$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/235f359d-e1b2-4bd7-9910-360fce79f1be.roa File: 235f359d-e1b2-4bd7-9910-360fce79f1be.roa (raw, json) Hash identifier: niOJCEiJvHJmC8Om7jQo47fNKuuM4Xct055184yQ9fA= Subject key identifier: BE:27:9F:B5:AD:A8:1B:9A:0C:63:61:82:76:E8:20:53:1E:96:6A:49 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 384987327FCE8738E40F90E851C0C351ACFDB642 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/235f359d-e1b2-4bd7-9910-360fce79f1be.roa Signing time: Tue 24 Feb 2026 00:00:10 +0000 ROA not before: Tue 24 Feb 2026 00:00:10 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:49:87:32:7f:ce:87:38:e4:0f:90:e8:51:c0:c3:51:ac:fd:b6:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 24 00:00:10 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=464a08406d285f2de297e01c4fd0f78666e0011278f7cae8e5a3ba869338c385, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:b4:5a:af:2d:7f:dc:f1:0f:7f:f5:6d:1d:b3: 0b:a0:78:b9:70:44:ec:bf:91:de:7a:d5:88:1f:5f: cf:7e:5c:f1:a6:04:fe:62:a9:7d:ac:c1:0e:f8:4a: fd:ec:3c:4b:a0:23:1e:bd:a7:2a:33:36:60:c1:0f: 98:a8:0b:6a:f3:db:2e:77:16:77:43:03:b9:1c:91: f7:78:09:ce:22:ae:65:ce:28:c8:44:ba:70:4d:86: 46:c1:7c:25:ee:15:e8:f1:c7:6c:c1:f2:b1:36:64: 26:49:ce:be:07:68:25:24:ad:c7:11:0a:9b:54:2e: 64:f8:6c:04:1f:33:a4:37:88:97:7b:c6:3b:b9:ad: 74:ec:51:0d:99:cd:52:29:7e:77:6d:c6:c0:1e:a7: 02:91:c8:e7:b4:12:d8:7c:82:4f:76:cd:07:35:7a: 98:51:eb:98:6a:f4:82:9a:ce:95:f5:b8:75:29:fc: c5:fa:89:25:d4:e3:89:1f:5c:e3:77:cb:aa:6e:d8: 69:2c:30:48:df:0e:fc:b8:a2:00:ac:48:b1:98:64: 4c:2b:f9:9e:1f:60:c6:5b:2f:46:94:5c:af:85:cd: 1b:2e:30:3d:76:1f:bd:78:12:89:cf:65:54:79:12: d1:c9:36:de:39:6f:01:57:15:8c:95:39:40:49:11: 21:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:27:9F:B5:AD:A8:1B:9A:0C:63:61:82:76:E8:20:53:1E:96:6A:49 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/235f359d-e1b2-4bd7-9910-360fce79f1be.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:2000::/40 Signature Algorithm: sha256WithRSAEncryption 25:ad:91:ab:ef:80:e7:b4:5f:a4:0a:ce:5b:c5:57:02:56:5f: df:6f:05:9a:11:61:a3:f0:90:a4:36:5f:3f:fe:66:27:e3:9e: 6c:59:3b:98:9e:a0:02:2f:a2:ae:b4:f0:2b:07:d9:82:e9:ad: 35:95:d6:8b:58:a2:d1:aa:da:66:f6:ce:4f:7d:a2:66:94:83: 56:56:54:cd:e9:04:34:08:f5:36:5f:67:e3:cf:d2:1f:c5:41: df:10:26:f7:cf:35:e4:9b:28:f4:1d:fe:19:44:62:61:90:e2: 5f:16:34:ef:39:3f:a1:d1:79:24:28:c4:f5:73:d4:9d:30:20: f9:8a:ab:04:7f:ac:37:d1:4b:64:fd:d2:d8:6a:ed:74:f0:13: 05:e6:ff:94:42:66:ad:d6:71:2a:f4:c4:fa:f0:85:83:a2:53: 1c:2f:09:3b:19:bd:7d:c0:d1:8f:4a:cf:78:45:1a:1d:cb:bb: 85:a7:eb:f7:77:ac:6d:0b:f7:e5:1f:00:4c:03:90:45:48:48: 0c:01:56:61:c0:b9:b8:3d:69:77:2a:9b:65:ba:e6:34:42:7d: 65:0c:51:33:f5:58:78:8e:8f:e1:c8:84:ea:7a:00:cb:b6:7c: 53:34:ba:d3:78:8d:93:4d:70:0b:6d:6c:e4:45:ae:63:22:de: 45:af:22:5b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUOEmHMn/OhzjkD5DoUcDDUaz9tkIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyNDAwMDAxMFoX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNANDY0YTA4NDA2ZDI4NWYyZGUyOTdl MDFjNGZkMGY3ODY2NmUwMDExMjc4ZjdjYWU4ZTVhM2JhODY5MzM4YzM4NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrRary1/3PEPf/VtHbMLoHi5cETs v5HeetWIH1/PflzxpgT+Yql9rMEO+Er97DxLoCMevacqMzZgwQ+YqAtq89sudxZ3 QwO5HJH3eAnOIq5lzijIRLpwTYZGwXwl7hXo8cdswfKxNmQmSc6+B2glJK3HEQqb VC5k+GwEHzOkN4iXe8Y7ua107FENmc1SKX53bcbAHqcCkcjntBLYfIJPds0HNXqY UeuYavSCms6V9bh1KfzF+okl1OOJH1zjd8uqbthpLDBI3w78uKIArEixmGRMK/me H2DGWy9GlFyvhc0bLjA9dh+9eBKJz2VUeRLRyTbeOW8BVxWMlTlASREhZQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFL4nn7WtqBuaDGNhgnboIFMelmpJMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzIzNWYzNTlkLWUxYjItNGJkNy05OTEwLTM2MGZjZTc5ZjFiZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaCAwDQYJKoZIhvcNAQELBQADggEBACWtkavvgOe0X6QKzlvF VwJWX99vBZoRYaPwkKQ2Xz/+ZifjnmxZO5ieoAIvoq608CsH2YLprTWV1otYotGq 2mb2zk99omaUg1ZWVM3pBDQI9TZfZ+PP0h/FQd8QJvfPNeSbKPQd/hlEYmGQ4l8W NO85P6HReSQoxPVz1J0wIPmKqwR/rDfRS2T90thq7XTwEwXm/5RCZq3WcSr0xPrw hYOiUxwvCTsZvX3A0Y9Kz3hFGh3Lu4Wn6/d3rG0L9+UfAEwDkEVISAwBVmHAubg9 aXcqm2W65jRCfWUMUTP1WHiOj+HIhOp6AMu2fFM0utN4jZNNcAttbORFrmMi3kWv Ils= -----END CERTIFICATE-----Generated at Mon Mar 2 01:27:10 2026 by rpki-client