$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1525d3f2-4528-4f5f-acea-fb92d734328b.roa File: 1525d3f2-4528-4f5f-acea-fb92d734328b.roa (raw, json) Hash identifier: 2Gciaog4asMZSdGs5oRPwTFkEPu0DfXMHC2JakeieUg= Subject key identifier: 31:78:48:A9:6A:14:C9:A9:4A:75:12:59:3E:E1:9D:E0:67:79:74:19 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 24891588F7DB3A1B70D4F4A873BE6F57720AFFC0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1525d3f2-4528-4f5f-acea-fb92d734328b.roa Signing time: Wed 11 Feb 2026 00:20:06 +0000 ROA not before: Wed 11 Feb 2026 00:20:06 +0000 ROA not after: Tue 12 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daea:1040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:89:15:88:f7:db:3a:1b:70:d4:f4:a8:73:be:6f:57:72:0a:ff:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 11 00:20:06 2026 GMT Not After : May 12 23:59:59 2026 GMT Subject: serialNumber=1ee2c0e3eb610b2e66f1473249ef6b50da9695c75416858627c3d55b97bb83e5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:19:eb:ad:24:17:74:ee:fe:21:25:14:04:6a: 66:79:03:18:3b:f3:9a:3d:fa:b5:f2:05:3d:c4:76: 7a:45:6d:0f:15:c5:44:a2:d3:d5:a7:b6:ea:cb:f3: 21:f1:51:1e:df:cb:f4:d3:4f:9a:94:b7:1a:95:7b: b6:32:09:5e:b1:13:90:e9:1c:d0:05:08:9f:bf:f0: 29:6f:dd:31:a9:a9:c8:a0:3e:fc:b0:1a:f8:22:4e: 03:04:70:6a:63:86:1c:cf:c9:59:c3:04:17:c6:25: 90:ac:20:20:0c:a5:ab:01:55:9b:20:79:bf:57:9a: 26:67:6b:23:11:ca:8c:78:76:ae:c4:ed:3c:f4:c7: 09:10:46:10:67:90:0f:aa:35:bc:03:cc:ed:d7:8c: 7a:f3:5b:65:22:22:08:b5:4b:96:8a:5a:fd:da:e0: cd:78:69:d6:82:d8:c0:fa:b7:0f:b7:c4:10:55:68: 70:b9:ef:ad:4e:96:18:ff:29:9c:97:bb:d4:ad:91: fd:5d:b9:3f:c5:e5:83:5f:64:a2:a3:3b:a8:21:5c: a6:99:7e:d3:d9:1c:d2:5c:15:4b:97:c0:f0:6b:a0: 39:d9:27:95:6c:46:83:65:1a:87:cf:da:00:0d:db: f1:7e:3a:ec:af:96:cd:46:95:3f:80:69:0f:b5:d9: 3b:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:78:48:A9:6A:14:C9:A9:4A:75:12:59:3E:E1:9D:E0:67:79:74:19 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1525d3f2-4528-4f5f-acea-fb92d734328b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daea:1040::/48 Signature Algorithm: sha256WithRSAEncryption 99:92:0f:76:b5:b9:9b:3c:dc:78:f2:c7:8b:16:ca:44:96:a5: 4e:33:00:5e:e7:0f:0a:38:95:c3:36:83:21:98:ae:c9:2f:bd: 27:78:1b:09:29:b6:62:54:69:1e:c5:39:77:9f:f7:71:07:f4: 5e:2b:89:c1:13:7a:25:1a:a7:77:0a:75:15:c5:46:c7:50:a7: 51:2d:85:e8:43:e3:c8:16:7a:b8:0c:e8:a6:09:f6:a1:aa:8d: 33:60:5c:20:68:22:bd:f6:76:a7:ed:85:e2:76:0d:f5:3e:00: 2d:c2:33:4b:ad:43:8b:cb:d5:40:3c:36:5f:d5:c4:b5:6d:c6: 6f:60:fe:9b:c5:51:b0:ee:68:b0:ac:ea:79:4d:1d:96:fe:0b: 3d:a3:16:04:01:47:ad:0e:3b:df:38:9b:a8:9f:cc:95:39:4c: b5:0a:41:fe:fe:ea:6a:9c:87:28:53:1c:ba:6e:ed:68:6c:8c: 89:b4:80:74:7f:c0:c1:55:75:5d:ed:f3:d0:0c:c8:6a:d8:77: 5c:76:59:48:41:b0:ff:6a:c8:9b:c1:14:b8:03:dc:59:a1:66: bf:66:73:24:8c:b5:ee:82:16:d0:13:d9:04:95:a0:44:15:c4: 90:69:ee:ff:dc:fe:34:4c:9b:ad:54:c5:e0:ed:e2:11:37:2d: b0:a3:39:fd -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUJIkViPfbOhtw1PSoc75vV3IK/8AwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxMTAwMjAwNloX DTI2MDUxMjIzNTk1OVowejFJMEcGA1UEBRNAMWVlMmMwZTNlYjYxMGIyZTY2ZjE0 NzMyNDllZjZiNTBkYTk2OTVjNzU0MTY4NTg2MjdjM2Q1NWI5N2JiODNlNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhnrrSQXdO7+ISUUBGpmeQMYO/Oa Pfq18gU9xHZ6RW0PFcVEotPVp7bqy/Mh8VEe38v000+alLcalXu2MglesROQ6RzQ BQifv/Apb90xqanIoD78sBr4Ik4DBHBqY4Ycz8lZwwQXxiWQrCAgDKWrAVWbIHm/ V5omZ2sjEcqMeHauxO089McJEEYQZ5APqjW8A8zt14x681tlIiIItUuWilr92uDN eGnWgtjA+rcPt8QQVWhwue+tTpYY/ymcl7vUrZH9Xbk/xeWDX2SiozuoIVymmX7T 2RzSXBVLl8Dwa6A52SeVbEaDZRqHz9oADdvxfjrsr5bNRpU/gGkPtdk7PQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDF4SKlqFMmpSnUSWT7hneBneXQZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE1MjVkM2YyLTQ1MjgtNGY1Zi1hY2VhLWZiOTJkNzM0MzI4Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6hBAMA0GCSqGSIb3DQEBCwUAA4IBAQCZkg92tbmbPNx48seL FspElqVOMwBe5w8KOJXDNoMhmK7JL70neBsJKbZiVGkexTl3n/dxB/ReK4nBE3ol Gqd3CnUVxUbHUKdRLYXoQ+PIFnq4DOimCfahqo0zYFwgaCK99nan7YXidg31PgAt wjNLrUOLy9VAPDZf1cS1bcZvYP6bxVGw7miwrOp5TR2W/gs9oxYEAUetDjvfOJuo n8yVOUy1CkH+/upqnIcoUxy6bu1obIyJtIB0f8DBVXVd7fPQDMhq2HdcdllIQbD/ asibwRS4A9xZoWa/ZnMkjLXughbQE9kElaBEFcSQae7/3P40TJutVMXg7eIRNy2w ozn9 -----END CERTIFICATE-----Generated at Sun Mar 1 23:53:25 2026 by rpki-client