$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/328cea91-878c-4f36-ad16-29b649a79487.roa File: 328cea91-878c-4f36-ad16-29b649a79487.roa (raw, json) Hash identifier: +M8pqnLdWijEaszlXzNAfyUAHRXcXcc8Ns22Y0nXrI8= Subject key identifier: 99:A7:51:76:AB:D2:43:53:E4:D1:B9:EC:65:AB:28:C3:5C:D8:66:27 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1373D532EAF430CE7F6ED7A9930037D3A5EAEADF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/328cea91-878c-4f36-ad16-29b649a79487.roa Signing time: Sat 21 Feb 2026 00:10:15 +0000 ROA not before: Sat 21 Feb 2026 00:10:15 +0000 ROA not after: Fri 22 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:c8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:73:d5:32:ea:f4:30:ce:7f:6e:d7:a9:93:00:37:d3:a5:ea:ea:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 21 00:10:15 2026 GMT Not After : May 22 23:59:59 2026 GMT Subject: serialNumber=38c235028502f635aa602088ce9c7ee3d33c4c30f8272329a1c821cadeb58082, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:f4:2e:b7:7e:fb:61:47:9e:cc:d3:17:43:50: c1:b5:71:68:96:ff:c9:07:af:36:6f:50:94:08:3b: a2:35:e9:f8:b1:b7:dc:71:29:f8:5d:14:38:7e:7c: 1f:6c:f2:39:87:2b:a0:5b:aa:4b:bd:15:96:87:0f: da:06:ee:1e:88:20:be:9f:c9:1a:cb:2c:64:11:48: d8:5d:11:a5:5d:bc:5c:25:4a:35:f9:aa:97:2f:9f: 4f:8f:de:46:61:e2:49:40:cb:fe:69:6a:47:1c:82: 23:a9:87:b2:11:db:3b:6b:4e:4b:81:aa:61:ff:d8: 09:e1:63:c6:86:ca:ad:6c:9c:99:70:eb:b7:8c:53: b2:ed:71:5e:ca:dc:24:f2:18:dc:45:e4:5c:32:43: 29:d8:fa:ab:34:7f:ee:8f:5a:7e:86:91:1d:75:65: ea:7a:66:10:f7:53:fc:6c:13:07:f4:8e:15:af:a3: a7:40:34:66:63:b8:22:56:ce:1f:96:13:a7:f8:24: 20:e6:ac:d1:65:87:cb:a9:32:08:7d:70:5d:fa:0b: a1:27:fa:19:3f:9b:26:01:41:5b:d2:37:29:a2:ff: e4:72:6e:33:99:08:67:65:17:8c:8c:3d:b5:ba:d9: 86:55:92:ad:7e:33:e4:f8:86:38:6e:09:46:74:67: 64:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:A7:51:76:AB:D2:43:53:E4:D1:B9:EC:65:AB:28:C3:5C:D8:66:27 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/328cea91-878c-4f36-ad16-29b649a79487.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:c8c0::/48 Signature Algorithm: sha256WithRSAEncryption 1f:97:39:66:f7:a4:3b:62:87:ab:fb:da:99:0d:15:21:62:92: a8:2a:be:97:cc:1f:f4:37:52:4a:33:88:1b:42:34:8b:3e:a1: ff:59:ee:8e:6a:df:6c:ed:78:d5:a8:36:fc:0f:f7:14:dc:08: 75:3a:ad:18:6f:7b:9e:33:28:6b:17:2d:9a:10:5d:b6:4d:a3: bc:6b:c4:57:cd:84:a6:53:a1:70:2b:39:64:40:69:f8:f7:77: 5c:7f:32:a3:2d:30:5a:2b:b9:42:fc:cc:f0:0e:11:25:79:f7: b3:d1:33:ec:d4:e6:ea:dc:c5:16:50:64:f7:3b:f6:92:14:df: bf:20:c4:12:89:02:ca:7c:a1:41:a7:ab:53:42:99:13:fe:90: 14:51:8f:91:8d:66:5a:61:09:51:62:2d:18:23:1c:90:76:b9: 42:bb:dc:f9:eb:69:9b:46:ae:27:25:f2:9e:25:ab:68:9a:0c: 26:f9:6c:ec:cb:26:53:10:80:b4:76:ad:4b:6d:72:58:d7:3f: 06:ac:4a:83:84:3d:97:f0:3d:6a:f5:ae:9a:6d:ae:15:fa:33: 0e:49:18:4b:1b:81:c5:7a:de:94:89:59:28:38:c4:ad:c6:b0: 58:fb:73:c8:41:94:61:f5:38:8a:a2:6e:fd:87:2a:b2:92:a2: ca:f7:f3:bb -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUE3PVMur0MM5/btepkwA306Xq6t8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMTAwMTAxNVoX DTI2MDUyMjIzNTk1OVowejFJMEcGA1UEBRNAMzhjMjM1MDI4NTAyZjYzNWFhNjAy MDg4Y2U5YzdlZTNkMzNjNGMzMGY4MjcyMzI5YTFjODIxY2FkZWI1ODA4MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfQut377YUeezNMXQ1DBtXFolv/J B682b1CUCDuiNen4sbfccSn4XRQ4fnwfbPI5hyugW6pLvRWWhw/aBu4eiCC+n8ka yyxkEUjYXRGlXbxcJUo1+aqXL59Pj95GYeJJQMv+aWpHHIIjqYeyEds7a05Lgaph /9gJ4WPGhsqtbJyZcOu3jFOy7XFeytwk8hjcReRcMkMp2PqrNH/uj1p+hpEddWXq emYQ91P8bBMH9I4Vr6OnQDRmY7giVs4flhOn+CQg5qzRZYfLqTIIfXBd+guhJ/oZ P5smAUFb0jcpov/kcm4zmQhnZReMjD21utmGVZKtfjPk+IY4bglGdGdkRQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJmnUXar0kNT5NG57GWrKMNc2GYnMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMyOGNlYTkxLTg3OGMtNGYzNi1hZDE2LTI5YjY0OWE3OTQ4Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/8jAMA0GCSqGSIb3DQEBCwUAA4IBAQAflzlm96Q7Yoer+9qZ DRUhYpKoKr6XzB/0N1JKM4gbQjSLPqH/We6Oat9s7XjVqDb8D/cU3Ah1Oq0Yb3ue MyhrFy2aEF22TaO8a8RXzYSmU6FwKzlkQGn493dcfzKjLTBaK7lC/MzwDhElefez 0TPs1Obq3MUWUGT3O/aSFN+/IMQSiQLKfKFBp6tTQpkT/pAUUY+RjWZaYQlRYi0Y IxyQdrlCu9z562mbRq4nJfKeJatomgwm+WzsyyZTEIC0dq1LbXJY1z8GrEqDhD2X 8D1q9a6aba4V+jMOSRhLG4HFet6UiVkoOMStxrBY+3PIQZRh9TiKom79hyqykqLK 9/O7 -----END CERTIFICATE-----Generated at Sun Mar 1 22:20:30 2026 by rpki-client