$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2a4b406c-5546-415b-a581-7d4fac440f72.roa File: 2a4b406c-5546-415b-a581-7d4fac440f72.roa (raw, json) Hash identifier: IRy0HH4A+U6/N237zDWEnsk81s6BOo9G9K7NfY1fw4E= Subject key identifier: 73:35:C9:53:2A:D7:37:94:06:B0:7A:19:D0:D5:87:6F:4A:63:E9:50 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 66A5DD853CB629D81A682CBA5B1169F66F14D2D3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2a4b406c-5546-415b-a581-7d4fac440f72.roa Signing time: Fri 20 Feb 2026 00:01:41 +0000 ROA not before: Fri 20 Feb 2026 00:01:41 +0000 ROA not after: Thu 21 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:b080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:a5:dd:85:3c:b6:29:d8:1a:68:2c:ba:5b:11:69:f6:6f:14:d2:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 20 00:01:41 2026 GMT Not After : May 21 23:59:59 2026 GMT Subject: serialNumber=7fe1564419e74066968ab568e8554fbdfa91e1c56459776ba98201928fce4d2f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:88:72:6a:b5:0f:5c:7d:a6:99:f8:2a:09:b7: ff:a6:b8:66:8d:63:ae:34:5c:bf:72:d9:58:d8:6d: cb:d6:05:db:fb:21:b1:a6:87:4f:a4:02:a6:66:21: 7e:f0:3e:69:bf:b5:bc:78:ab:96:50:56:9a:e0:f7: f4:0d:39:fb:b5:17:89:d6:42:47:49:ac:27:39:09: 58:0e:c0:00:d3:5a:2d:ad:44:fe:c2:ca:b2:c3:b0: c5:79:a1:37:b9:46:6d:d1:8f:36:78:f8:3d:13:0c: 52:f7:8e:28:51:95:de:ac:13:b0:46:fb:b4:b7:ff: d0:40:10:99:c5:0b:22:1e:39:08:9d:21:2c:07:7a: 3c:8a:1b:91:b4:39:be:35:8e:2f:d8:0d:74:0a:eb: c4:fc:62:50:8f:e3:84:d0:85:1f:39:cd:7a:f6:70: d3:f0:ad:8c:ab:15:fa:2c:75:c3:ef:91:50:75:59: 47:b9:1a:41:e8:7f:21:06:1c:ea:b0:e6:08:89:6a: 5b:db:47:e6:a0:67:a7:88:ee:53:24:5c:2d:6b:3a: 3a:6a:7d:0a:08:62:10:0a:56:0f:1b:5c:54:eb:34: 3a:0f:e9:06:ea:f9:90:e3:7b:00:25:81:7a:78:5a: bd:48:70:26:c7:27:14:a3:31:17:21:fd:77:36:67: 9a:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:35:C9:53:2A:D7:37:94:06:B0:7A:19:D0:D5:87:6F:4A:63:E9:50 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2a4b406c-5546-415b-a581-7d4fac440f72.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:b080::/48 Signature Algorithm: sha256WithRSAEncryption a2:82:b2:f1:73:8e:82:d3:27:cb:67:33:47:13:21:c5:6f:1c: 29:44:89:38:57:2f:2a:dd:6a:6a:03:58:8c:b5:87:15:ca:7a: 81:1e:87:e1:68:39:98:9d:53:f6:0b:2a:ea:a2:87:1c:83:61: b4:72:75:78:61:b5:46:58:11:56:86:19:4a:af:3e:27:18:68: dc:e5:e4:be:76:3f:55:06:ac:d1:ef:5e:9c:5a:32:06:27:a5: bf:98:54:70:56:29:23:f9:1e:0b:09:49:39:8d:da:fd:f6:82: a8:d7:01:16:58:e9:48:98:4c:42:f2:73:e4:5a:32:ce:67:02: 02:fb:96:31:ee:03:7f:b5:60:7b:ae:2d:57:8b:35:e1:bb:a7: a5:0f:52:8c:a9:dd:25:ed:12:5f:74:f1:f3:e1:5f:5f:8b:84: 27:4f:f3:1d:7a:15:6b:f5:f6:62:e4:8a:19:11:d6:db:b3:4f: e5:60:03:10:7f:c8:0c:9d:aa:c6:7e:d0:09:1e:6a:58:71:97: c0:4c:68:42:7c:3b:fd:0e:43:e3:e9:61:3b:36:69:df:7a:c4: 28:94:b9:89:23:76:20:60:db:e5:ae:ba:f4:83:b1:92:6f:1f: 40:62:ab:6e:58:b7:c6:d4:1a:04:37:8a:56:e9:24:6a:c1:db: 71:52:e7:89 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZqXdhTy2KdgaaCy6WxFp9m8U0tMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMDAwMDE0MVoX DTI2MDUyMTIzNTk1OVowejFJMEcGA1UEBRNAN2ZlMTU2NDQxOWU3NDA2Njk2OGFi NTY4ZTg1NTRmYmRmYTkxZTFjNTY0NTk3NzZiYTk4MjAxOTI4ZmNlNGQyZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYhyarUPXH2mmfgqCbf/prhmjWOu NFy/ctlY2G3L1gXb+yGxpodPpAKmZiF+8D5pv7W8eKuWUFaa4Pf0DTn7tReJ1kJH SawnOQlYDsAA01otrUT+wsqyw7DFeaE3uUZt0Y82ePg9EwxS944oUZXerBOwRvu0 t//QQBCZxQsiHjkInSEsB3o8ihuRtDm+NY4v2A10CuvE/GJQj+OE0IUfOc169nDT 8K2MqxX6LHXD75FQdVlHuRpB6H8hBhzqsOYIiWpb20fmoGeniO5TJFwtazo6an0K CGIQClYPG1xU6zQ6D+kG6vmQ43sAJYF6eFq9SHAmxycUozEXIf13NmeaPwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFHM1yVMq1zeUBrB6GdDVh29KY+lQMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJhNGI0MDZjLTU1NDYtNDE1Yi1hNTgxLTdkNGZhYzQ0MGY3Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/7CAMA0GCSqGSIb3DQEBCwUAA4IBAQCigrLxc46C0yfLZzNH EyHFbxwpRIk4Vy8q3WpqA1iMtYcVynqBHofhaDmYnVP2Cyrqooccg2G0cnV4YbVG WBFWhhlKrz4nGGjc5eS+dj9VBqzR716cWjIGJ6W/mFRwVikj+R4LCUk5jdr99oKo 1wEWWOlImExC8nPkWjLOZwIC+5Yx7gN/tWB7ri1XizXhu6elD1KMqd0l7RJfdPHz 4V9fi4QnT/MdehVr9fZi5IoZEdbbs0/lYAMQf8gMnarGftAJHmpYcZfATGhCfDv9 DkPj6WE7NmnfesQolLmJI3YgYNvlrrr0g7GSbx9AYqtuWLfG1BoEN4pW6SRqwdtx UueJ -----END CERTIFICATE-----Generated at Sun Mar 1 22:05:20 2026 by rpki-client