$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35c40aab-f83d-41b2-947a-e29a7ed6818f.roa File: 35c40aab-f83d-41b2-947a-e29a7ed6818f.roa (raw, json) Hash identifier: DnzIPPArhenVLuyki1/+yOm8nEb14g/O1TwhUru6qNA= Subject key identifier: 7F:9B:94:3F:63:04:F3:D4:D8:53:A0:F0:B3:62:5C:1F:D1:B0:EC:99 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5BCB10B376B7064B2DC45A9331D6D9BB5E645E0E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35c40aab-f83d-41b2-947a-e29a7ed6818f.roa Signing time: Tue 24 Feb 2026 00:00:05 +0000 ROA not before: Tue 24 Feb 2026 00:00:05 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:cb:10:b3:76:b7:06:4b:2d:c4:5a:93:31:d6:d9:bb:5e:64:5e:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 24 00:00:05 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=280a907ddf469a7eec11718be0a2f4a8cb7020d8e5e2c2266f4184733e65907b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:82:70:f1:94:a2:b1:61:5f:5b:7a:09:ec:bb: 23:1c:e7:2f:97:67:99:46:dc:53:dc:9f:da:3e:c5: 7e:d2:f0:1d:14:9e:e9:1c:de:af:ee:81:d4:cb:f0: 4f:8f:f6:76:97:9a:72:58:a4:d9:94:63:a5:0c:30: 20:3d:1a:81:7f:c5:91:9c:2b:91:22:75:7e:f8:33: 73:52:43:5d:16:7b:9b:02:be:92:d1:0d:50:3a:79: 23:5b:81:51:00:4b:14:22:e2:e2:db:4e:7f:f5:b8: 27:b3:20:56:79:4e:07:4f:5c:a7:7e:6d:39:e5:64: a2:0f:ec:8d:bb:6a:c7:13:ff:dc:52:fe:4c:24:5b: a9:f6:db:67:18:1d:b3:a0:27:10:c1:75:1b:67:b6: 33:7d:64:3c:99:65:2f:9d:43:35:80:6a:57:c9:99: cf:91:d1:79:e7:fa:24:22:63:ed:f1:21:82:72:a0: 81:0f:24:fd:c2:ca:d5:f3:ea:1f:d7:11:85:b8:21: 20:ae:c1:08:e6:f6:2d:8c:86:bd:1e:14:8a:73:c3: 16:81:91:31:4b:54:ca:8b:31:4d:6c:6d:e0:e1:b2: a0:ce:ab:28:07:e3:9a:c0:dd:d9:01:e7:ab:f7:97: a9:41:ed:f5:32:2e:df:28:88:bc:19:1e:db:2d:3d: 3a:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:9B:94:3F:63:04:F3:D4:D8:53:A0:F0:B3:62:5C:1F:D1:B0:EC:99 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35c40aab-f83d-41b2-947a-e29a7ed6818f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8::/32 Signature Algorithm: sha256WithRSAEncryption 2d:96:0a:68:a9:48:22:a5:65:84:58:7d:96:58:fb:1e:59:87: b5:5d:bf:5d:19:c2:29:c9:09:43:10:0f:6b:7f:56:e3:16:84: 29:71:9d:a1:d2:72:5f:68:c7:e1:b9:eb:d2:be:4c:75:e6:30: 58:2b:c8:2c:8b:a4:52:bb:67:67:ef:f2:cd:c5:e6:a0:cb:ad: 80:3a:54:1f:54:d1:3f:e4:c9:ee:0d:ba:bc:85:b1:67:b7:1e: f3:e1:24:a8:8b:48:73:15:b1:a3:f7:1a:cc:12:75:1d:d7:98: 3b:67:c9:e3:a5:c2:36:0d:e4:6b:75:16:90:37:2c:b3:44:f8: 9f:74:c5:76:0b:8a:5b:3f:8e:e1:06:11:82:59:25:73:32:56: 77:e5:58:9c:29:94:49:ac:d3:2e:3e:c2:11:63:16:17:e1:53: b7:f1:41:85:9b:d7:28:0a:46:96:10:4a:d6:e9:b4:47:23:18: 71:94:d3:f2:00:f3:5a:4f:b9:0d:d2:8d:0e:68:fb:4b:5d:f5: b8:a9:d1:ad:cc:69:8f:4f:83:2e:08:67:68:ac:6e:cc:f2:e4: bf:b9:f4:fe:8e:15:be:4d:6e:b4:e9:94:66:a6:57:52:63:9d: eb:ae:bd:db:67:65:f1:e6:b3:bd:09:f4:58:43:8d:71:7b:8e: 5f:f4:0c:c8 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUW8sQs3a3BkstxFqTMdbZu15kXg4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyNDAwMDAwNVoX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAMjgwYTkwN2RkZjQ2OWE3ZWVjMTE3 MThiZTBhMmY0YThjYjcwMjBkOGU1ZTJjMjI2NmY0MTg0NzMzZTY1OTA3YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIJw8ZSisWFfW3oJ7LsjHOcvl2eZ RtxT3J/aPsV+0vAdFJ7pHN6v7oHUy/BPj/Z2l5pyWKTZlGOlDDAgPRqBf8WRnCuR InV++DNzUkNdFnubAr6S0Q1QOnkjW4FRAEsUIuLi205/9bgnsyBWeU4HT1ynfm05 5WSiD+yNu2rHE//cUv5MJFup9ttnGB2zoCcQwXUbZ7YzfWQ8mWUvnUM1gGpXyZnP kdF55/okImPt8SGCcqCBDyT9wsrV8+of1xGFuCEgrsEI5vYtjIa9HhSKc8MWgZEx S1TKizFNbG3g4bKgzqsoB+OawN3ZAeer95epQe31Mi7fKIi8GR7bLT06CwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFH+blD9jBPPU2FOg8LNiXB/RsOyZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM1YzQwYWFiLWY4M2QtNDFiMi05NDdhLWUyOWE3ZWQ2ODE4Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAbauDANBgkqhkiG9w0BAQsFAAOCAQEALZYKaKlIIqVlhFh9llj7 HlmHtV2/XRnCKckJQxAPa39W4xaEKXGdodJyX2jH4bnr0r5MdeYwWCvILIukUrtn Z+/yzcXmoMutgDpUH1TRP+TJ7g26vIWxZ7ce8+EkqItIcxWxo/cazBJ1HdeYO2fJ 46XCNg3ka3UWkDcss0T4n3TFdguKWz+O4QYRglklczJWd+VYnCmUSazTLj7CEWMW F+FTt/FBhZvXKApGlhBK1um0RyMYcZTT8gDzWk+5DdKNDmj7S131uKnRrcxpj0+D LghnaKxuzPLkv7n0/o4Vvk1utOmUZqZXUmOd666922dl8eazvQn0WEONcXuOX/QM yA== -----END CERTIFICATE-----Generated at Mon Mar 2 03:22:37 2026 by rpki-client