$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/47474093-258c-498a-bd3d-047521af5d87.roa File: 47474093-258c-498a-bd3d-047521af5d87.roa (raw, json) Hash identifier: Hr7jI+Jm01WhNPstBnKqdw8HAnQYbIuQdHE2iCa/yC8= Subject key identifier: 91:41:9E:87:B1:D2:17:DB:44:14:6D:19:25:7E:C7:44:44:6C:62:E1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 78E9173D78AA7021CDB3EC927588C4509694DDFB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/47474093-258c-498a-bd3d-047521af5d87.roa Signing time: Sat 14 Feb 2026 00:00:05 +0000 ROA not before: Sat 14 Feb 2026 00:00:05 +0000 ROA not after: Fri 15 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:e9:17:3d:78:aa:70:21:cd:b3:ec:92:75:88:c4:50:96:94:dd:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 14 00:00:05 2026 GMT Not After : May 15 23:59:59 2026 GMT Subject: serialNumber=f2af9187316fb9b476b6a0a6999838f738edf1a7829a0f61527cb8eb8013cde7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:37:6a:bf:f5:97:d4:75:aa:a0:f9:75:62:26: 42:e7:e3:16:4e:7a:f4:41:d2:b8:5c:ba:40:27:37: 39:4f:0c:76:26:8f:5a:90:86:c6:d0:e4:60:6a:d4: d2:a1:60:a8:81:84:a8:ff:de:95:e2:3c:b0:a5:51: b4:df:ce:46:f8:cf:d0:ce:43:ad:e6:c8:36:3c:5f: ee:38:7a:0b:27:a7:77:1f:5b:1f:29:9d:46:58:7c: ca:b9:21:00:8c:a2:c2:dc:3f:0a:d1:df:71:6f:18: 0d:65:3d:6c:4c:d0:54:c4:2b:1b:e0:88:ac:ae:9c: ef:d5:02:90:d6:91:6d:d3:db:77:d2:c9:2f:4d:a1: eb:7f:35:01:3e:d0:02:43:82:1c:71:c8:5d:37:12: fa:bd:38:5e:57:e7:a0:b4:02:a8:18:55:03:64:c2: 72:cd:f1:86:e5:e5:4e:9f:5b:4f:e5:bf:d0:03:1a: 51:7e:dd:2c:16:0b:74:22:6b:65:9c:0f:37:9b:5c: 2b:3f:2f:bb:b2:e5:5d:a6:26:f8:01:18:06:ed:c4: 83:32:99:d5:67:25:38:27:8c:f3:f5:54:40:9f:44: fe:98:bf:98:35:70:4a:fd:b1:1d:3b:7e:e4:60:0b: c9:e9:3e:83:14:82:e5:84:ab:16:47:64:57:f3:10: df:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:41:9E:87:B1:D2:17:DB:44:14:6D:19:25:7E:C7:44:44:6C:62:E1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/47474093-258c-498a-bd3d-047521af5d87.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:f000::/40 Signature Algorithm: sha256WithRSAEncryption 58:a4:ba:23:b4:e7:14:08:5a:e2:b5:e1:72:65:3c:bb:6f:c4: a3:f1:51:c1:f4:01:c9:b2:48:37:81:fe:97:9a:39:65:59:ee: 1c:51:3e:5f:20:d8:83:5f:7e:47:56:c8:8f:d9:16:f0:9d:17: 6a:38:4d:98:4e:15:ec:8a:14:2f:34:cd:00:ea:c3:02:b2:5c: fa:69:87:c8:3e:2a:87:ce:7e:3f:39:45:70:34:07:f4:e4:22: 08:ec:9d:72:42:c8:5a:c8:01:ee:30:14:65:5f:b2:08:3d:7a: d0:b5:c3:6d:2c:c4:3f:fd:c4:32:fb:06:10:c8:eb:f9:c5:3b: 15:a1:b4:aa:5c:e4:48:49:71:66:2e:3c:e9:1a:6d:80:10:78: c8:49:60:1b:9b:e6:21:fb:cd:ae:aa:d3:5c:c0:c0:4c:3b:c2: 82:fe:a9:73:69:7c:95:d5:19:3c:42:b1:93:41:df:60:22:0a: 0f:2b:cf:e9:66:97:51:c4:c9:4b:6d:49:47:e7:65:23:a9:b0: 28:e0:a6:4e:6f:87:6d:d6:08:d5:89:56:85:26:db:e6:61:2f: 85:e6:04:a6:03:30:56:41:87:f2:76:2e:33:80:20:03:57:c8: cb:38:d5:3b:9e:06:a2:a3:5f:2c:dc:e1:5a:14:80:43:94:22: cb:f2:a6:30 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUeOkXPXiqcCHNs+ySdYjEUJaU3fswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxNDAwMDAwNVoX DTI2MDUxNTIzNTk1OVowejFJMEcGA1UEBRNAZjJhZjkxODczMTZmYjliNDc2YjZh MGE2OTk5ODM4ZjczOGVkZjFhNzgyOWEwZjYxNTI3Y2I4ZWI4MDEzY2RlNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzdqv/WX1HWqoPl1YiZC5+MWTnr0 QdK4XLpAJzc5Twx2Jo9akIbG0ORgatTSoWCogYSo/96V4jywpVG0385G+M/QzkOt 5sg2PF/uOHoLJ6d3H1sfKZ1GWHzKuSEAjKLC3D8K0d9xbxgNZT1sTNBUxCsb4Iis rpzv1QKQ1pFt09t30skvTaHrfzUBPtACQ4IccchdNxL6vTheV+egtAKoGFUDZMJy zfGG5eVOn1tP5b/QAxpRft0sFgt0ImtlnA83m1wrPy+7suVdpib4ARgG7cSDMpnV ZyU4J4zz9VRAn0T+mL+YNXBK/bEdO37kYAvJ6T6DFILlhKsWR2RX8xDf1QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJFBnoex0hfbRBRtGSV+x0REbGLhMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ3NDc0MDkzLTI1OGMtNDk4YS1iZDNkLTA0NzUyMWFmNWQ4Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaufAwDQYJKoZIhvcNAQELBQADggEBAFikuiO05xQIWuK14XJl PLtvxKPxUcH0AcmySDeB/peaOWVZ7hxRPl8g2INffkdWyI/ZFvCdF2o4TZhOFeyK FC80zQDqwwKyXPpph8g+KofOfj85RXA0B/TkIgjsnXJCyFrIAe4wFGVfsgg9etC1 w20sxD/9xDL7BhDI6/nFOxWhtKpc5EhJcWYuPOkabYAQeMhJYBub5iH7za6q01zA wEw7woL+qXNpfJXVGTxCsZNB32AiCg8rz+lml1HEyUttSUfnZSOpsCjgpk5vh23W CNWJVoUm2+ZhL4XmBKYDMFZBh/J2LjOAIANXyMs41TueBqKjXyzc4VoUgEOUIsvy pjA= -----END CERTIFICATE-----Generated at Sun Mar 1 22:14:42 2026 by rpki-client