$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/43a9fb43-6cc8-49fc-93f8-70c99496c67a.roa File: 43a9fb43-6cc8-49fc-93f8-70c99496c67a.roa (raw, json) Hash identifier: qWh+logLhYBGXSnJnBoUkXjpF1iYb/ugh/FsCexVwwI= Subject key identifier: 1B:08:C5:51:A3:B9:9E:03:1C:F3:AF:D7:3A:C0:44:8D:75:FE:BB:3A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 653491D2CE2088E4DCF1FA6101D94EF2558B83DA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/43a9fb43-6cc8-49fc-93f8-70c99496c67a.roa Signing time: Sat 21 Feb 2026 00:01:08 +0000 ROA not before: Sat 21 Feb 2026 00:01:08 +0000 ROA not after: Fri 22 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:a800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:34:91:d2:ce:20:88:e4:dc:f1:fa:61:01:d9:4e:f2:55:8b:83:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 21 00:01:08 2026 GMT Not After : May 22 23:59:59 2026 GMT Subject: serialNumber=0bb7be86d748546816597877e6e214abf089b37f1dd0478a2051f3aabcfc448b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:b4:b8:db:4c:5a:40:57:8d:5d:84:0d:07:f4: c8:b1:7d:0b:62:5e:d4:d1:14:0e:52:28:f6:f1:24: 68:dd:96:ec:92:76:71:88:1d:7b:b3:62:9e:51:73: 2e:c6:d3:04:cc:df:f8:6e:7c:3a:cb:50:6d:bc:51: e3:c8:44:de:e9:95:a5:9a:ec:f4:ce:15:ee:3b:28: 31:51:73:0a:36:66:84:5f:ff:b5:9d:90:c3:8e:92: 05:76:ab:99:44:72:31:c9:b2:ec:0a:26:cb:e6:53: bd:c0:28:61:5e:2a:37:e4:f5:73:93:df:0b:61:49: 51:fe:f9:d7:11:60:3b:8b:58:85:32:d3:d3:af:de: 15:0b:98:8f:45:08:19:75:77:d1:ac:d4:61:39:f2: 99:7c:ca:02:69:d0:ab:f5:a1:a4:05:22:a8:1e:7b: e6:0e:d3:82:8b:01:cb:20:27:89:7d:36:76:c5:9e: 12:7e:9d:52:a2:fc:2b:8a:ba:e5:9d:7d:ef:0f:72: 37:24:69:20:fa:99:55:9d:5c:76:47:b5:2e:f6:5b: 85:f1:54:6f:b0:e2:28:e2:c2:02:b0:0f:ae:f8:1a: d9:a1:7a:31:f8:2a:4e:83:ab:23:03:f0:29:3a:91: 47:8b:b6:17:8b:ec:cf:ba:09:6f:39:6e:a4:8a:7a: 56:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:08:C5:51:A3:B9:9E:03:1C:F3:AF:D7:3A:C0:44:8D:75:FE:BB:3A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/43a9fb43-6cc8-49fc-93f8-70c99496c67a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:a800::/40 Signature Algorithm: sha256WithRSAEncryption b1:76:5d:08:a4:f3:b9:31:94:9c:bb:24:2d:2b:ca:32:08:ab: ab:58:bd:30:45:38:57:7b:42:94:4e:e2:3a:1f:b5:9d:82:ff: 45:d6:32:58:03:cc:11:01:5a:19:6c:15:df:fd:4e:05:45:00: 61:b2:e4:c4:5b:84:50:9c:07:f2:b4:93:d3:19:54:10:2e:fb: 2c:c7:15:93:df:d4:f0:b2:1e:0c:f9:f5:c7:17:5d:cd:92:da: 48:34:c8:bd:4d:f6:db:28:a7:61:fa:be:a2:5e:08:59:93:4d: 18:f8:ca:7b:0c:b0:a7:6c:52:29:d2:e8:e8:6a:ba:e5:0a:25: e5:52:ed:89:4b:bb:6a:22:1f:bb:ee:f5:90:81:fd:c7:15:10: 38:1f:ed:9a:14:a3:8a:61:c8:0a:ee:4f:a5:a2:0f:94:95:16: 4f:11:f4:5e:1a:14:65:c8:7d:64:11:f8:51:13:b3:5b:79:99: 81:0a:da:ab:30:a3:af:87:9e:d3:e0:de:1d:5d:64:bc:a4:36: 3b:ac:2d:4e:1f:03:9d:d6:a5:e0:1d:a4:53:45:07:84:b8:9c: 61:b6:35:86:27:58:70:18:e2:2a:8c:51:a1:e0:62:77:d0:db: f7:39:d2:14:7c:c2:72:bf:6a:68:be:6b:93:d6:fe:bf:7d:65: f0:25:a6:87 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZTSR0s4giOTc8fphAdlO8lWLg9owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMTAwMDEwOFoX DTI2MDUyMjIzNTk1OVowejFJMEcGA1UEBRNAMGJiN2JlODZkNzQ4NTQ2ODE2NTk3 ODc3ZTZlMjE0YWJmMDg5YjM3ZjFkZDA0NzhhMjA1MWYzYWFiY2ZjNDQ4YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6LS420xaQFeNXYQNB/TIsX0LYl7U 0RQOUij28SRo3ZbsknZxiB17s2KeUXMuxtMEzN/4bnw6y1BtvFHjyETe6ZWlmuz0 zhXuOygxUXMKNmaEX/+1nZDDjpIFdquZRHIxybLsCibL5lO9wChhXio35PVzk98L YUlR/vnXEWA7i1iFMtPTr94VC5iPRQgZdXfRrNRhOfKZfMoCadCr9aGkBSKoHnvm DtOCiwHLICeJfTZ2xZ4Sfp1SovwrirrlnX3vD3I3JGkg+plVnVx2R7Uu9luF8VRv sOIo4sICsA+u+BrZoXox+CpOg6sjA/ApOpFHi7YXi+zPuglvOW6kinpWYwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBsIxVGjuZ4DHPOv1zrARI11/rs6MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQzYTlmYjQzLTZjYzgtNDlmYy05M2Y4LTcwYzk5NDk2YzY3YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAKgwDQYJKoZIhvcNAQELBQADggEBALF2XQik87kxlJy7JC0r yjIIq6tYvTBFOFd7QpRO4joftZ2C/0XWMlgDzBEBWhlsFd/9TgVFAGGy5MRbhFCc B/K0k9MZVBAu+yzHFZPf1PCyHgz59ccXXc2S2kg0yL1N9tsop2H6vqJeCFmTTRj4 ynsMsKdsUinS6OhquuUKJeVS7YlLu2oiH7vu9ZCB/ccVEDgf7ZoUo4phyAruT6Wi D5SVFk8R9F4aFGXIfWQR+FETs1t5mYEK2qswo6+HntPg3h1dZLykNjusLU4fA53W peAdpFNFB4S4nGG2NYYnWHAY4iqMUaHgYnfQ2/c50hR8wnK/ami+a5PW/r99ZfAl poc= -----END CERTIFICATE-----Generated at Sun Mar 1 23:53:18 2026 by rpki-client