$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1433179c-d512-4e29-b60c-2b7b7cd25040.roa File: 1433179c-d512-4e29-b60c-2b7b7cd25040.roa (raw, json) Hash identifier: 9cjhdKAszbZlM5C7JJr6SROC1Qt0z6G6tndj4DZJOmc= Subject key identifier: 82:C4:C0:18:43:AD:17:98:69:C2:5D:08:15:0B:2E:60:CB:CD:79:39 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3343EFD62446F82864AA47D4C2E3853F1761F344 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1433179c-d512-4e29-b60c-2b7b7cd25040.roa Signing time: Sat 21 Feb 2026 00:01:05 +0000 ROA not before: Sat 21 Feb 2026 00:01:05 +0000 ROA not after: Fri 22 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:43:ef:d6:24:46:f8:28:64:aa:47:d4:c2:e3:85:3f:17:61:f3:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 21 00:01:05 2026 GMT Not After : May 22 23:59:59 2026 GMT Subject: serialNumber=b712ec5672318935f5bdeeb10de963ffaf2b10512388f2c44519a2e86a1f3d6f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:6b:7b:97:3b:14:05:c3:94:e0:1b:4d:e5:7c: b9:bc:04:75:91:a1:81:b1:ac:3f:60:fd:7b:32:60: 53:72:c4:e0:20:2a:ac:bc:b3:c0:a6:7d:81:bc:74: 7e:e8:06:00:d0:b7:fb:6a:44:5f:b5:13:82:a9:b6: a1:a3:bd:5f:14:bf:38:c3:55:9c:a0:db:5a:53:c7: 6d:42:cc:3e:8f:f7:3c:ed:e8:72:0a:14:c6:b4:94: 78:c5:ad:9a:32:2b:6c:60:5e:71:75:84:37:c5:28: f0:bf:ad:76:8d:81:55:be:55:7c:d7:d4:80:88:92: 23:f2:f1:f2:04:a2:f9:6a:36:ec:b4:17:f9:3c:df: 77:f3:55:a9:2e:71:a4:42:95:38:9d:f3:f8:e9:c6: c5:a3:3b:b5:76:a8:c6:b4:a3:a8:de:b6:d7:bf:3d: e8:8f:11:e7:86:66:a7:48:8b:26:47:ce:73:b9:ba: 91:a6:c6:54:6a:fd:46:ef:fc:3a:03:1e:f9:46:64: a4:06:55:c1:f7:f3:62:23:3e:35:4b:e9:ce:94:0a: 22:c2:c2:89:7c:12:2a:87:07:e4:52:e6:af:1e:5a: de:d0:73:a4:75:33:3c:00:24:f4:4a:4c:c0:ad:36: 06:d7:79:2b:cf:f7:cf:dc:3c:4c:79:51:7a:aa:bd: e1:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:C4:C0:18:43:AD:17:98:69:C2:5D:08:15:0B:2E:60:CB:CD:79:39 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1433179c-d512-4e29-b60c-2b7b7cd25040.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:7000::/40 Signature Algorithm: sha256WithRSAEncryption 17:1b:2a:af:5b:c6:5d:a0:ae:96:dc:d8:d5:e3:59:af:38:48: 16:d4:05:68:a9:62:fa:53:2c:31:01:3b:88:e5:a6:96:de:a2: fe:47:d2:49:c1:62:9f:96:63:a9:4d:47:af:7f:8f:19:6f:2a: df:88:2d:17:b3:b2:f7:53:f5:f2:ee:a8:58:e6:70:96:7e:d8: 96:62:b0:e7:ec:05:46:f1:28:7a:54:73:b9:22:7e:4b:fc:d9: 8d:3e:0b:10:f2:71:22:42:e9:12:83:e7:f0:32:f4:3a:7b:d5: 11:15:1e:68:4a:6f:60:83:d4:fc:66:8a:c1:44:b6:37:06:12: d3:df:1f:ba:41:d0:a6:59:4d:67:cd:cc:64:8e:67:9e:42:8e: 94:06:d9:1e:50:ec:42:3a:fa:29:06:1e:6f:4c:eb:ad:bc:f9: b8:e8:a2:f0:f3:96:1e:e8:33:6f:92:44:6d:33:8e:78:ae:fc: c5:fe:c6:57:d9:ab:66:09:51:72:a6:31:1e:dc:f7:94:3d:c2: d6:95:25:af:f9:6d:4e:a0:92:3e:dd:18:c2:1e:35:44:2f:4b: 37:03:3f:7e:37:38:b6:8a:72:d8:67:e6:c2:4f:9f:bd:14:78: 31:fb:05:34:ae:d1:b2:33:98:f3:c2:2f:12:1e:89:db:e1:d1: 10:75:97:52 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUM0Pv1iRG+ChkqkfUwuOFPxdh80QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMTAwMDEwNVoX DTI2MDUyMjIzNTk1OVowejFJMEcGA1UEBRNAYjcxMmVjNTY3MjMxODkzNWY1YmRl ZWIxMGRlOTYzZmZhZjJiMTA1MTIzODhmMmM0NDUxOWEyZTg2YTFmM2Q2ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWt7lzsUBcOU4BtN5Xy5vAR1kaGB saw/YP17MmBTcsTgICqsvLPApn2BvHR+6AYA0Lf7akRftROCqbaho71fFL84w1Wc oNtaU8dtQsw+j/c87ehyChTGtJR4xa2aMitsYF5xdYQ3xSjwv612jYFVvlV819SA iJIj8vHyBKL5ajbstBf5PN9381WpLnGkQpU4nfP46cbFozu1dqjGtKOo3rbXvz3o jxHnhmanSIsmR85zubqRpsZUav1G7/w6Ax75RmSkBlXB9/NiIz41S+nOlAoiwsKJ fBIqhwfkUuavHlre0HOkdTM8ACT0SkzArTYG13krz/fP3DxMeVF6qr3hcwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFILEwBhDrReYacJdCBULLmDLzXk5MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE0MzMxNzljLWQ1MTItNGUyOS1iNjBjLTJiN2I3Y2QyNTA0MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+3AwDQYJKoZIhvcNAQELBQADggEBABcbKq9bxl2grpbc2NXj Wa84SBbUBWipYvpTLDEBO4jlppbeov5H0knBYp+WY6lNR69/jxlvKt+ILRezsvdT 9fLuqFjmcJZ+2JZisOfsBUbxKHpUc7kifkv82Y0+CxDycSJC6RKD5/Ay9Dp71REV HmhKb2CD1PxmisFEtjcGEtPfH7pB0KZZTWfNzGSOZ55CjpQG2R5Q7EI6+ikGHm9M 6628+bjoovDzlh7oM2+SRG0zjniu/MX+xlfZq2YJUXKmMR7c95Q9wtaVJa/5bU6g kj7dGMIeNUQvSzcDP343OLaKcthn5sJPn70UeDH7BTSu0bIzmPPCLxIeidvh0RB1 l1I= -----END CERTIFICATE-----Generated at Sun Mar 1 23:38:03 2026 by rpki-client