$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4070787c-7920-4341-afdd-98830283493b.roa File: 4070787c-7920-4341-afdd-98830283493b.roa (raw, json) Hash identifier: gGYJgZwFKZOHINeYgDGP3dxMO7aL8X0DfOawKmI3jH8= Subject key identifier: 89:6A:B3:26:1E:3D:34:BF:04:86:0E:13:C0:7F:CD:DD:21:92:BE:2E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 04E954148656F7E8E7B565AF5BAA9CCDBEAB1B76 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4070787c-7920-4341-afdd-98830283493b.roa Signing time: Fri 20 Feb 2026 00:10:04 +0000 ROA not before: Fri 20 Feb 2026 00:10:04 +0000 ROA not after: Thu 21 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:80c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:e9:54:14:86:56:f7:e8:e7:b5:65:af:5b:aa:9c:cd:be:ab:1b:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 20 00:10:04 2026 GMT Not After : May 21 23:59:59 2026 GMT Subject: serialNumber=f1798b3ea5ed8240bfdec5aad8e6fea2fe680ed199f72f724c0f5eeb1f1c8e5c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:45:74:be:12:a6:0c:25:f4:86:c6:bf:e2:a3: 5b:e4:37:45:d8:6f:42:e9:09:71:64:01:92:03:8b: 08:2f:9e:2b:69:3c:72:b2:8f:b1:4b:e8:b3:7b:7f: fd:4c:70:25:23:5a:58:91:fd:27:19:71:08:ed:de: 16:77:54:7c:80:6d:85:7a:23:d0:77:5b:36:57:2a: 39:e6:c4:ec:a4:45:f4:5c:85:5f:de:01:93:4f:d4: ff:7d:50:f5:c3:3b:88:31:c5:8e:8a:f9:80:17:95: 4a:77:bd:2a:d1:7d:e1:6f:de:7d:c3:80:04:f4:80: 43:7f:4f:e9:6b:72:80:c3:d4:4e:d2:ad:99:f0:eb: fa:95:14:b6:d6:42:a3:18:93:d4:d6:09:21:74:f2: 78:81:75:60:a9:d9:27:3d:68:fb:0b:5d:72:e7:32: 74:3f:8b:35:41:a8:ce:79:43:1c:8a:f7:8a:f5:54: 3c:5f:5a:4a:c5:8e:b7:72:f5:c5:8b:3a:57:07:e3: 97:a8:da:11:99:81:fc:7a:bc:32:f5:30:0f:ca:46: 1b:71:d2:ed:92:50:55:76:1c:72:7d:92:1e:40:5a: 0d:89:51:1c:f0:b2:89:43:20:11:56:d8:ed:c0:3a: 90:ae:6e:bf:1f:8c:60:7b:45:fd:29:b5:37:53:20: 88:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:6A:B3:26:1E:3D:34:BF:04:86:0E:13:C0:7F:CD:DD:21:92:BE:2E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4070787c-7920-4341-afdd-98830283493b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:80c0::/48 Signature Algorithm: sha256WithRSAEncryption 76:9f:d6:72:23:78:37:e8:a5:a7:52:4d:87:23:73:ae:c8:7f: b1:3a:04:32:da:ab:95:0f:51:ed:c0:49:fa:49:1e:80:ee:95: 8d:7d:ca:91:38:0c:ae:93:ae:46:d0:d7:e5:b0:d4:5b:ff:32: 9f:68:30:0e:21:f0:fc:80:83:6b:d6:a3:d8:e0:ec:50:5d:a4: 09:dc:f4:ff:c2:79:95:b7:59:79:f7:3e:64:da:51:5c:c0:3c: c0:90:22:09:c6:43:91:89:02:78:5d:de:7d:3e:da:7f:df:7d: fd:b7:ba:b6:6b:99:92:60:5d:fe:78:83:01:a8:f1:ea:dd:73: 7e:00:49:e8:9e:16:c5:5e:36:47:2d:f4:0b:c1:b8:af:ef:8b: ee:c1:35:95:d0:30:f6:48:a8:cf:27:94:89:f9:2b:06:3b:91: 16:4c:c1:ac:64:e0:4e:9b:18:9e:9b:13:15:ca:dc:2a:70:ea: d1:f5:70:68:e2:15:88:09:a9:d1:6e:c5:4a:0a:47:05:27:6e: 13:e3:e0:72:fe:0e:db:60:44:04:a5:c5:bc:ef:d5:66:3f:17: 87:a0:09:c3:1a:1a:44:14:31:6a:03:27:23:4f:5e:30:47:55: 2d:35:cb:a5:9b:17:c6:8e:a2:ba:60:ac:49:54:ca:b8:38:5a: bb:ab:1a:96 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUBOlUFIZW9+jntWWvW6qczb6rG3YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMDAwMTAwNFoX DTI2MDUyMTIzNTk1OVowejFJMEcGA1UEBRNAZjE3OThiM2VhNWVkODI0MGJmZGVj NWFhZDhlNmZlYTJmZTY4MGVkMTk5ZjcyZjcyNGMwZjVlZWIxZjFjOGU1YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUV0vhKmDCX0hsa/4qNb5DdF2G9C 6QlxZAGSA4sIL54raTxyso+xS+ize3/9THAlI1pYkf0nGXEI7d4Wd1R8gG2FeiPQ d1s2Vyo55sTspEX0XIVf3gGTT9T/fVD1wzuIMcWOivmAF5VKd70q0X3hb959w4AE 9IBDf0/pa3KAw9RO0q2Z8Ov6lRS21kKjGJPU1gkhdPJ4gXVgqdknPWj7C11y5zJ0 P4s1QajOeUMciveK9VQ8X1pKxY63cvXFizpXB+OXqNoRmYH8erwy9TAPykYbcdLt klBVdhxyfZIeQFoNiVEc8LKJQyARVtjtwDqQrm6/H4xge0X9KbU3UyCIrQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIlqsyYePTS/BIYOE8B/zd0hkr4uMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQwNzA3ODdjLTc5MjAtNDM0MS1hZmRkLTk4ODMwMjgzNDkzYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/4DAMA0GCSqGSIb3DQEBCwUAA4IBAQB2n9ZyI3g36KWnUk2H I3OuyH+xOgQy2quVD1HtwEn6SR6A7pWNfcqROAyuk65G0NflsNRb/zKfaDAOIfD8 gINr1qPY4OxQXaQJ3PT/wnmVt1l59z5k2lFcwDzAkCIJxkORiQJ4Xd59Ptp/3339 t7q2a5mSYF3+eIMBqPHq3XN+AEnonhbFXjZHLfQLwbiv74vuwTWV0DD2SKjPJ5SJ +SsGO5EWTMGsZOBOmxiemxMVytwqcOrR9XBo4hWICanRbsVKCkcFJ24T4+By/g7b YEQEpcW879VmPxeHoAnDGhpEFDFqAycjT14wR1UtNculmxfGjqK6YKxJVMq4OFq7 qxqW -----END CERTIFICATE-----Generated at Sun Mar 1 23:57:57 2026 by rpki-client