$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2ccc2fec-a7d2-49ed-8497-75338c1b568e.roa File: 2ccc2fec-a7d2-49ed-8497-75338c1b568e.roa (raw, json) Hash identifier: Y6kr5vyeHEBrVAzfswARC6E2nW+KnAhdhocsLR+SND0= Subject key identifier: AD:06:00:DA:78:16:61:B8:9A:13:A3:23:5F:04:90:E5:F1:9C:16:29 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3CE89B18216F8CB97964C0AB32E19F05ECB63391 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2ccc2fec-a7d2-49ed-8497-75338c1b568e.roa Signing time: Thu 26 Feb 2026 00:00:07 +0000 ROA not before: Thu 26 Feb 2026 00:00:07 +0000 ROA not after: Wed 27 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daed:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:e8:9b:18:21:6f:8c:b9:79:64:c0:ab:32:e1:9f:05:ec:b6:33:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 26 00:00:07 2026 GMT Not After : May 27 23:59:59 2026 GMT Subject: serialNumber=efea8aad2eacc1fe34fd00dfabd9156a5535ec96d6d3b505efa95e4ac5cd7e2a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:2f:cb:94:54:25:a5:05:92:bb:9a:5f:ab:2a: 1c:04:a5:eb:8d:c4:3b:6b:60:d7:61:9e:59:da:eb: 72:ff:a2:ee:a8:45:2b:77:32:95:28:11:82:22:2f: 82:dd:0f:dd:c7:08:f9:9a:35:52:27:3e:5e:11:bd: 3f:a8:6c:d6:d4:cd:e1:59:4e:71:e9:af:60:0d:da: fd:d4:e4:a8:3d:17:3e:17:96:4b:31:cc:22:07:1d: 3b:27:fc:52:ee:2b:e7:50:e7:a8:94:e9:2b:5a:09: 97:0d:03:34:fc:4f:8a:57:fb:ab:ac:b3:e0:d7:f3: 0b:74:c7:e1:06:9b:96:1c:7f:b0:f4:63:61:f3:0e: 44:04:40:04:81:42:98:0b:7e:3a:6b:3d:3e:61:b1: f3:03:f1:2b:2d:61:03:4d:26:82:51:f6:72:42:4f: e0:9e:00:65:c0:86:66:5c:f4:ec:a3:67:74:50:69: 12:82:c6:01:b2:2d:f2:8c:fb:a1:54:e8:6f:5f:c2: 55:e7:87:18:34:67:52:d8:13:31:46:83:8b:27:6e: 37:b4:b6:97:6b:b3:48:76:7b:4f:67:13:3a:cd:89: 92:a5:e4:80:2e:b1:c9:ba:b6:97:25:14:71:65:e4: 2f:de:d2:1e:c1:e6:d6:16:58:b0:54:7d:f8:1d:1d: b2:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:06:00:DA:78:16:61:B8:9A:13:A3:23:5F:04:90:E5:F1:9C:16:29 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2ccc2fec-a7d2-49ed-8497-75338c1b568e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daed:800::/40 Signature Algorithm: sha256WithRSAEncryption 47:74:46:5a:e3:c2:2a:fe:19:21:b0:2d:65:e9:6b:f5:b8:a9: 8b:de:72:89:e1:de:f2:93:56:07:c1:1a:73:d8:87:1b:27:7c: 79:75:35:be:72:32:ac:11:b0:3a:ab:68:25:8a:0c:75:84:1d: 0e:83:83:0d:fc:be:a5:0e:a1:72:21:3b:ef:b8:20:bc:d7:06: 76:c3:69:9a:fb:e8:f5:90:e4:78:6c:74:74:44:ef:94:9e:d2: d6:1a:ca:3f:d4:83:88:02:51:b2:9e:d9:2f:da:59:15:0f:f2: 36:54:7a:8a:cc:19:0a:fb:b5:42:7e:d8:8d:80:5c:07:a2:d3: 81:08:b7:1c:a2:da:0a:ed:40:4e:6f:d4:41:d2:1d:90:36:5b: ac:f1:40:70:3d:6a:ee:1b:fa:d2:80:a1:cd:b9:22:96:59:45: 48:32:bf:42:d0:63:1a:00:25:70:99:2f:30:62:69:6e:f4:70: 02:2b:67:e2:3f:a9:44:14:c8:49:0f:2a:24:51:04:ba:a9:2f: 71:1e:bb:18:cb:ee:ce:3b:45:4c:c6:07:c8:06:25:1d:66:cf: 45:1c:cf:8e:32:03:9b:ed:35:94:e9:a7:47:8e:14:70:5a:a2: 91:06:54:15:00:25:3d:57:ac:f4:48:1c:47:80:49:45:92:f7: 6e:42:ce:8c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUPOibGCFvjLl5ZMCrMuGfBey2M5EwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyNjAwMDAwN1oX DTI2MDUyNzIzNTk1OVowejFJMEcGA1UEBRNAZWZlYThhYWQyZWFjYzFmZTM0ZmQw MGRmYWJkOTE1NmE1NTM1ZWM5NmQ2ZDNiNTA1ZWZhOTVlNGFjNWNkN2UyYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxS/LlFQlpQWSu5pfqyocBKXrjcQ7 a2DXYZ5Z2uty/6LuqEUrdzKVKBGCIi+C3Q/dxwj5mjVSJz5eEb0/qGzW1M3hWU5x 6a9gDdr91OSoPRc+F5ZLMcwiBx07J/xS7ivnUOeolOkrWgmXDQM0/E+KV/urrLPg 1/MLdMfhBpuWHH+w9GNh8w5EBEAEgUKYC346az0+YbHzA/ErLWEDTSaCUfZyQk/g ngBlwIZmXPTso2d0UGkSgsYBsi3yjPuhVOhvX8JV54cYNGdS2BMxRoOLJ243tLaX a7NIdntPZxM6zYmSpeSALrHJuraXJRRxZeQv3tIewebWFliwVH34HR2yRQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFK0GANp4FmG4mhOjI18EkOXxnBYpMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJjY2MyZmVjLWE3ZDItNDllZC04NDk3LTc1MzM4YzFiNTY4ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7QgwDQYJKoZIhvcNAQELBQADggEBAEd0Rlrjwir+GSGwLWXp a/W4qYveconh3vKTVgfBGnPYhxsnfHl1Nb5yMqwRsDqraCWKDHWEHQ6Dgw38vqUO oXIhO++4ILzXBnbDaZr76PWQ5HhsdHRE75Se0tYayj/Ug4gCUbKe2S/aWRUP8jZU eorMGQr7tUJ+2I2AXAei04EItxyi2grtQE5v1EHSHZA2W6zxQHA9au4b+tKAoc25 IpZZRUgyv0LQYxoAJXCZLzBiaW70cAIrZ+I/qUQUyEkPKiRRBLqpL3EeuxjL7s47 RUzGB8gGJR1mz0Ucz44yA5vtNZTpp0eOFHBaopEGVBUAJT1XrPRIHEeASUWS925C zow= -----END CERTIFICATE-----Generated at Mon Mar 2 15:49:39 2026 by rpki-client