$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1ef497a8-abd3-4d49-af13-215841ac320f.roa File: 1ef497a8-abd3-4d49-af13-215841ac320f.roa (raw, json) Hash identifier: rhXQMVZJKqyuMgx1wNOxveHGyxP02rnIpHTv7VZ56c4= Subject key identifier: ED:CF:1B:BF:4E:E3:19:29:39:CD:36:90:75:06:AD:CD:B2:03:6F:55 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 29EFB37D15E6023C941BE86DEEF534A87D2515F3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1ef497a8-abd3-4d49-af13-215841ac320f.roa Signing time: Wed 25 Feb 2026 00:00:06 +0000 ROA not before: Wed 25 Feb 2026 00:00:06 +0000 ROA not after: Tue 26 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da36:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:ef:b3:7d:15:e6:02:3c:94:1b:e8:6d:ee:f5:34:a8:7d:25:15:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 25 00:00:06 2026 GMT Not After : May 26 23:59:59 2026 GMT Subject: serialNumber=77aed73e51303cd5da3fd0ed04e24f1c21ee458fe27ef6844a01a217f065837e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:53:f1:0c:9e:56:04:fb:92:a5:8f:fd:bb:4a: 61:96:cd:d8:3a:53:a5:f6:62:27:cf:c2:3c:7a:ff: e2:b5:73:72:94:56:60:47:67:20:5c:61:b8:32:1e: f5:d6:e5:e3:e6:30:4d:14:d3:54:f8:61:c2:96:21: f7:2d:ec:58:d6:c0:42:0c:8d:dd:24:52:a7:e9:c4: 1d:c5:0e:5e:4c:51:0b:ea:3d:27:a3:f9:76:fd:37: ba:5a:5d:16:2d:d1:8a:ea:eb:9b:10:74:42:81:e6: ea:19:63:84:44:ad:3e:ce:e1:83:8c:b3:61:ec:aa: 0a:8f:4d:6f:06:3e:fc:ca:eb:f4:c2:3c:04:0d:b3: 5f:c4:09:76:6a:66:28:c8:53:2f:c4:1b:a3:05:ce: c3:3e:ea:5c:2d:2f:d6:ec:f7:59:03:b5:3b:d8:6d: d3:df:5f:a7:b6:63:fd:bf:33:f9:07:f2:9a:68:fd: 7b:6a:09:3b:46:23:57:3b:45:b8:c3:0e:35:9c:87: e5:51:55:08:7b:a8:3b:ad:a2:22:b2:af:9a:60:e8: 0c:a7:aa:d6:2b:e1:b6:a9:d4:1e:43:f5:07:12:7a: 9e:f3:aa:82:b6:d3:aa:2d:66:cf:a7:fa:92:3c:f3: 4b:7e:0f:0e:37:6c:a2:0c:c4:c1:0e:14:c9:5e:03: 6d:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:CF:1B:BF:4E:E3:19:29:39:CD:36:90:75:06:AD:CD:B2:03:6F:55 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1ef497a8-abd3-4d49-af13-215841ac320f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da36:4000::/40 Signature Algorithm: sha256WithRSAEncryption 0d:e7:b2:13:09:0e:6b:13:17:c3:ec:1d:75:a3:81:1f:cd:e5: 65:63:6b:6d:90:cd:96:21:d2:e4:35:1c:c4:9a:8c:b7:05:cf: b3:02:f1:c3:eb:27:a6:99:1b:f3:e5:8c:6e:32:c5:16:2c:ff: c6:74:ab:9f:54:d4:36:05:00:32:8d:eb:9d:32:23:fa:9b:3a: 91:e6:44:31:96:9c:72:48:e2:2a:ae:67:80:49:1d:3d:1a:1b: ce:57:3f:58:4b:0d:23:02:c6:21:23:7d:c4:a4:ea:76:ca:6d: d9:f8:86:2d:fd:cf:54:5f:ef:6d:0b:41:25:e7:07:8e:6b:c0: 40:f6:eb:83:c2:04:8a:47:23:8c:76:cd:cb:ad:82:01:51:ac: 02:8b:05:2e:d0:72:1e:a9:bb:21:35:84:25:a6:62:46:67:8b: 81:3a:e9:dd:f5:b1:d0:b0:87:82:8a:da:8c:84:89:02:0c:41: 3f:bc:af:c7:04:9d:63:10:9a:15:04:75:78:40:97:20:8a:ea: 7d:d6:69:3d:ab:8a:55:f0:c9:47:70:da:0a:ae:61:62:98:f7: 55:8b:c4:8b:43:e3:7d:7c:1f:e4:a4:93:f4:ba:76:8e:4e:5e: 07:90:96:fb:b7:30:c4:e2:b0:16:f5:a3:d0:da:2a:e2:78:e6: 75:97:ac:a3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUKe+zfRXmAjyUG+ht7vU0qH0lFfMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyNTAwMDAwNloX DTI2MDUyNjIzNTk1OVowejFJMEcGA1UEBRNANzdhZWQ3M2U1MTMwM2NkNWRhM2Zk MGVkMDRlMjRmMWMyMWVlNDU4ZmUyN2VmNjg0NGEwMWEyMTdmMDY1ODM3ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5VPxDJ5WBPuSpY/9u0phls3YOlOl 9mInz8I8ev/itXNylFZgR2cgXGG4Mh711uXj5jBNFNNU+GHCliH3LexY1sBCDI3d JFKn6cQdxQ5eTFEL6j0no/l2/Te6Wl0WLdGK6uubEHRCgebqGWOERK0+zuGDjLNh 7KoKj01vBj78yuv0wjwEDbNfxAl2amYoyFMvxBujBc7DPupcLS/W7PdZA7U72G3T 31+ntmP9vzP5B/KaaP17agk7RiNXO0W4ww41nIflUVUIe6g7raIisq+aYOgMp6rW K+G2qdQeQ/UHEnqe86qCttOqLWbPp/qSPPNLfg8ON2yiDMTBDhTJXgNtYQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFO3PG79O4xkpOc02kHUGrc2yA29VMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzFlZjQ5N2E4LWFiZDMtNGQ0OS1hZjEzLTIxNTg0MWFjMzIwZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaNkAwDQYJKoZIhvcNAQELBQADggEBAA3nshMJDmsTF8PsHXWj gR/N5WVja22QzZYh0uQ1HMSajLcFz7MC8cPrJ6aZG/PljG4yxRYs/8Z0q59U1DYF ADKN650yI/qbOpHmRDGWnHJI4iquZ4BJHT0aG85XP1hLDSMCxiEjfcSk6nbKbdn4 hi39z1Rf720LQSXnB45rwED264PCBIpHI4x2zcutggFRrAKLBS7Qch6puyE1hCWm YkZni4E66d31sdCwh4KK2oyEiQIMQT+8r8cEnWMQmhUEdXhAlyCK6n3WaT2rilXw yUdw2gquYWKY91WLxItD4318H+Skk/S6do5OXgeQlvu3MMTisBb1o9DaKuJ45nWX rKM= -----END CERTIFICATE-----Generated at Sun Mar 1 22:07:22 2026 by rpki-client