$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/29fe97d9-befe-4ea9-8151-d76ea6e9a705.roa File: 29fe97d9-befe-4ea9-8151-d76ea6e9a705.roa (raw, json) Hash identifier: +lTOp+C1EcHeXysDwU1ZzHW2Bacluy1zcVLsgLzkcFc= Subject key identifier: 3D:CD:93:5E:96:83:30:86:71:85:E2:31:81:0F:05:91:BE:B5:D6:C3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2143AEC7478ECEE48589A74304A940834D9003B1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/29fe97d9-befe-4ea9-8151-d76ea6e9a705.roa Signing time: Fri 20 Feb 2026 00:20:56 +0000 ROA not before: Fri 20 Feb 2026 00:20:56 +0000 ROA not after: Thu 21 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:2880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:43:ae:c7:47:8e:ce:e4:85:89:a7:43:04:a9:40:83:4d:90:03:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 20 00:20:56 2026 GMT Not After : May 21 23:59:59 2026 GMT Subject: serialNumber=3d610fcc1732bb4716cc180103cb100271d2466f0ae4a94318750add1c0b8466, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:3f:5b:7d:55:2b:fe:c8:2c:05:8b:03:d2:d1: 26:57:8c:d5:00:e0:5f:c9:de:98:f4:ae:49:96:27: de:64:32:19:97:58:27:6f:cb:e7:80:8c:3b:dd:4b: 56:50:a9:3f:46:97:d5:e0:79:6e:5c:29:a9:03:ed: 4e:18:eb:97:ad:89:31:ef:9d:73:aa:36:12:8b:cb: dd:2a:3d:b2:cc:55:db:ba:12:c5:99:99:a2:3c:35: 14:b9:81:10:c8:9d:24:9d:90:1b:60:60:21:f5:f2: 35:e6:db:ad:73:75:7f:be:d1:4c:27:c9:ab:da:1f: 38:11:3f:24:6d:d9:18:ab:10:c6:f2:78:0e:21:d7: eb:c2:b9:74:57:2c:b8:4b:82:f0:50:7e:2e:6e:20: ce:6b:f9:37:94:98:e6:6c:84:ba:61:c9:48:76:3e: b2:de:ed:8f:98:2e:b1:6a:47:9d:7c:1b:a7:5d:dc: 0e:2f:ef:12:c4:4d:c5:b1:50:c8:20:b3:29:a8:7e: d6:a5:73:92:4b:f4:a9:79:91:46:28:3a:86:bf:80: 7f:36:89:d4:2c:25:35:a8:42:d4:1f:ab:47:0f:3b: 68:3d:a8:02:fa:ab:fb:44:c0:0d:d2:91:2e:f0:62: fa:ca:95:b0:18:4c:40:49:c0:e3:24:2e:a0:16:39: 7b:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:CD:93:5E:96:83:30:86:71:85:E2:31:81:0F:05:91:BE:B5:D6:C3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/29fe97d9-befe-4ea9-8151-d76ea6e9a705.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:2880::/48 Signature Algorithm: sha256WithRSAEncryption a5:94:01:72:58:75:19:2a:a2:61:86:a0:93:51:9e:16:de:0d: 0e:b8:02:79:e8:6c:ca:6c:0c:22:85:3a:1c:26:19:0c:ca:39: 03:f8:b6:ae:49:22:55:a1:6a:27:c7:8b:36:40:8b:7a:6e:8d: 20:c9:2e:1a:93:3d:fa:a6:dd:22:66:87:0c:cd:4d:db:49:f9: 27:07:65:e3:a7:46:69:16:f0:d5:1d:9c:94:12:18:0f:3d:4a: 2b:43:0e:2a:cd:fa:0e:89:e1:4a:79:07:12:c4:c2:a8:ef:34: d0:02:8d:8e:11:d8:6b:5a:07:a9:83:b0:44:f6:9b:32:5d:18: d8:bf:e5:25:ca:d9:73:54:e5:82:63:5e:8f:13:c5:51:39:83: 8e:cf:1c:f0:16:50:b3:d0:a4:f5:5b:99:6d:d4:77:49:40:41: e8:93:99:f6:49:1b:82:3c:92:a3:d9:e9:6a:9a:6c:2c:e4:0b: 66:6b:ed:a9:20:80:73:87:b8:4c:13:a4:0e:df:62:99:a5:3a: 1d:20:4f:fe:59:cd:aa:94:8f:aa:23:20:02:33:da:2f:2c:9d: 57:84:82:c2:bf:6b:07:06:eb:96:5a:d3:f7:f1:49:88:fa:95: 04:c4:08:68:7d:d1:15:7f:02:ee:c1:0f:41:02:cf:fa:56:bd: 67:08:4e:16 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUIUOux0eOzuSFiadDBKlAg02QA7EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMDAwMjA1NloX DTI2MDUyMTIzNTk1OVowejFJMEcGA1UEBRNAM2Q2MTBmY2MxNzMyYmI0NzE2Y2Mx ODAxMDNjYjEwMDI3MWQyNDY2ZjBhZTRhOTQzMTg3NTBhZGQxYzBiODQ2NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzz9bfVUr/sgsBYsD0tEmV4zVAOBf yd6Y9K5JlifeZDIZl1gnb8vngIw73UtWUKk/RpfV4HluXCmpA+1OGOuXrYkx751z qjYSi8vdKj2yzFXbuhLFmZmiPDUUuYEQyJ0knZAbYGAh9fI15tutc3V/vtFMJ8mr 2h84ET8kbdkYqxDG8ngOIdfrwrl0Vyy4S4LwUH4ubiDOa/k3lJjmbIS6YclIdj6y 3u2PmC6xakedfBunXdwOL+8SxE3FsVDIILMpqH7WpXOSS/SpeZFGKDqGv4B/NonU LCU1qELUH6tHDztoPagC+qv7RMAN0pEu8GL6ypWwGExAScDjJC6gFjl7CwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFD3Nk16WgzCGcYXiMYEPBZG+tdbDMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI5ZmU5N2Q5LWJlZmUtNGVhOS04MTUxLWQ3NmVhNmU5YTcwNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/yiAMA0GCSqGSIb3DQEBCwUAA4IBAQCllAFyWHUZKqJhhqCT UZ4W3g0OuAJ56GzKbAwihTocJhkMyjkD+LauSSJVoWonx4s2QIt6bo0gyS4akz36 pt0iZocMzU3bSfknB2Xjp0ZpFvDVHZyUEhgPPUorQw4qzfoOieFKeQcSxMKo7zTQ Ao2OEdhrWgepg7BE9psyXRjYv+UlytlzVOWCY16PE8VROYOOzxzwFlCz0KT1W5lt 1HdJQEHok5n2SRuCPJKj2elqmmws5Atma+2pIIBzh7hME6QO32KZpTodIE/+Wc2q lI+qIyACM9ovLJ1XhILCv2sHBuuWWtP38UmI+pUExAhofdEVfwLuwQ9BAs/6Vr1n CE4W -----END CERTIFICATE-----Generated at Sun Mar 1 21:54:32 2026 by rpki-client