$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/39a1f0f4-ce79-499f-a3af-a554d10d64e9.roa File: 39a1f0f4-ce79-499f-a3af-a554d10d64e9.roa (raw, json) Hash identifier: +euGX7y/09Yn+c0ZPi4wPUcv32LnEDj7mtsSKA3KqH4= Subject key identifier: A9:E2:D9:A7:10:97:A1:B8:32:55:FB:9F:F0:32:CD:C7:C7:9F:4B:D5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5B1286A441860F92A292DE887A86B0B2992E4984 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/39a1f0f4-ce79-499f-a3af-a554d10d64e9.roa Signing time: Wed 11 Feb 2026 00:21:00 +0000 ROA not before: Wed 11 Feb 2026 00:21:00 +0000 ROA not after: Tue 12 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:12:86:a4:41:86:0f:92:a2:92:de:88:7a:86:b0:b2:99:2e:49:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 11 00:21:00 2026 GMT Not After : May 12 23:59:59 2026 GMT Subject: serialNumber=8c0a4e28a5fe6b3ae719b0152215cc9d34c9d0a5e81d6d0e350bca5d9523cb36, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:90:80:d7:8a:10:99:00:27:bb:27:7d:fb:21: dd:82:ac:52:a5:ba:ea:aa:1e:aa:a9:0f:13:25:44: 36:8d:dd:ea:b9:57:a2:b0:08:41:ec:f7:a3:f5:86: 61:3c:01:50:5d:a1:38:e8:3d:53:05:54:bf:18:22: 36:79:78:78:02:e1:23:63:07:5e:a8:ad:61:59:21: ac:03:90:45:2e:fe:67:86:88:ca:81:ce:69:de:23: 22:f6:c6:c9:5d:9f:48:54:94:7b:f1:38:6b:62:62: 69:98:6b:96:af:52:2e:98:16:d7:bf:74:d8:69:36: 72:10:d7:a2:76:95:d5:f3:24:83:8d:ff:45:48:b9: c6:37:12:f2:77:0d:e2:09:f6:8b:ad:fb:54:8e:c2: c5:24:0a:02:07:39:15:e7:62:a3:8f:54:da:c7:ca: d0:b4:58:9c:9a:82:f8:db:57:30:36:66:19:70:73: 5a:0e:3d:7c:25:14:97:8f:18:c3:fc:38:80:ef:e4: dd:ee:d0:44:10:9c:00:56:ee:f3:41:78:d1:7e:d4: 53:4a:0e:a9:ca:ba:36:75:37:48:2e:30:67:d2:37: 02:ad:0c:14:78:ec:f4:45:49:8e:7f:0b:6d:73:88: 79:57:92:bc:02:d9:d0:1f:5d:56:e1:03:57:01:c0: d8:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:E2:D9:A7:10:97:A1:B8:32:55:FB:9F:F0:32:CD:C7:C7:9F:4B:D5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/39a1f0f4-ce79-499f-a3af-a554d10d64e9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8:4000::/40 Signature Algorithm: sha256WithRSAEncryption 49:69:07:5e:a6:3d:2f:f3:ab:e4:f3:99:26:9d:11:95:4e:14: e3:25:ad:ea:1c:3e:23:7a:57:05:35:07:c8:ef:b2:a4:55:b0: 9d:c6:af:bc:e3:c8:7f:c7:a4:df:d3:8b:bd:2b:05:10:b2:10: ff:1e:8b:08:79:c7:da:f6:b8:d4:13:d5:ae:4f:67:28:2a:38: 79:4f:4c:6d:f3:4f:f3:71:c9:7f:fd:21:8c:46:96:06:be:c3: cf:c2:75:a3:28:9c:9c:0e:a6:5e:35:8c:f0:f1:1a:eb:b9:b9: d3:18:15:95:96:4b:c4:8e:68:9b:cd:9b:df:b8:4c:60:16:b9: 54:20:91:65:5b:09:77:16:8b:0f:4e:99:81:6a:47:70:89:98: 71:9f:31:18:be:75:13:ad:a8:98:f1:81:24:d0:ea:40:c0:25: be:87:8d:37:f0:ab:8c:dd:68:3d:6a:26:a1:dc:24:a2:b5:ac: 6a:2e:ed:a7:5c:73:a1:bb:57:6f:1e:7d:9b:4c:6d:9b:4a:a8: 94:9f:f4:cb:1a:6a:3c:75:48:de:d4:89:66:18:3e:1a:1d:39: bc:55:23:91:8f:84:a9:f4:81:c5:5f:48:91:2b:04:4e:ef:ee: 7d:2f:fe:1e:5d:7b:59:97:96:83:27:25:b5:a0:ac:43:ee:5a: 69:42:59:6c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWxKGpEGGD5Kikt6IeoawspkuSYQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxMTAwMjEwMFoX DTI2MDUxMjIzNTk1OVowejFJMEcGA1UEBRNAOGMwYTRlMjhhNWZlNmIzYWU3MTli MDE1MjIxNWNjOWQzNGM5ZDBhNWU4MWQ2ZDBlMzUwYmNhNWQ5NTIzY2IzNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJCA14oQmQAnuyd9+yHdgqxSpbrq qh6qqQ8TJUQ2jd3quVeisAhB7Pej9YZhPAFQXaE46D1TBVS/GCI2eXh4AuEjYwde qK1hWSGsA5BFLv5nhojKgc5p3iMi9sbJXZ9IVJR78ThrYmJpmGuWr1IumBbXv3TY aTZyENeidpXV8ySDjf9FSLnGNxLydw3iCfaLrftUjsLFJAoCBzkV52Kjj1Tax8rQ tFicmoL421cwNmYZcHNaDj18JRSXjxjD/DiA7+Td7tBEEJwAVu7zQXjRftRTSg6p yro2dTdILjBn0jcCrQwUeOz0RUmOfwttc4h5V5K8AtnQH11W4QNXAcDY3wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKni2acQl6G4MlX7n/AyzcfHn0vVMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzM5YTFmMGY0LWNlNzktNDk5Zi1hM2FmLWE1NTRkMTBkNjRlOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauEAwDQYJKoZIhvcNAQELBQADggEBAElpB16mPS/zq+TzmSad EZVOFOMlreocPiN6VwU1B8jvsqRVsJ3Gr7zjyH/HpN/Ti70rBRCyEP8eiwh5x9r2 uNQT1a5PZygqOHlPTG3zT/NxyX/9IYxGlga+w8/CdaMonJwOpl41jPDxGuu5udMY FZWWS8SOaJvNm9+4TGAWuVQgkWVbCXcWiw9OmYFqR3CJmHGfMRi+dROtqJjxgSTQ 6kDAJb6HjTfwq4zdaD1qJqHcJKK1rGou7adcc6G7V28efZtMbZtKqJSf9Msaajx1 SN7UiWYYPhodObxVI5GPhKn0gcVfSJErBE7v7n0v/h5de1mXloMnJbWgrEPuWmlC WWw= -----END CERTIFICATE-----Generated at Sun Mar 1 21:55:15 2026 by rpki-client