$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa File: 42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa (raw, json) Hash identifier: wi+0EXzRrHKJXah4M2lDCRiuQml/G2+PGoyPqMwjR20= Subject key identifier: 39:71:34:4E:DE:AE:A7:55:31:03:5C:22:42:29:CB:D6:D2:FC:0F:7F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 59D084EBFABCC27A16721D6FB6CB99723DF37EFE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa Signing time: Wed 18 Feb 2026 00:00:12 +0000 ROA not before: Wed 18 Feb 2026 00:00:12 +0000 ROA not after: Tue 19 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:e0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:d0:84:eb:fa:bc:c2:7a:16:72:1d:6f:b6:cb:99:72:3d:f3:7e:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 18 00:00:12 2026 GMT Not After : May 19 23:59:59 2026 GMT Subject: serialNumber=dbed3e0c75b500397dc9777f0b6a182452a626825a5224631688072f34a0f9a7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:55:2e:13:de:96:cb:4e:1e:84:0b:f7:09:f6: 6a:de:b6:64:e7:80:be:ad:9a:40:77:e8:85:82:97: e2:9b:29:c1:6b:08:75:68:12:be:ef:1b:f0:a0:bf: 02:d7:66:71:56:14:55:95:11:95:15:24:ed:f4:64: 29:38:9e:c1:4f:eb:22:de:78:ca:90:6b:96:51:51: 9d:4f:f9:f6:5d:91:f3:52:4f:27:f3:1a:8f:df:ac: 02:05:9d:3d:8a:cd:ef:a9:63:19:86:b3:7b:58:5c: 4a:99:0a:5a:44:d6:75:d2:32:4a:81:c9:16:d9:2a: c6:3e:30:8b:00:74:ca:f8:6f:67:fe:05:57:72:8d: e6:b7:ed:69:80:52:51:f8:e3:8c:bb:f6:75:88:cb: f9:bf:53:99:c1:89:55:43:de:ea:8f:93:82:2d:de: 89:d3:23:c0:17:06:ae:9a:e6:43:37:70:19:ed:7d: b5:ff:4d:0f:01:28:6a:50:95:d4:15:0b:30:30:48: c6:11:70:e7:11:ac:2b:a7:11:99:c3:e4:3a:de:b5: 6a:28:46:9d:2f:30:48:0a:e4:12:9a:3a:32:c8:20: 75:92:89:58:35:f0:f1:7e:02:c9:78:74:16:3d:fe: eb:43:90:fe:a4:c6:71:75:d4:3c:96:e7:74:9b:f0: 8f:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:71:34:4E:DE:AE:A7:55:31:03:5C:22:42:29:CB:D6:D2:FC:0F:7F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:e0c0::/48 Signature Algorithm: sha256WithRSAEncryption 7b:b2:42:26:76:19:ac:df:35:fa:5d:ee:42:b5:d9:f2:48:c9: 6b:24:ee:a1:53:5b:70:1a:6d:41:a1:27:b0:d1:23:b5:41:e6: 50:49:ee:57:a6:3f:38:7b:aa:f0:3f:44:11:d4:57:7b:f7:5b: c7:94:2c:bd:fb:e1:ae:27:fa:aa:1b:cc:06:ad:ee:3f:c9:91: 3e:a5:ec:dd:10:98:0e:20:3a:a3:c0:81:79:1b:a0:44:c5:a1: 30:de:e8:2e:1e:fb:0b:2a:75:d9:4b:40:4e:96:ce:15:a0:20: 55:66:ca:17:63:0e:97:19:3c:45:20:e1:a5:27:58:1e:01:40: 7e:15:a1:5f:15:1c:cd:da:bd:b6:84:09:34:6a:24:2d:7f:c1: ca:0c:f5:9f:dd:54:e2:3e:eb:b0:2c:c6:3b:bf:c9:e0:6f:f5: 6d:08:82:05:e8:d8:dc:56:1a:5a:cf:dc:2c:49:f5:e3:ad:27: ef:6f:73:ae:05:db:8e:f2:a2:8e:69:f8:94:00:e4:db:95:e0: ba:3a:0d:97:08:11:55:78:29:d0:80:6b:0e:81:16:41:8f:ac: b7:79:ff:22:2d:8b:a4:1e:d4:3f:81:9b:6f:81:c5:c9:72:b9: bf:ad:89:41:7d:00:2d:1c:c9:23:d5:ca:a6:52:1a:2e:12:e9: f9:4c:ed:55 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUWdCE6/q8wnoWch1vtsuZcj3zfv4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxODAwMDAxMloX DTI2MDUxOTIzNTk1OVowejFJMEcGA1UEBRNAZGJlZDNlMGM3NWI1MDAzOTdkYzk3 NzdmMGI2YTE4MjQ1MmE2MjY4MjVhNTIyNDYzMTY4ODA3MmYzNGEwZjlhNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlUuE96Wy04ehAv3CfZq3rZk54C+ rZpAd+iFgpfimynBawh1aBK+7xvwoL8C12ZxVhRVlRGVFSTt9GQpOJ7BT+si3njK kGuWUVGdT/n2XZHzUk8n8xqP36wCBZ09is3vqWMZhrN7WFxKmQpaRNZ10jJKgckW 2SrGPjCLAHTK+G9n/gVXco3mt+1pgFJR+OOMu/Z1iMv5v1OZwYlVQ97qj5OCLd6J 0yPAFwaumuZDN3AZ7X21/00PAShqUJXUFQswMEjGEXDnEawrpxGZw+Q63rVqKEad LzBICuQSmjoyyCB1kolYNfDxfgLJeHQWPf7rQ5D+pMZxddQ8lud0m/CP9wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDlxNE7erqdVMQNcIkIpy9bS/A9/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQyZmQ1YTk2LTIxZTktNGVmOC1iMjdmLTVhN2Y5OTZiODRkMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8uDAMA0GCSqGSIb3DQEBCwUAA4IBAQB7skImdhms3zX6Xe5C tdnySMlrJO6hU1twGm1BoSew0SO1QeZQSe5Xpj84e6rwP0QR1Fd791vHlCy9++Gu J/qqG8wGre4/yZE+pezdEJgOIDqjwIF5G6BExaEw3uguHvsLKnXZS0BOls4VoCBV ZsoXYw6XGTxFIOGlJ1geAUB+FaFfFRzN2r22hAk0aiQtf8HKDPWf3VTiPuuwLMY7 v8ngb/VtCIIF6NjcVhpaz9wsSfXjrSfvb3OuBduO8qKOafiUAOTbleC6Og2XCBFV eCnQgGsOgRZBj6y3ef8iLYukHtQ/gZtvgcXJcrm/rYlBfQAtHMkj1cqmUhouEun5 TO1V -----END CERTIFICATE-----Generated at Sun Mar 1 23:47:20 2026 by rpki-client