$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a6f01f1-bc5b-473d-a12f-7f0ffed5f4fb.roa File: 3a6f01f1-bc5b-473d-a12f-7f0ffed5f4fb.roa (raw, json) Hash identifier: IioJ/J06kQ75hXRtfRLh0QgKjdBjwOXU8T29JQesNeQ= Subject key identifier: FC:8D:D4:94:E9:22:9B:D4:DC:BC:CC:49:DF:DD:0C:62:41:A3:AB:F8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 27815D46EB806EA4AB357D5FCC7AF6A03247A3ED Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a6f01f1-bc5b-473d-a12f-7f0ffed5f4fb.roa Signing time: Fri 20 Feb 2026 00:30:16 +0000 ROA not before: Fri 20 Feb 2026 00:30:16 +0000 ROA not after: Thu 21 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:c880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:81:5d:46:eb:80:6e:a4:ab:35:7d:5f:cc:7a:f6:a0:32:47:a3:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 20 00:30:16 2026 GMT Not After : May 21 23:59:59 2026 GMT Subject: serialNumber=7ea66e149a55d98fb98bb25f745a01f842c4b79983db0f75d15be4870d2b9106, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:af:13:3d:48:b7:2e:af:cd:dc:fa:1c:ec:ef: eb:56:1a:7f:58:04:2d:9e:e8:3d:a5:12:0a:96:55: b4:02:26:e3:be:29:52:7f:13:17:4b:45:91:b3:dd: df:b4:47:05:ff:78:05:41:b1:38:18:1b:37:58:9a: 80:7b:a1:77:8f:0e:b7:7d:b1:50:60:e7:97:e1:4f: 4a:08:c7:e0:0c:98:00:21:1e:b9:8f:ff:26:75:d5: 8e:e7:08:2c:67:4e:ed:f6:26:14:11:c6:b6:c9:f3: 55:4f:a3:f1:97:d2:74:a5:8a:f1:1c:aa:48:ae:43: 12:99:88:79:06:3e:6d:cb:3e:9b:72:44:4b:72:38: 65:55:22:b1:c8:ec:6a:39:d6:18:dd:dd:81:a1:df: 44:04:b9:62:68:ac:4b:e5:fe:0b:a2:15:97:bc:3b: f0:de:c1:31:52:ad:f9:60:d9:52:93:8b:47:06:32: 57:46:dd:d8:25:52:6a:2d:c0:b8:ac:58:41:cf:6d: c2:81:13:bd:e0:57:2f:ff:14:f9:11:fe:86:74:51: 38:dd:0c:07:db:0e:ba:3d:c2:9e:50:a2:ff:9e:79: 26:d3:37:b0:c6:1e:0b:63:00:d4:cd:28:cc:7b:65: 82:56:13:b0:8c:dc:86:78:00:52:7d:fa:b0:d2:a5: d4:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:8D:D4:94:E9:22:9B:D4:DC:BC:CC:49:DF:DD:0C:62:41:A3:AB:F8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a6f01f1-bc5b-473d-a12f-7f0ffed5f4fb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:c880::/48 Signature Algorithm: sha256WithRSAEncryption 71:95:ee:1f:46:cc:62:48:b6:2c:7a:9f:0b:9c:8f:3a:11:fd: ce:65:cf:e5:63:c5:c4:ef:ad:ef:54:96:69:23:3f:e2:35:6d: 5d:df:29:ed:70:bc:02:a4:45:78:ae:59:87:5c:00:68:ea:bb: 4f:98:a9:e6:4f:40:0c:88:95:90:9a:79:7e:16:4f:5e:8c:c6: 94:c8:37:61:1b:9d:4e:48:8c:fa:80:c1:0d:3e:f4:1e:55:1f: 47:69:87:24:47:9c:1d:72:73:e7:5d:98:1a:f4:12:ab:41:57: 56:7f:a1:c7:a3:4d:9e:6f:10:01:df:6f:4b:da:35:13:e3:ea: 09:57:96:04:02:89:97:6f:b8:70:7f:7c:af:61:99:06:ee:9b: b7:bc:de:ab:c8:92:45:2c:79:f4:58:20:c7:9e:c4:86:3f:79: 4a:9f:40:4d:8d:51:2a:08:95:57:34:d7:a8:23:47:2e:19:95: 2b:4d:84:67:c7:b9:74:e9:1f:ef:1f:01:9b:8d:43:39:e0:d9: 92:c1:fd:88:73:3d:62:73:fd:3f:57:4f:bb:68:cd:d4:ef:8f: 7a:bd:80:b9:88:5a:1a:d1:92:62:69:11:b5:72:f9:fe:16:6a: 6a:5f:81:4c:3a:8f:68:3e:1d:79:f5:73:2d:29:32:ef:5f:22: af:f4:76:2e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUJ4FdRuuAbqSrNX1fzHr2oDJHo+0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMDAwMzAxNloX DTI2MDUyMTIzNTk1OVowejFJMEcGA1UEBRNAN2VhNjZlMTQ5YTU1ZDk4ZmI5OGJi MjVmNzQ1YTAxZjg0MmM0Yjc5OTgzZGIwZjc1ZDE1YmU0ODcwZDJiOTEwNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtK8TPUi3Lq/N3Poc7O/rVhp/WAQt nug9pRIKllW0AibjvilSfxMXS0WRs93ftEcF/3gFQbE4GBs3WJqAe6F3jw63fbFQ YOeX4U9KCMfgDJgAIR65j/8mddWO5wgsZ07t9iYUEca2yfNVT6Pxl9J0pYrxHKpI rkMSmYh5Bj5tyz6bckRLcjhlVSKxyOxqOdYY3d2Bod9EBLliaKxL5f4LohWXvDvw 3sExUq35YNlSk4tHBjJXRt3YJVJqLcC4rFhBz23CgRO94Fcv/xT5Ef6GdFE43QwH 2w66PcKeUKL/nnkm0zewxh4LYwDUzSjMe2WCVhOwjNyGeABSffqw0qXUUwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFPyN1JTpIpvU3LzMSd/dDGJBo6v4MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNhNmYwMWYxLWJjNWItNDczZC1hMTJmLTdmMGZmZWQ1ZjRmYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8siAMA0GCSqGSIb3DQEBCwUAA4IBAQBxle4fRsxiSLYsep8L nI86Ef3OZc/lY8XE763vVJZpIz/iNW1d3yntcLwCpEV4rlmHXABo6rtPmKnmT0AM iJWQmnl+Fk9ejMaUyDdhG51OSIz6gMENPvQeVR9HaYckR5wdcnPnXZga9BKrQVdW f6HHo02ebxAB329L2jUT4+oJV5YEAomXb7hwf3yvYZkG7pu3vN6ryJJFLHn0WCDH nsSGP3lKn0BNjVEqCJVXNNeoI0cuGZUrTYRnx7l06R/vHwGbjUM54NmSwf2Icz1i c/0/V0+7aM3U7496vYC5iFoa0ZJiaRG1cvn+FmpqX4FMOo9oPh159XMtKTLvXyKv 9HYu -----END CERTIFICATE-----Generated at Sun Mar 1 21:54:45 2026 by rpki-client