$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/13a746d5-ac02-412a-8a63-918cac6ecda2.roa File: 13a746d5-ac02-412a-8a63-918cac6ecda2.roa (raw, json) Hash identifier: YzqsezaF2xlmkTKasisEw7srVDhYwi4YX2evqL2CFrc= Subject key identifier: 13:A2:44:39:82:63:07:C3:9F:3A:6F:BB:B1:33:B9:37:B3:A0:57:E8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0924362255E35C11710CC7DBC7200DC36669CF71 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/13a746d5-ac02-412a-8a63-918cac6ecda2.roa Signing time: Fri 20 Feb 2026 00:21:21 +0000 ROA not before: Fri 20 Feb 2026 00:21:21 +0000 ROA not after: Thu 21 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:2800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:24:36:22:55:e3:5c:11:71:0c:c7:db:c7:20:0d:c3:66:69:cf:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 20 00:21:21 2026 GMT Not After : May 21 23:59:59 2026 GMT Subject: serialNumber=d34ca94c7c42d6cd636dc5389b93b10821d0ca4a65aeaf86abfe2a0d27ad13e8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:85:a4:c0:19:a5:e5:e8:60:9a:ba:0d:76:e7: 33:1d:97:cd:e2:95:e7:ab:df:37:76:56:8a:d8:56: 80:8a:e6:38:cb:31:f3:c5:17:db:4d:9a:0b:b2:d2: fb:df:19:3e:de:e1:9b:46:28:31:4d:d1:f5:4a:89: b6:75:54:38:ed:60:99:14:4f:0d:db:9a:3b:b7:47: 8f:23:dc:39:6c:bb:54:62:74:61:84:84:13:50:c1: ff:d0:dd:d0:4b:1f:2b:ec:bd:2b:c0:ec:13:20:1b: bd:68:45:f0:2e:14:46:01:d4:47:62:84:7b:ed:e3: 1c:1f:60:9d:07:e8:49:7d:0d:7b:72:59:eb:59:03: 54:fb:fc:a8:65:7b:93:5f:08:31:1e:06:48:12:f0: aa:1a:0f:15:b7:67:d5:d9:b5:0e:4e:76:55:c8:d2: ae:3a:34:2f:8a:20:6a:7a:49:2a:8f:63:f5:e3:e0: a4:d6:d1:03:58:9b:f9:fc:39:cd:78:7f:77:1d:3b: 92:d6:dc:8a:64:0f:f3:f7:49:f2:17:a2:36:d4:fc: ae:b3:16:aa:e1:ae:7a:c3:d5:3f:56:59:d5:4c:dd: 3c:ef:1c:e7:c1:4c:46:0e:53:09:79:6e:48:13:34: a4:74:c9:65:d6:66:f5:45:11:55:65:37:a3:89:da: 34:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:A2:44:39:82:63:07:C3:9F:3A:6F:BB:B1:33:B9:37:B3:A0:57:E8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/13a746d5-ac02-412a-8a63-918cac6ecda2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:2800::/40 Signature Algorithm: sha256WithRSAEncryption 03:e5:4c:fb:8c:eb:7e:e0:ba:f4:78:06:6f:0d:76:d9:df:ef: 71:a6:58:ff:92:c3:59:b1:9c:69:eb:b0:5f:11:f0:7a:ed:1a: 63:ce:41:66:11:1f:32:1e:b0:3b:a3:92:7a:04:10:ef:c3:4e: 95:48:11:5d:e0:73:d2:5a:5b:23:f1:4b:80:5c:e1:26:b1:15: 82:8e:e2:ef:4b:da:fd:fc:25:4d:8a:c9:ca:bc:b1:15:99:75: 6c:1a:13:d1:33:cd:55:f6:9d:58:27:04:be:3e:ad:db:6f:47: fd:5f:98:d2:05:e5:81:0e:f7:8c:df:59:be:ea:34:a9:a6:a2: 85:cd:c6:2a:8c:06:ea:2e:30:a8:1e:d7:77:95:2d:d2:e7:a3: 8e:47:f8:4f:95:5b:fa:db:72:17:05:7f:28:c6:cc:3b:ff:b3: e2:00:4b:6b:f5:5f:c3:46:09:9a:d0:91:0d:65:64:09:a0:e4: 49:ac:56:29:41:e7:27:99:ba:c6:52:73:c4:55:4f:19:ff:32: 97:1f:ea:f5:e9:22:65:e3:f9:f6:9e:6b:4f:0d:82:72:c3:d0: aa:43:03:ec:46:0a:14:36:44:0a:d2:74:a6:73:c2:ea:3b:12: f3:b2:d3:ee:8a:02:c3:7a:cd:fa:33:59:f8:89:c8:ec:e8:f1: 86:a2:1e:54 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCSQ2IlXjXBFxDMfbxyANw2Zpz3EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMDAwMjEyMVoX DTI2MDUyMTIzNTk1OVowejFJMEcGA1UEBRNAZDM0Y2E5NGM3YzQyZDZjZDYzNmRj NTM4OWI5M2IxMDgyMWQwY2E0YTY1YWVhZjg2YWJmZTJhMGQyN2FkMTNlODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYWkwBml5ehgmroNduczHZfN4pXn q983dlaK2FaAiuY4yzHzxRfbTZoLstL73xk+3uGbRigxTdH1Som2dVQ47WCZFE8N 25o7t0ePI9w5bLtUYnRhhIQTUMH/0N3QSx8r7L0rwOwTIBu9aEXwLhRGAdRHYoR7 7eMcH2CdB+hJfQ17clnrWQNU+/yoZXuTXwgxHgZIEvCqGg8Vt2fV2bUOTnZVyNKu OjQviiBqekkqj2P14+Ck1tEDWJv5/DnNeH93HTuS1tyKZA/z90nyF6I21Pyusxaq 4a56w9U/VlnVTN087xznwUxGDlMJeW5IEzSkdMll1mb1RRFVZTejido0zwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBOiRDmCYwfDnzpvu7EzuTezoFfoMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzEzYTc0NmQ1LWFjMDItNDEyYS04YTYzLTkxOGNhYzZlY2RhMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaOCgwDQYJKoZIhvcNAQELBQADggEBAAPlTPuM637guvR4Bm8N dtnf73GmWP+Sw1mxnGnrsF8R8HrtGmPOQWYRHzIesDujknoEEO/DTpVIEV3gc9Ja WyPxS4Bc4SaxFYKO4u9L2v38JU2Kycq8sRWZdWwaE9EzzVX2nVgnBL4+rdtvR/1f mNIF5YEO94zfWb7qNKmmooXNxiqMBuouMKge13eVLdLno45H+E+VW/rbchcFfyjG zDv/s+IAS2v1X8NGCZrQkQ1lZAmg5EmsVilB5yeZusZSc8RVTxn/Mpcf6vXpImXj +faea08NgnLD0KpDA+xGChQ2RArSdKZzwuo7EvOy0+6KAsN6zfozWfiJyOzo8Yai HlQ= -----END CERTIFICATE-----Generated at Sun Mar 1 23:47:24 2026 by rpki-client