$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2a177984-44c1-4fc1-97dc-e08be80f4299.roa File: 2a177984-44c1-4fc1-97dc-e08be80f4299.roa (raw, json) Hash identifier: +LaakGTrEPvBCLkGSk6+yCG3seB22hy3PrqNbKEfgGQ= Subject key identifier: 6F:09:4B:C4:D2:68:63:BD:F6:A6:CE:52:9E:29:B4:BD:94:BE:A9:D2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 646A8921EFFC981E746471FD3FF31703DFF7663E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2a177984-44c1-4fc1-97dc-e08be80f4299.roa Signing time: Wed 11 Feb 2026 00:21:01 +0000 ROA not before: Wed 11 Feb 2026 00:21:01 +0000 ROA not after: Tue 12 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:4840::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:6a:89:21:ef:fc:98:1e:74:64:71:fd:3f:f3:17:03:df:f7:66:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 11 00:21:01 2026 GMT Not After : May 12 23:59:59 2026 GMT Subject: serialNumber=5b4b1ead8b77ce99f10eed7a08534de469bf51e06bc13d2f160f5241a3ef95fa, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:3d:3b:8a:62:18:53:13:23:e0:d8:f7:fc:06: 51:21:75:1d:e0:2e:fd:6c:6e:2d:9a:78:da:aa:63: 5a:28:60:95:65:77:b9:f0:d1:dc:17:f5:8a:f0:d0: bf:d5:dc:17:0c:0a:fd:40:45:6c:fe:48:ae:42:3a: 73:15:ba:5a:3e:b2:16:30:28:03:8a:02:46:3d:b2: d4:1a:7a:7e:79:c4:f3:ee:b7:7a:51:d2:f4:b3:60: d9:57:63:09:cd:b3:73:84:f0:fb:9d:b6:66:fb:d0: 78:43:25:08:49:a0:21:8d:c4:b7:06:a9:f0:89:94: de:87:c7:48:34:6a:cc:02:b2:ca:23:35:37:d3:fb: 8b:f7:16:fb:94:09:6b:2b:69:fc:aa:41:64:c1:33: 6b:8e:d8:6c:0a:76:b8:41:2f:46:d5:4c:20:8f:22: 54:b2:06:a9:44:85:54:01:48:6c:e9:f5:cc:73:0e: 34:6d:a4:af:44:36:b5:bf:d7:2c:26:63:4e:3b:44: a9:79:b3:bd:0c:47:7d:13:9a:62:50:97:44:74:19: df:c4:11:d8:95:f4:b7:6e:77:32:8f:51:71:f1:48: ac:a0:5b:be:79:f1:5d:fb:2a:68:3a:1b:85:8f:7d: 13:8f:2f:aa:d7:72:62:a3:07:f8:65:64:57:3a:0b: 56:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:09:4B:C4:D2:68:63:BD:F6:A6:CE:52:9E:29:B4:BD:94:BE:A9:D2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2a177984-44c1-4fc1-97dc-e08be80f4299.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:4840::/46 Signature Algorithm: sha256WithRSAEncryption 2a:d1:62:a9:17:39:7c:63:16:37:51:d0:31:be:ca:bd:43:4f: ea:28:81:1e:f1:a3:b3:64:2e:6a:96:f8:ed:98:10:4d:fa:d7: cd:b0:8c:03:81:4a:ae:3c:82:3b:88:aa:5e:10:95:bd:bc:3a: c9:3c:66:9b:05:4f:99:92:a0:37:ba:a2:9e:5f:2e:f6:09:dc: 45:8d:a9:5c:72:39:78:9f:07:95:9a:a7:3f:00:97:ea:98:2a: eb:92:3e:6a:84:c5:87:96:71:fd:90:1f:38:fd:15:27:10:9b: 15:23:b1:ad:26:67:c8:d2:7d:94:f7:7c:20:cc:78:b0:70:ff: 97:64:54:64:e9:27:de:00:fc:05:f5:2d:de:fe:3d:63:f4:c1: d6:6e:ab:7a:eb:9c:75:0c:14:9f:92:54:94:dc:23:c3:ef:16: 6e:aa:24:d5:eb:de:37:4a:35:07:31:52:ac:ec:63:5a:0d:1c: e2:58:f6:2c:fa:81:7a:5f:3a:90:dd:e6:26:40:0d:9f:7f:1a: f8:6f:6d:72:9e:56:ea:27:01:eb:07:f3:03:f8:e4:54:ba:d4: 51:ae:a5:fc:4a:97:91:2d:87:73:4a:ac:df:8e:30:50:c8:2a: 3d:76:28:5b:97:ab:1b:4e:bb:9e:9f:4f:d8:91:8c:d6:d6:d4: e8:6d:c6:9f -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZGqJIe/8mB50ZHH9P/MXA9/3Zj4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxMTAwMjEwMVoX DTI2MDUxMjIzNTk1OVowejFJMEcGA1UEBRNANWI0YjFlYWQ4Yjc3Y2U5OWYxMGVl ZDdhMDg1MzRkZTQ2OWJmNTFlMDZiYzEzZDJmMTYwZjUyNDFhM2VmOTVmYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsT07imIYUxMj4Nj3/AZRIXUd4C79 bG4tmnjaqmNaKGCVZXe58NHcF/WK8NC/1dwXDAr9QEVs/kiuQjpzFbpaPrIWMCgD igJGPbLUGnp+ecTz7rd6UdL0s2DZV2MJzbNzhPD7nbZm+9B4QyUISaAhjcS3Bqnw iZTeh8dINGrMArLKIzU30/uL9xb7lAlrK2n8qkFkwTNrjthsCna4QS9G1UwgjyJU sgapRIVUAUhs6fXMcw40baSvRDa1v9csJmNOO0SpebO9DEd9E5piUJdEdBnfxBHY lfS3bncyj1Fx8UisoFu+efFd+ypoOhuFj30Tjy+q13Jiowf4ZWRXOgtWFwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFG8JS8TSaGO99qbOUp4ptL2UvqnSMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJhMTc3OTg0LTQ0YzEtNGZjMS05N2RjLWUwOGJlODBmNDI5OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba80hAMA0GCSqGSIb3DQEBCwUAA4IBAQAq0WKpFzl8YxY3UdAx vsq9Q0/qKIEe8aOzZC5qlvjtmBBN+tfNsIwDgUquPII7iKpeEJW9vDrJPGabBU+Z kqA3uqKeXy72CdxFjalccjl4nweVmqc/AJfqmCrrkj5qhMWHlnH9kB84/RUnEJsV I7GtJmfI0n2U93wgzHiwcP+XZFRk6SfeAPwF9S3e/j1j9MHWbqt665x1DBSfklSU 3CPD7xZuqiTV6943SjUHMVKs7GNaDRziWPYs+oF6XzqQ3eYmQA2ffxr4b21ynlbq JwHrB/MD+ORUutRRrqX8SpeRLYdzSqzfjjBQyCo9dihbl6sbTruen0/YkYzW1tTo bcaf -----END CERTIFICATE-----Generated at Sun Mar 1 23:48:40 2026 by rpki-client