrXew3BscWWo5FyDYUQO7DimJaSueY2rgxvdMls+wFK6hA7r+1nqBQ miP7HexTe9lgZiczXfoOfgGfnz6PjTUVT3/ndUwCnLMtFnv7LGiSBUbn5luqgn5x TYjmFqFuaKtcJsdC3WMoOLZ2Rks4ENVAUwb+MEaj/rYrITMUWdU1/a1/+QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEE39YPxdPkVGZSmN2pBkDCgYdOaMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzBhZjgxNGRiLWMyYjItNDg5OC05MWE2LTEyNmZjODVjMmExNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaACDAMA0GCSqGSIb3DQEBCwUAA4IBAQBTBuIaP+Ygp6AYbZfn EuL5UEF6BqyxId5ZApBmemLlOcxnFnw96MH+rMRmVGWU77P4IQ17Nv8dsGniR/Xi 5KdhhVL8RrKtZ9QQzM3N+O593tBgJ+H6MfqKcKXimhG/GsMdD0RR6aplNyq6wbqc kBGGf8HYC995OxNWD2gjEbeU6IQZatywakGXczkYKHCfV61BVqouK8SIe2PjElkK QP1ddib0yvpUJxBgHV+ITp+QluVgVQW7o6Xyt0qrMCNV32FDleV9InvcI0Zre4GK RSs4RBrRL4Xy+mauSWk7nIKtiMtmcTU64rPx/9f6P6Cp5RRHgWH5fvGTa7YGb3i7 gFGA -----END CERTIFICATE-----Generated at Mon Mar 2 05:22:40 2026 by rpki-client