$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2f724fc4-af92-4f6e-9781-835f37854eec.roa File: 2f724fc4-af92-4f6e-9781-835f37854eec.roa (raw, json) Hash identifier: OLbpdVRoKhIx05S+mDyKTwGREyz/bkF3nDL1RKnplq8= Subject key identifier: 23:FB:7C:53:3D:AF:47:64:96:72:FF:AD:6A:DC:40:05:19:D4:C3:31 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7E8BF9250A9D8FB535808B4AAF89635777CD972F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2f724fc4-af92-4f6e-9781-835f37854eec.roa Signing time: Sun 22 Feb 2026 00:30:32 +0000 ROA not before: Sun 22 Feb 2026 00:30:32 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1f:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:8b:f9:25:0a:9d:8f:b5:35:80:8b:4a:af:89:63:57:77:cd:97:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:30:32 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=6a58524fa9aa7967a1b63f94e1da3934a3d44c52e78c27ed9d936f7fb575763f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:b1:6f:22:fc:9b:e7:6a:4d:1f:83:7e:a2:ec: 28:99:f8:24:15:da:2f:b3:2e:a2:16:b1:51:d8:f4: 89:10:3a:07:8f:6f:af:fe:79:5c:af:2d:e1:e1:2b: d1:de:fa:ad:81:b3:c8:f2:34:59:41:46:1d:7f:2d: 63:0e:67:12:b7:be:ee:d4:3f:aa:d4:3b:37:24:11: d2:3f:41:6f:45:45:7b:f8:09:cd:33:a1:08:57:e6: 86:68:6e:9f:64:8b:19:2b:e7:12:56:d2:47:29:36: 3c:31:be:8b:1e:76:fa:0b:86:a4:45:a0:80:93:51: 0f:2e:d0:28:3f:61:cc:35:07:ab:f5:96:b9:3c:48: 08:ac:b8:f4:d0:8c:c6:fc:e0:b0:28:90:55:0c:22: 19:19:3d:39:7d:55:93:ed:37:30:61:0f:97:cb:3b: 8a:65:5f:25:2b:de:ac:1f:3c:dd:f8:57:38:81:5f: 0d:92:4d:dd:84:db:43:c5:dd:88:66:f6:09:01:ae: cc:2c:af:5e:29:41:9c:d2:c5:f7:4d:04:65:ab:6d: b3:84:e5:07:2c:52:33:b4:f1:fc:6a:c8:55:bc:d8: 5d:0f:fc:04:7f:97:d8:a2:ad:4c:11:ac:e6:41:0f: 63:a1:30:3c:ef:d6:e3:a4:d5:fc:66:9d:38:cf:89: 15:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:FB:7C:53:3D:AF:47:64:96:72:FF:AD:6A:DC:40:05:19:D4:C3:31 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2f724fc4-af92-4f6e-9781-835f37854eec.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1f:c00::/38 Signature Algorithm: sha256WithRSAEncryption 4e:67:40:da:03:c2:4f:8f:0d:ff:f1:d3:a0:43:47:28:3a:69: c9:c8:de:d5:84:37:a2:03:79:d7:31:7b:1a:ed:2c:80:29:85: 7b:38:5c:32:24:b1:bf:72:25:c1:d4:19:12:b4:61:e0:24:5f: 69:53:fb:93:ef:14:49:0a:6f:3a:78:d7:54:93:82:c1:88:90: 20:39:bc:46:fe:6d:a0:0a:2c:63:78:94:d4:fd:9c:fd:43:e6: 34:53:ce:c3:24:b3:e4:04:e4:5c:91:c7:6f:9d:64:2c:92:c1: 5c:33:81:7a:28:99:f4:1b:1a:d1:98:8d:cb:d8:0e:95:03:c7: dd:30:b8:4e:3d:5d:cd:f8:bb:21:07:fb:2d:c5:95:ba:b1:65: 28:a3:33:23:d0:61:c4:18:af:57:b0:d3:2f:bc:f2:6d:3f:3c: 30:94:bc:8e:18:3f:89:74:b5:ba:80:20:89:33:bf:b5:d7:b3: 93:6c:38:d9:b9:f1:f3:76:89:46:51:6b:d4:49:61:c0:a5:d8: 26:8b:85:79:10:19:c1:f1:06:0f:29:e6:9f:8f:e2:6e:3f:5a: bb:da:1f:39:83:8b:73:bc:6c:a6:31:12:ef:51:4a:a6:e8:b0: 9f:48:c6:d5:ec:3d:88:9e:ed:d4:83:86:5e:ff:d6:1b:f2:35: c7:e2:e3:54 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfov5JQqdj7U1gItKr4ljV3fNly8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMzAzMloX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNANmE1ODUyNGZhOWFhNzk2N2ExYjYz Zjk0ZTFkYTM5MzRhM2Q0NGM1MmU3OGMyN2VkOWQ5MzZmN2ZiNTc1NzYzZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrFvIvyb52pNH4N+ouwomfgkFdov sy6iFrFR2PSJEDoHj2+v/nlcry3h4SvR3vqtgbPI8jRZQUYdfy1jDmcSt77u1D+q 1Ds3JBHSP0FvRUV7+AnNM6EIV+aGaG6fZIsZK+cSVtJHKTY8Mb6LHnb6C4akRaCA k1EPLtAoP2HMNQer9Za5PEgIrLj00IzG/OCwKJBVDCIZGT05fVWT7TcwYQ+XyzuK ZV8lK96sHzzd+Fc4gV8Nkk3dhNtDxd2IZvYJAa7MLK9eKUGc0sX3TQRlq22zhOUH LFIztPH8ashVvNhdD/wEf5fYoq1MEazmQQ9joTA879bjpNX8Zp04z4kVVQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCP7fFM9r0dklnL/rWrcQAUZ1MMxMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJmNzI0ZmM0LWFmOTItNGY2ZS05NzgxLTgzNWYzNzg1NGVlYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaHwwwDQYJKoZIhvcNAQELBQADggEBAE5nQNoDwk+PDf/x06BD Ryg6acnI3tWEN6IDedcxexrtLIAphXs4XDIksb9yJcHUGRK0YeAkX2lT+5PvFEkK bzp411STgsGIkCA5vEb+baAKLGN4lNT9nP1D5jRTzsMks+QE5FyRx2+dZCySwVwz gXoomfQbGtGYjcvYDpUDx90wuE49Xc34uyEH+y3FlbqxZSijMyPQYcQYr1ew0y+8 8m0/PDCUvI4YP4l0tbqAIIkzv7XXs5NsONm58fN2iUZRa9RJYcCl2CaLhXkQGcHx Bg8p5p+P4m4/WrvaHzmDi3O8bKYxEu9RSqbosJ9IxtXsPYie7dSDhl7/1hvyNcfi 41Q= -----END CERTIFICATE-----Generated at Sun Mar 1 23:49:59 2026 by rpki-client