$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/20dc8ccc-5415-4e50-96f3-cbcc3a8b69ee.roa File: 20dc8ccc-5415-4e50-96f3-cbcc3a8b69ee.roa (raw, json) Hash identifier: 7m9rGoMUz8JMLPKt727ID8qeGxE8UzwIe9Li+pl7DdA= Subject key identifier: 64:CB:83:85:43:1D:5F:6D:90:A2:6D:C9:7C:38:31:F3:4E:05:AD:68 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7CD142DA12F9B75FB1B864FE6C8A84B128B30675 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/20dc8ccc-5415-4e50-96f3-cbcc3a8b69ee.roa Signing time: Fri 20 Feb 2026 00:01:13 +0000 ROA not before: Fri 20 Feb 2026 00:01:13 +0000 ROA not after: Thu 21 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:b0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:d1:42:da:12:f9:b7:5f:b1:b8:64:fe:6c:8a:84:b1:28:b3:06:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 20 00:01:13 2026 GMT Not After : May 21 23:59:59 2026 GMT Subject: serialNumber=1adb150e5f4bd5609b072cad6403ee48d76cf577b01ac96f09636c04566d723e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:58:11:7b:ab:6f:09:f0:8c:7e:e1:88:d6:d0: 95:6f:68:62:e7:90:12:31:de:0d:52:6c:82:e0:51: 29:9f:b5:f0:67:b5:1f:95:88:3a:3e:5f:c2:a1:18: 5e:7f:6b:47:fb:59:8d:d2:c0:d2:ba:36:7e:30:a0: 90:24:eb:3c:7f:24:24:15:b2:92:ac:31:cd:5e:a2: 73:17:8e:17:f6:82:04:e2:bf:55:66:a2:40:ec:71: b4:5a:2d:21:9a:85:7e:47:93:de:bc:f4:c4:b0:4a: c8:99:71:9d:5f:93:63:4a:aa:40:d0:df:5c:3c:8f: 8f:88:5a:9d:f2:18:32:31:4b:10:c6:70:f4:d6:79: 0b:af:74:91:1d:45:e1:d8:9c:3b:77:e8:8f:8f:81: 7b:be:da:ed:a0:5f:23:45:a0:be:c0:1f:20:32:c3: 60:7a:64:5f:97:90:59:ce:68:33:8f:54:cd:a2:12: ec:63:06:07:78:2c:b4:36:14:c3:5d:08:d9:8f:fe: 1d:b1:56:3d:0a:8a:d2:d3:19:0c:8b:e9:81:0f:b9: 39:a9:7e:fe:d7:81:7f:53:7b:ba:c8:7e:6a:81:83: 9e:8a:66:67:d5:69:77:e9:16:6d:d8:b3:b1:f9:08: 6d:33:03:c5:60:c1:b1:35:e3:2d:9a:b8:c5:98:2e: 27:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:CB:83:85:43:1D:5F:6D:90:A2:6D:C9:7C:38:31:F3:4E:05:AD:68 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/20dc8ccc-5415-4e50-96f3-cbcc3a8b69ee.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:b0c0::/48 Signature Algorithm: sha256WithRSAEncryption 3d:21:6d:f5:f4:bf:bb:cf:a2:77:89:2c:a2:ea:1a:17:ac:8b: dd:f6:97:5d:86:1e:38:48:0d:a6:70:36:7e:90:43:7f:db:50: 28:80:4e:4e:70:24:5a:02:7a:15:c4:bc:07:11:6e:50:d3:3e: e3:a8:f2:fb:c5:cf:db:d7:e2:24:6f:fc:9d:3a:11:13:42:da: 43:cf:c2:e4:68:a7:15:2c:39:ec:6b:a7:ed:46:6e:b0:46:ce: 4c:54:1a:0c:7e:c7:01:9b:a5:a4:50:84:8b:23:a5:ee:0d:92: a1:08:23:f6:26:0e:58:85:c1:e2:69:f3:c9:f2:df:3a:38:b3: b8:a5:f7:04:e2:70:a1:0e:a3:91:6c:e2:ed:b1:d5:7b:fa:5f: ef:12:14:19:c6:c6:82:aa:d5:ab:c6:3e:21:db:77:9b:0f:62: c9:af:aa:42:7c:e2:d4:a0:d8:1a:a0:91:13:1c:c0:e1:32:4f: 98:47:80:93:50:1f:6c:f1:d0:c7:3f:af:31:f8:ad:fe:5a:ef: d6:67:0e:1f:55:63:56:e9:c8:aa:66:95:e2:87:90:47:d7:2a: 46:a8:16:32:d2:e3:db:7a:b7:75:2e:0b:43:83:34:8f:35:ae: 4c:5d:cc:b6:bf:bc:c6:95:5a:13:19:0c:6c:61:01:a5:dd:20: f2:af:f7:6b -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUfNFC2hL5t1+xuGT+bIqEsSizBnUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMDAwMDExM1oX DTI2MDUyMTIzNTk1OVowejFJMEcGA1UEBRNAMWFkYjE1MGU1ZjRiZDU2MDliMDcy Y2FkNjQwM2VlNDhkNzZjZjU3N2IwMWFjOTZmMDk2MzZjMDQ1NjZkNzIzZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA21gRe6tvCfCMfuGI1tCVb2hi55AS Md4NUmyC4FEpn7XwZ7UflYg6Pl/CoRhef2tH+1mN0sDSujZ+MKCQJOs8fyQkFbKS rDHNXqJzF44X9oIE4r9VZqJA7HG0Wi0hmoV+R5PevPTEsErImXGdX5NjSqpA0N9c PI+PiFqd8hgyMUsQxnD01nkLr3SRHUXh2Jw7d+iPj4F7vtrtoF8jRaC+wB8gMsNg emRfl5BZzmgzj1TNohLsYwYHeCy0NhTDXQjZj/4dsVY9CorS0xkMi+mBD7k5qX7+ 14F/U3u6yH5qgYOeimZn1Wl36RZt2LOx+QhtMwPFYMGxNeMtmrjFmC4nrQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGTLg4VDHV9tkKJtyXw4MfNOBa1oMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzIwZGM4Y2NjLTU0MTUtNGU1MC05NmYzLWNiY2MzYThiNjllZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYbDAMA0GCSqGSIb3DQEBCwUAA4IBAQA9IW319L+7z6J3iSyi 6hoXrIvd9pddhh44SA2mcDZ+kEN/21AogE5OcCRaAnoVxLwHEW5Q0z7jqPL7xc/b 1+Ikb/ydOhETQtpDz8LkaKcVLDnsa6ftRm6wRs5MVBoMfscBm6WkUISLI6XuDZKh CCP2Jg5YhcHiafPJ8t86OLO4pfcE4nChDqORbOLtsdV7+l/vEhQZxsaCqtWrxj4h 23ebD2LJr6pCfOLUoNgaoJETHMDhMk+YR4CTUB9s8dDHP68x+K3+Wu/WZw4fVWNW 6ciqZpXih5BH1ypGqBYy0uPberd1LgtDgzSPNa5MXcy2v7zGlVoTGQxsYQGl3SDy r/dr -----END CERTIFICATE-----Generated at Sun Mar 1 21:51:52 2026 by rpki-client