$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/442fee67-f3d9-4889-94d4-2a3b8bb5cfac.roa File: 442fee67-f3d9-4889-94d4-2a3b8bb5cfac.roa (raw, json) Hash identifier: ayURyhleFwC18g2br9/TS8qgEsIyvx5x4Oy9xv0FnAs= Subject key identifier: BE:63:B7:52:C0:CC:66:CB:4A:52:A4:E6:29:24:CD:55:96:A7:1F:39 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 46A18FC135320FBF61E55BAE0D10C1B50B9BFDA4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/442fee67-f3d9-4889-94d4-2a3b8bb5cfac.roa Signing time: Sun 22 Feb 2026 00:00:42 +0000 ROA not before: Sun 22 Feb 2026 00:00:42 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:8800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:a1:8f:c1:35:32:0f:bf:61:e5:5b:ae:0d:10:c1:b5:0b:9b:fd:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:00:42 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=ac975f2d5467ecad75cc0eaba10364bd82c49207be2f9d76a56596d97e86c1e9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:ed:e4:3d:50:27:ba:90:c9:7e:66:1c:c0:d9: 0e:5e:19:1a:d8:e1:c4:09:06:5b:16:3c:78:8a:2e: e6:82:ac:8e:03:61:a9:fd:86:f4:15:d6:cf:9a:84: 55:26:d6:6a:dc:7a:08:77:1d:17:94:bf:f7:85:ea: 77:db:6a:7e:d1:15:e2:47:95:75:5c:9b:18:6d:54: b5:73:41:eb:f1:b3:ea:b8:35:57:e9:71:24:a1:02: 63:22:99:7e:0b:70:f9:26:17:d3:51:bc:f5:2f:55: 69:fc:5f:11:13:6d:cb:ba:29:ee:57:93:c4:9c:ea: a3:9e:74:76:64:19:65:bb:b5:b4:dc:c6:53:32:25: 0e:66:dc:fb:0a:74:81:9d:18:4b:3c:b2:9c:a8:46: 3e:fa:fb:0e:1f:26:0e:da:bf:94:2b:9e:53:f2:d4: ea:90:1d:b0:0b:72:5c:2b:55:d4:de:51:fe:ee:c5: 7c:fe:71:e9:5d:37:5b:01:9f:76:0d:e5:f7:c0:26: 84:01:99:63:12:7c:f4:a7:37:1b:40:0c:25:c5:9d: 8a:54:6c:61:f7:67:13:3b:00:fb:1e:43:77:3d:0b: 71:35:dd:04:f1:31:97:55:60:9c:62:4b:25:2a:ad: 10:e9:9a:19:b4:68:bc:fd:d9:d6:19:c4:29:54:68: a7:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:63:B7:52:C0:CC:66:CB:4A:52:A4:E6:29:24:CD:55:96:A7:1F:39 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/442fee67-f3d9-4889-94d4-2a3b8bb5cfac.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:8800::/40 Signature Algorithm: sha256WithRSAEncryption 6b:cd:bc:7c:78:f7:d3:e8:da:29:fd:18:95:29:10:5d:45:60: fd:0f:8d:15:a0:94:75:3e:db:db:91:c6:d4:66:56:e1:8d:6f: a3:79:71:ec:46:a8:b5:fd:15:41:19:d1:80:6e:38:c3:ac:7b: 30:03:10:14:54:a4:6e:bf:6e:86:4d:1f:df:3b:89:be:67:c8: 64:95:34:6f:ff:44:10:3d:06:36:00:49:e4:1f:02:e9:70:9c: 68:e1:1d:f6:36:1a:d7:c1:db:cc:0d:4e:bc:c9:14:05:40:10: 96:44:e5:b0:10:82:8f:9b:53:32:ae:86:19:3a:3b:c0:92:af: ce:67:10:45:dc:9e:fc:a1:69:1d:45:b8:34:3a:07:47:72:17: d6:4b:e9:40:c9:29:46:12:0d:01:88:30:7f:ee:90:00:e9:2e: 82:17:2e:40:13:1e:c9:8e:a9:a2:c0:94:02:13:3a:a3:79:c1: f1:0d:e1:1b:19:1c:22:b7:d8:d8:f4:bd:67:4d:d6:f3:f9:68: 9b:74:aa:af:14:6e:6d:68:a5:b0:23:5a:80:31:2a:83:25:8c: c5:36:42:24:b5:e8:78:60:5f:44:f7:e2:b1:8d:87:58:78:9c: 55:b8:dd:ae:a2:d8:1e:bd:ea:53:42:10:10:fc:82:21:89:d8: 7e:14:ac:af -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIURqGPwTUyD79h5VuuDRDBtQub/aQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMDA0MloX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAYWM5NzVmMmQ1NDY3ZWNhZDc1Y2Mw ZWFiYTEwMzY0YmQ4MmM0OTIwN2JlMmY5ZDc2YTU2NTk2ZDk3ZTg2YzFlOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvu3kPVAnupDJfmYcwNkOXhka2OHE CQZbFjx4ii7mgqyOA2Gp/Yb0FdbPmoRVJtZq3HoIdx0XlL/3hep322p+0RXiR5V1 XJsYbVS1c0Hr8bPquDVX6XEkoQJjIpl+C3D5JhfTUbz1L1Vp/F8RE23LuinuV5PE nOqjnnR2ZBllu7W03MZTMiUOZtz7CnSBnRhLPLKcqEY++vsOHyYO2r+UK55T8tTq kB2wC3JcK1XU3lH+7sV8/nHpXTdbAZ92DeX3wCaEAZljEnz0pzcbQAwlxZ2KVGxh 92cTOwD7HkN3PQtxNd0E8TGXVWCcYkslKq0Q6ZoZtGi8/dnWGcQpVGin8QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFL5jt1LAzGbLSlKk5ikkzVWWpx85MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ0MmZlZTY3LWYzZDktNDg4OS05NGQ0LTJhM2I4YmI1Y2ZhYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8YgwDQYJKoZIhvcNAQELBQADggEBAGvNvHx499Po2in9GJUp EF1FYP0PjRWglHU+29uRxtRmVuGNb6N5cexGqLX9FUEZ0YBuOMOsezADEBRUpG6/ boZNH987ib5nyGSVNG//RBA9BjYASeQfAulwnGjhHfY2GtfB28wNTrzJFAVAEJZE 5bAQgo+bUzKuhhk6O8CSr85nEEXcnvyhaR1FuDQ6B0dyF9ZL6UDJKUYSDQGIMH/u kADpLoIXLkATHsmOqaLAlAITOqN5wfEN4RsZHCK32Nj0vWdN1vP5aJt0qq8Ubm1o pbAjWoAxKoMljMU2QiS16HhgX0T34rGNh1h4nFW43a6i2B696lNCEBD8giGJ2H4U rK8= -----END CERTIFICATE-----Generated at Mon Mar 2 10:37:34 2026 by rpki-client