$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/38ae37ad-50db-4547-8df2-8cdcc56e5ca1.roa File: 38ae37ad-50db-4547-8df2-8cdcc56e5ca1.roa (raw, json) Hash identifier: jTOVi8er1QuShnGseqSeaWDsmp+vqgB8N1ikXTveTZI= Subject key identifier: 19:4E:93:8C:A5:23:71:D0:59:C5:74:D9:E5:E7:22:BE:A1:2D:5A:96 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 19928D6C9D9E314FA617FFB4090A6E178917214C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/38ae37ad-50db-4547-8df2-8cdcc56e5ca1.roa Signing time: Sun 22 Feb 2026 00:21:15 +0000 ROA not before: Sun 22 Feb 2026 00:21:15 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:92:8d:6c:9d:9e:31:4f:a6:17:ff:b4:09:0a:6e:17:89:17:21:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:21:15 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=e2b9fd2d6dfa174939c375b67702067779869a2856804c45fdf79fc2159af87c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:b6:3f:22:3a:fc:2a:ce:35:42:e6:f2:60:be: 95:05:a0:10:65:1f:99:09:68:40:3e:eb:47:42:dc: 68:d2:14:f3:63:e2:64:52:11:b9:e2:4c:06:58:0b: 2d:a3:18:32:90:08:87:9d:cc:8d:10:83:11:16:25: b0:69:7e:45:a7:90:61:ae:44:fc:d4:a7:19:96:cc: 07:b6:50:f5:2b:da:35:27:5d:44:8c:da:a6:98:e3: 6b:18:bf:af:4e:07:fd:23:17:78:55:c3:3a:37:69: 11:15:a8:71:53:c7:37:88:26:2b:04:c6:79:b1:64: f9:f8:9b:d5:72:f3:02:23:d0:e3:fd:4e:87:eb:58: 1d:a9:0d:e3:21:a6:76:e6:4d:e7:23:60:1a:a0:19: 72:5e:ca:66:5b:78:92:56:9b:98:ba:f8:80:95:79: d1:3c:36:5f:6a:68:05:7a:e8:30:2c:b3:f9:59:a7: 52:ad:46:e0:50:c0:4e:8e:90:2d:42:b9:a0:d2:25: 13:93:41:f7:c6:3e:05:26:ec:50:53:ec:a1:5b:c4: 05:6a:79:dc:2f:fa:d7:7f:47:ce:e4:d5:e6:4a:a8: de:43:e6:c9:07:8f:f1:73:9b:0a:2c:a1:18:1a:8a: 78:8b:14:8b:7a:1b:06:72:39:7e:93:73:ef:d6:8a: d2:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:4E:93:8C:A5:23:71:D0:59:C5:74:D9:E5:E7:22:BE:A1:2D:5A:96 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/38ae37ad-50db-4547-8df2-8cdcc56e5ca1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32::/32 Signature Algorithm: sha256WithRSAEncryption 3b:1c:0e:4a:0f:a8:6d:c7:28:b0:34:d7:d6:a7:6d:03:a1:23: bd:13:58:a7:fd:63:b3:93:b6:af:8e:9d:a5:43:15:c8:48:13: 26:ca:48:8f:b7:73:ba:fb:b0:f8:03:18:7e:c7:83:59:5c:fd: 25:34:74:7c:7f:20:d2:29:5c:92:db:1d:d0:05:91:fe:20:f7: 8e:75:30:ae:97:8a:ae:3d:7f:2a:f8:8c:3a:18:b0:09:f3:e7: 43:ef:7e:fb:ed:04:04:89:fe:a8:17:47:89:d9:e2:21:22:83: 92:b3:af:93:ac:cf:e1:7b:6b:ab:3d:60:6f:23:c2:3f:18:32: 7d:fa:2e:2b:7d:84:60:cd:91:4d:86:3d:44:ed:ef:26:6d:e2: bd:60:34:3f:bc:4c:89:cb:0c:25:eb:95:4c:ef:0c:be:84:e7: 52:9d:d7:7e:a5:db:92:49:18:74:68:ea:62:24:64:16:b9:ab: 84:41:47:94:78:5e:69:7e:d1:ac:22:1a:89:18:3f:29:c2:0c: cb:46:9e:ea:2b:6b:dd:5e:a8:63:0c:64:bb:4a:25:72:7d:ab: e7:60:1f:ce:3d:d1:f3:85:d4:69:6c:b0:bb:2e:6d:ec:57:bb: f1:6f:f2:4b:f8:e0:92:5a:55:73:5a:c8:b7:83:b4:a3:ae:68: 18:bf:c1:b4 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUGZKNbJ2eMU+mF/+0CQpuF4kXIUwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMjExNVoX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAZTJiOWZkMmQ2ZGZhMTc0OTM5YzM3 NWI2NzcwMjA2Nzc3OTg2OWEyODU2ODA0YzQ1ZmRmNzlmYzIxNTlhZjg3YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbY/Ijr8Ks41QubyYL6VBaAQZR+Z CWhAPutHQtxo0hTzY+JkUhG54kwGWAstoxgykAiHncyNEIMRFiWwaX5Fp5BhrkT8 1KcZlswHtlD1K9o1J11EjNqmmONrGL+vTgf9Ixd4VcM6N2kRFahxU8c3iCYrBMZ5 sWT5+JvVcvMCI9Dj/U6H61gdqQ3jIaZ25k3nI2AaoBlyXspmW3iSVpuYuviAlXnR PDZfamgFeugwLLP5WadSrUbgUMBOjpAtQrmg0iUTk0H3xj4FJuxQU+yhW8QFannc L/rXf0fO5NXmSqjeQ+bJB4/xc5sKLKEYGop4ixSLehsGcjl+k3Pv1orSSwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFBlOk4ylI3HQWcV02eXnIr6hLVqWMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM4YWUzN2FkLTUwZGItNDU0Ny04ZGYyLThjZGNjNTZlNWNhMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAbaMjANBgkqhkiG9w0BAQsFAAOCAQEAOxwOSg+obccosDTX1qdt A6EjvRNYp/1js5O2r46dpUMVyEgTJspIj7dzuvuw+AMYfseDWVz9JTR0fH8g0ilc ktsd0AWR/iD3jnUwrpeKrj1/KviMOhiwCfPnQ+9+++0EBIn+qBdHidniISKDkrOv k6zP4Xtrqz1gbyPCPxgyffouK32EYM2RTYY9RO3vJm3ivWA0P7xMicsMJeuVTO8M voTnUp3XfqXbkkkYdGjqYiRkFrmrhEFHlHheaX7RrCIaiRg/KcIMy0ae6itr3V6o Ywxku0olcn2r52Afzj3R84XUaWywuy5t7Fe78W/yS/jgklpVc1rIt4O0o65oGL/B tA== -----END CERTIFICATE-----Generated at Sun Mar 1 23:41:06 2026 by rpki-client