$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa File: 49a679dd-b6ba-4b54-beeb-b3e83302b998.roa (raw, json) Hash identifier: QMpCmIGM9AWdXL+bfeWIj70MRwz0cinIObfwRwF8vIU= Subject key identifier: 3F:35:5B:70:47:21:E3:5B:B5:50:E9:C7:ED:67:7A:7C:6E:49:69:A0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 790610B9F443B65ED3EB02B89D06CE4E3D5AE289 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa Signing time: Tue 24 Feb 2026 00:00:06 +0000 ROA not before: Tue 24 Feb 2026 00:00:06 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:06:10:b9:f4:43:b6:5e:d3:eb:02:b8:9d:06:ce:4e:3d:5a:e2:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 24 00:00:06 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=e97ee7cdc3973c1643004c9205792ab34fcdaf1c60c91d6b4590ed6f5ffb3f23, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:07:1c:48:7f:47:1a:f8:08:28:26:f7:41:48: bb:93:08:47:d7:7d:13:09:c3:74:bf:8c:0c:97:9d: 63:0e:3f:0b:e6:65:6f:74:71:45:27:47:09:18:57: 14:c9:c4:d1:57:88:be:0d:53:7e:5b:87:b4:a7:c2: 8e:38:2f:ca:3d:66:6f:91:f7:97:11:5a:e8:9b:2c: 89:c0:21:71:b4:76:ec:fa:98:49:04:ac:0a:cb:1e: d0:70:f4:21:dc:19:1c:ee:cd:24:0b:4c:9b:7c:37: 9a:dd:76:19:59:12:40:f2:a5:48:22:1e:58:57:27: 4d:92:0b:0b:1c:1d:dc:eb:79:d7:d7:93:56:ec:25: 5a:d6:bd:d0:a0:78:d4:5e:5c:26:2a:8b:d3:69:91: 93:26:7c:32:69:41:df:47:aa:08:3d:75:bb:ac:8e: 96:12:a0:79:74:a5:d5:ff:5c:d5:b6:27:fa:9b:99: ea:0a:71:7a:34:01:ad:6e:23:f6:72:4b:29:8d:a1: 9f:76:68:fe:7e:62:4e:b3:ae:7e:76:ee:26:33:c2: 69:07:f4:1d:5b:7d:47:7e:1b:01:24:15:5f:8b:c3: 37:7a:a2:d2:97:57:e5:58:66:ce:b0:0b:6b:a7:b1: 89:c6:3c:13:b1:8b:54:c0:93:49:69:19:6c:49:27: 14:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:35:5B:70:47:21:E3:5B:B5:50:E9:C7:ED:67:7A:7C:6E:49:69:A0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49a679dd-b6ba-4b54-beeb-b3e83302b998.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:800::/40 Signature Algorithm: sha256WithRSAEncryption c5:7e:06:b1:08:e0:29:cd:7a:10:02:e7:19:23:d6:9c:a7:53: de:95:a6:f7:da:14:fd:03:dc:53:96:f5:2a:d4:37:21:f7:fa: ad:9c:4d:e2:0b:8d:23:00:6e:ac:9c:92:b4:ee:04:c5:35:40: c4:11:da:11:59:20:ac:98:a4:1b:d4:ad:5c:a5:eb:90:85:0d: 70:e8:a6:91:b6:f7:cc:73:7d:b7:f7:5d:6b:ec:cf:66:09:c6: 60:a3:e0:0f:f6:33:63:fd:18:f9:f3:0a:d7:cd:96:d2:02:09: 6f:86:b7:06:30:1b:ce:e7:1b:60:e1:ba:4d:db:a0:fa:e7:76: 9b:e1:83:95:d0:67:ab:45:67:b0:6e:c3:22:26:17:2a:6f:e0: e0:c5:9a:0c:0c:48:09:04:1f:e4:3b:ff:85:45:f3:d6:38:23: ce:f5:43:29:fe:77:2a:55:a7:57:5a:4f:cf:a9:2a:b6:9c:60: f8:09:89:1b:50:4b:a6:90:06:a7:d5:bc:61:50:0b:a5:56:71: 28:60:77:eb:5e:ba:d4:54:f7:c5:fd:88:7f:84:ee:a2:46:9e: 9d:51:d0:8f:52:b3:21:ea:d3:71:a9:ff:22:65:f4:fa:05:70: c4:ed:48:78:70:96:89:e5:c1:76:0c:5f:2c:2d:e5:95:18:10: b0:71:19:1c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUeQYQufRDtl7T6wK4nQbOTj1a4okwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyNDAwMDAwNloX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAZTk3ZWU3Y2RjMzk3M2MxNjQzMDA0 YzkyMDU3OTJhYjM0ZmNkYWYxYzYwYzkxZDZiNDU5MGVkNmY1ZmZiM2YyMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gccSH9HGvgIKCb3QUi7kwhH130T CcN0v4wMl51jDj8L5mVvdHFFJ0cJGFcUycTRV4i+DVN+W4e0p8KOOC/KPWZvkfeX EVromyyJwCFxtHbs+phJBKwKyx7QcPQh3Bkc7s0kC0ybfDea3XYZWRJA8qVIIh5Y VydNkgsLHB3c63nX15NW7CVa1r3QoHjUXlwmKovTaZGTJnwyaUHfR6oIPXW7rI6W EqB5dKXV/1zVtif6m5nqCnF6NAGtbiP2ckspjaGfdmj+fmJOs65+du4mM8JpB/Qd W31HfhsBJBVfi8M3eqLSl1flWGbOsAtrp7GJxjwTsYtUwJNJaRlsSScUxwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFD81W3BHIeNbtVDpx+1nenxuSWmgMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ5YTY3OWRkLWI2YmEtNGI1NC1iZWViLWIzZTgzMzAyYjk5OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8QgwDQYJKoZIhvcNAQELBQADggEBAMV+BrEI4CnNehAC5xkj 1pynU96VpvfaFP0D3FOW9SrUNyH3+q2cTeILjSMAbqyckrTuBMU1QMQR2hFZIKyY pBvUrVyl65CFDXDoppG298xzfbf3XWvsz2YJxmCj4A/2M2P9GPnzCtfNltICCW+G twYwG87nG2Dhuk3boPrndpvhg5XQZ6tFZ7BuwyImFypv4ODFmgwMSAkEH+Q7/4VF 89Y4I871Qyn+dypVp1daT8+pKracYPgJiRtQS6aQBqfVvGFQC6VWcShgd+teutRU 98X9iH+E7qJGnp1R0I9SsyHq03Gp/yJl9PoFcMTtSHhwlonlwXYMXywt5ZUYELBx GRw= -----END CERTIFICATE-----Generated at Mon Mar 2 08:50:01 2026 by rpki-client