$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3cf33701-1ea5-43c6-b291-763d0e06817e.roa File: 3cf33701-1ea5-43c6-b291-763d0e06817e.roa (raw, json) Hash identifier: FWAPtrfPdsSJ4M+s9CdF8A7ZtKfztMcQ3rz18biK/yE= Subject key identifier: E5:99:1E:2E:23:7C:88:84:20:35:8D:ED:EA:E2:3F:97:6F:B2:A2:DA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 34BF4268D3399F2AE607B7F36A77E65267A9C6D7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3cf33701-1ea5-43c6-b291-763d0e06817e.roa Signing time: Sun 22 Feb 2026 00:11:03 +0000 ROA not before: Sun 22 Feb 2026 00:11:03 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1c:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:bf:42:68:d3:39:9f:2a:e6:07:b7:f3:6a:77:e6:52:67:a9:c6:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:11:03 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=bb45693e828518daab0dacef973ee56c403e25a920b7519f01579afa4c9d61b2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:68:a6:8b:a7:64:1d:c9:57:73:e1:f2:cc:b8: 22:8b:7b:69:99:99:3d:5e:6b:ce:c8:55:95:f8:9e: 8d:26:19:5a:13:59:f8:a6:27:29:b5:08:f1:20:a3: 5d:17:67:b2:37:63:4b:45:7f:40:ad:c7:dc:cb:2b: 0b:75:b2:70:78:9c:79:0a:08:98:83:fc:eb:6f:60: 5d:14:57:41:21:9d:8b:32:4a:42:1c:c0:09:42:64: 0b:60:01:0a:e7:81:a6:b0:b3:6c:ec:81:54:4c:4c: da:2a:e0:aa:54:eb:61:ad:47:89:09:3f:b3:09:48: 34:48:06:15:a9:09:cc:c9:bd:6a:08:47:71:fd:de: 39:1d:ba:fe:87:ec:1c:62:02:01:bf:5c:7c:c8:c6: 1a:c6:2a:de:5b:eb:73:7e:ce:ca:df:d7:94:49:31: 4f:09:44:83:49:ec:bb:f7:a2:6c:6d:c7:ce:db:c3: ff:9e:bb:03:77:f5:ab:5c:bc:20:68:0a:86:d0:fa: 74:7d:47:c5:f1:02:e6:22:b4:4c:76:ff:bd:cb:07: 56:86:f4:e2:2f:2d:a9:ad:9c:32:a6:5b:e6:7f:eb: 6a:63:2f:b7:68:75:e2:79:db:0d:96:aa:12:7c:e7: d1:14:f5:d0:9d:d5:23:a0:c6:38:76:1e:52:5c:df: bc:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:99:1E:2E:23:7C:88:84:20:35:8D:ED:EA:E2:3F:97:6F:B2:A2:DA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3cf33701-1ea5-43c6-b291-763d0e06817e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1c:400::/38 Signature Algorithm: sha256WithRSAEncryption 42:1e:9e:96:ed:12:3f:c2:98:b3:c9:39:f7:f9:7d:52:38:3c: 2e:94:be:32:a7:41:e5:e8:4d:75:47:3c:7c:68:17:91:ef:fa: 82:35:d8:4b:64:ce:25:a5:cc:62:63:da:62:ab:88:58:5a:a3: 7c:a4:dd:e9:5b:73:47:80:d8:ac:d1:94:ed:64:25:fa:1e:a7: 3b:24:f0:c3:67:32:91:36:20:83:e0:f9:a0:35:3b:ac:a2:5b: 89:69:2b:fe:2f:3e:dd:05:0d:7d:88:44:56:34:e0:98:be:50: 92:69:c6:23:a5:1e:c2:2e:59:39:7c:69:33:28:71:91:a0:65: ce:e9:9d:a6:17:80:dd:cf:4f:1d:6a:af:ae:f9:f0:a9:21:5c: 90:a7:71:b9:1c:1e:82:01:f6:f1:c4:00:3e:7b:b1:c2:9c:e0: 0e:ff:e5:e7:28:d9:d0:05:f2:b8:ac:c0:39:ca:74:ce:83:de: 8b:4c:51:57:f0:03:1d:9c:b5:a0:b3:d0:e3:03:b3:20:dc:7c: 9a:0a:50:fb:ee:64:6f:a5:ea:a7:ab:c5:1d:a6:af:2b:2c:ab: bb:ca:a4:27:20:b1:ee:39:7d:97:4e:cb:e1:b2:55:2c:1d:49: 9c:c7:3a:0d:d9:94:fe:4d:aa:91:a1:4e:0d:ef:45:a7:3b:ab: 46:1e:af:e4 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNL9CaNM5nyrmB7fzanfmUmepxtcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMTEwM1oX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAYmI0NTY5M2U4Mjg1MThkYWFiMGRh Y2VmOTczZWU1NmM0MDNlMjVhOTIwYjc1MTlmMDE1NzlhZmE0YzlkNjFiMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGimi6dkHclXc+HyzLgii3tpmZk9 XmvOyFWV+J6NJhlaE1n4picptQjxIKNdF2eyN2NLRX9ArcfcyysLdbJweJx5CgiY g/zrb2BdFFdBIZ2LMkpCHMAJQmQLYAEK54GmsLNs7IFUTEzaKuCqVOthrUeJCT+z CUg0SAYVqQnMyb1qCEdx/d45Hbr+h+wcYgIBv1x8yMYaxireW+tzfs7K39eUSTFP CUSDSey796JsbcfO28P/nrsDd/WrXLwgaAqG0Pp0fUfF8QLmIrRMdv+9ywdWhvTi Ly2prZwyplvmf+tqYy+3aHXiedsNlqoSfOfRFPXQndUjoMY4dh5SXN+8xwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOWZHi4jfIiEIDWN7eriP5dvsqLaMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNjZjMzNzAxLTFlYTUtNDNjNi1iMjkxLTc2M2QwZTA2ODE3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaHAQwDQYJKoZIhvcNAQELBQADggEBAEIenpbtEj/CmLPJOff5 fVI4PC6UvjKnQeXoTXVHPHxoF5Hv+oI12EtkziWlzGJj2mKriFhao3yk3elbc0eA 2KzRlO1kJfoepzsk8MNnMpE2IIPg+aA1O6yiW4lpK/4vPt0FDX2IRFY04Ji+UJJp xiOlHsIuWTl8aTMocZGgZc7pnaYXgN3PTx1qr6758KkhXJCncbkcHoIB9vHEAD57 scKc4A7/5eco2dAF8riswDnKdM6D3otMUVfwAx2ctaCz0OMDsyDcfJoKUPvuZG+l 6qerxR2mryssq7vKpCcgse45fZdOy+GyVSwdSZzHOg3ZlP5NqpGhTg3vRac7q0Ye r+Q= -----END CERTIFICATE-----Generated at Sun Mar 1 23:53:24 2026 by rpki-client