$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b4adb97-a33f-485c-865b-badaa1f9c897.roa File: 2b4adb97-a33f-485c-865b-badaa1f9c897.roa (raw, json) Hash identifier: JokRpoT4POxIPnEhV+j+EadPzsN75vhjlHnO+y2L1Gs= Subject key identifier: 4A:BC:4B:C9:50:B0:E8:A2:99:34:96:BE:50:EA:B0:BC:49:B0:97:AB Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 24B877D2A09D5B0049F0F499CEAAFC969E5E9CF1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b4adb97-a33f-485c-865b-badaa1f9c897.roa Signing time: Sat 21 Feb 2026 00:00:53 +0000 ROA not before: Sat 21 Feb 2026 00:00:53 +0000 ROA not after: Fri 22 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:b000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 24:b8:77:d2:a0:9d:5b:00:49:f0:f4:99:ce:aa:fc:96:9e:5e:9c:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 21 00:00:53 2026 GMT Not After : May 22 23:59:59 2026 GMT Subject: serialNumber=84f9f86ef748fd0cffe70995078fa89d9eb1dc258cb142f8df5fa2157ec32bb0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:f9:93:42:c1:ef:ee:b2:46:a7:1e:4f:2f:a0: fe:4c:4f:8b:f4:47:c7:a2:09:3a:86:33:0f:9d:09: 71:0d:f4:b7:38:85:4c:14:7f:fc:3a:54:14:e1:25: 7b:76:e5:8f:af:7f:24:ca:1f:4c:5f:7f:22:3f:ed: 32:3c:a7:20:b9:e2:33:08:af:f4:bd:b0:c2:68:c2: 83:d3:10:df:e1:18:3f:b9:01:04:de:cc:e8:6e:18: 62:0a:47:6a:d4:bf:b3:e2:51:7b:76:af:8d:96:a9: f8:92:c8:a5:67:6e:d8:64:d4:f3:8e:d4:23:0e:4f: 17:cb:58:05:fa:85:20:bd:4d:e8:d1:8b:76:b4:65: fa:b4:55:25:16:69:5a:eb:16:49:f9:85:f4:94:28: 75:82:f6:8b:62:10:d6:88:72:63:1e:9f:59:55:a9: 5f:70:84:8b:4d:24:00:2d:af:0b:97:35:09:a5:22: 68:c1:b8:8f:40:90:92:a9:c6:38:82:0c:99:36:04: 12:24:b4:c4:7b:68:a1:1c:c0:1f:9a:67:4e:e4:c8: 54:e4:24:88:70:4d:b4:7d:cd:d8:e4:7a:7c:1c:ef: 1b:b9:33:cd:b2:b1:3d:c1:da:77:79:48:9a:ef:3f: fb:06:6d:78:ff:98:99:87:f8:e3:84:d0:d5:0f:f4: 37:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:BC:4B:C9:50:B0:E8:A2:99:34:96:BE:50:EA:B0:BC:49:B0:97:AB X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b4adb97-a33f-485c-865b-badaa1f9c897.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:b000::/40 Signature Algorithm: sha256WithRSAEncryption 2d:f2:f6:ec:1e:3e:18:e5:00:5f:99:3e:23:ae:70:26:a2:eb: 96:ff:41:c6:f9:b1:93:5f:70:23:58:4d:21:a8:92:12:1d:8f: cd:20:87:69:a7:d2:33:82:33:1f:80:b8:49:d1:12:c5:c1:0b: 15:77:d7:5c:7a:be:91:26:e3:35:d8:00:11:0c:4a:8e:5f:ac: 92:f1:31:48:0e:c3:c1:42:10:1f:bf:86:1e:5d:d4:6b:bf:c4: 20:c0:60:39:7e:f4:20:f6:25:25:f9:19:70:65:4c:a7:06:ba: 30:66:a0:80:a2:68:c1:87:c3:8f:b8:d4:8e:67:10:da:41:18: 2d:86:ad:9c:c5:45:a0:5d:ac:e2:a4:81:4e:76:c2:fd:8b:80: b1:b5:b8:8e:8f:f2:bd:8f:00:0c:ec:45:cf:5b:fc:bf:99:01: af:af:74:f0:66:eb:94:87:56:51:bb:8c:15:bf:85:86:ff:0a: e8:92:ea:3d:d1:cf:03:7e:f5:d1:88:5c:3c:79:50:8c:b1:90: 74:b7:a9:44:1d:09:91:38:85:31:8e:bb:5b:1b:c4:9e:0a:c5: 4b:39:ef:02:b1:05:b4:e8:0a:d9:95:ea:1c:79:d4:0b:35:91: 31:8e:57:b3:f9:54:93:2e:78:98:e0:92:dc:ef:2b:f0:28:6d: e5:98:ee:e5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJLh30qCdWwBJ8PSZzqr8lp5enPEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMTAwMDA1M1oX DTI2MDUyMjIzNTk1OVowejFJMEcGA1UEBRNAODRmOWY4NmVmNzQ4ZmQwY2ZmZTcw OTk1MDc4ZmE4OWQ5ZWIxZGMyNThjYjE0MmY4ZGY1ZmEyMTU3ZWMzMmJiMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPmTQsHv7rJGpx5PL6D+TE+L9EfH ogk6hjMPnQlxDfS3OIVMFH/8OlQU4SV7duWPr38kyh9MX38iP+0yPKcgueIzCK/0 vbDCaMKD0xDf4Rg/uQEE3szobhhiCkdq1L+z4lF7dq+Nlqn4ksilZ27YZNTzjtQj Dk8Xy1gF+oUgvU3o0Yt2tGX6tFUlFmla6xZJ+YX0lCh1gvaLYhDWiHJjHp9ZValf cISLTSQALa8LlzUJpSJowbiPQJCSqcY4ggyZNgQSJLTEe2ihHMAfmmdO5MhU5CSI cE20fc3Y5Hp8HO8buTPNsrE9wdp3eUia7z/7Bm14/5iZh/jjhNDVD/Q3QQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEq8S8lQsOiimTSWvlDqsLxJsJerMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJiNGFkYjk3LWEzM2YtNDg1Yy04NjViLWJhZGFhMWY5Yzg5Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaALAwDQYJKoZIhvcNAQELBQADggEBAC3y9uwePhjlAF+ZPiOu cCai65b/Qcb5sZNfcCNYTSGokhIdj80gh2mn0jOCMx+AuEnREsXBCxV311x6vpEm 4zXYABEMSo5frJLxMUgOw8FCEB+/hh5d1Gu/xCDAYDl+9CD2JSX5GXBlTKcGujBm oICiaMGHw4+41I5nENpBGC2GrZzFRaBdrOKkgU52wv2LgLG1uI6P8r2PAAzsRc9b /L+ZAa+vdPBm65SHVlG7jBW/hYb/CuiS6j3RzwN+9dGIXDx5UIyxkHS3qUQdCZE4 hTGOu1sbxJ4KxUs57wKxBbToCtmV6hx51As1kTGOV7P5VJMueJjgktzvK/AobeWY 7uU= -----END CERTIFICATE-----Generated at Mon Mar 2 07:08:29 2026 by rpki-client