$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a9b91de-ae9d-419a-81e8-e1066ea1ded3.roa File: 4a9b91de-ae9d-419a-81e8-e1066ea1ded3.roa (raw, json) Hash identifier: nIkyl4Bvk59IvoSDdptK1guHXwitAML5aNlB9M+1vKc= Subject key identifier: E9:45:F0:0B:96:EE:2C:D2:88:1A:B9:1A:23:1E:DE:21:4C:AF:B2:91 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 757DAE54B621B83B616BE01E01B3C285C67C69DF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a9b91de-ae9d-419a-81e8-e1066ea1ded3.roa Signing time: Sun 22 Feb 2026 00:00:09 +0000 ROA not before: Sun 22 Feb 2026 00:00:09 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:8800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:7d:ae:54:b6:21:b8:3b:61:6b:e0:1e:01:b3:c2:85:c6:7c:69:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:00:09 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=a271dae74323164f8248dba294ce2804d98452a59882ec89417cde3fd462b04f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:bc:6b:ad:fc:09:dd:59:1a:26:3d:bb:61:35: d6:69:40:34:d8:dc:7f:17:a8:de:00:12:d9:4d:31: ee:2c:8e:0b:69:29:5d:2f:77:74:f8:d6:fa:53:77: 28:52:aa:ac:b5:01:f7:5b:af:7a:26:9c:93:0a:55: f1:a8:6c:48:f9:c1:22:d7:2a:0a:b5:64:f9:84:88: a7:9e:78:b7:6e:b8:5e:07:08:a3:a2:ce:32:d2:1b: 90:f5:c9:4d:1e:fe:62:5f:a1:0d:d5:9b:5d:76:a1: 61:bb:f2:4e:af:da:2d:89:66:de:5f:be:a5:79:ac: 96:5e:6a:2f:c3:03:77:a8:b7:6b:1f:2c:8a:86:7b: 6e:7d:2b:86:1a:22:89:39:61:8f:d0:7c:6f:e0:ca: f6:83:24:c3:b9:69:f7:a0:d0:4a:9d:27:37:2f:57: a9:87:18:55:62:d0:a4:9e:80:58:7e:3a:fb:f5:af: fd:bd:fc:28:16:88:a9:d5:7d:e3:c9:f9:cc:64:3c: d6:24:da:84:76:a7:88:3e:66:65:8a:34:98:28:c4: 3f:2c:6c:62:6c:47:d0:4f:37:6f:a4:94:8d:7d:37: 29:e1:01:ec:f2:25:27:0c:92:ce:a8:a9:b4:4c:23: dd:22:65:4e:e3:47:62:12:00:af:6a:c9:9a:7f:5e: 7d:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:45:F0:0B:96:EE:2C:D2:88:1A:B9:1A:23:1E:DE:21:4C:AF:B2:91 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a9b91de-ae9d-419a-81e8-e1066ea1ded3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:8800::/40 Signature Algorithm: sha256WithRSAEncryption bd:5b:ab:cf:a4:b9:7d:a1:f7:5b:06:75:c8:cd:cf:34:bc:09: d0:2e:d4:c4:08:1d:6d:95:85:d6:14:8e:2f:05:e0:ed:49:88: f5:54:2f:3d:b8:b3:df:0d:5a:4f:70:ce:72:41:89:44:84:23: d1:a8:9c:0f:50:e8:a9:23:5a:c3:ce:1e:76:f2:6c:e1:0e:ce: c2:4b:08:e7:77:da:70:28:b1:72:1e:5c:f5:e1:63:eb:25:e0: 2c:87:86:8d:c9:d0:75:4b:ee:cc:37:0a:03:9b:75:a1:0f:c6: b1:d8:79:ff:c5:ee:7b:d3:04:82:49:5f:c4:63:dc:62:0d:4b: 36:c1:8b:56:83:fa:5b:ba:f1:13:b3:a0:cf:9c:c8:01:99:22: bf:e6:8e:47:2a:3d:cc:ca:6b:f6:c4:48:21:5a:0a:5f:15:4a: 6d:07:b0:7f:19:e5:05:68:49:c1:a6:31:db:ce:ac:53:21:6f: b9:75:de:d2:8e:eb:96:f7:8c:e9:33:4c:8a:43:96:b0:55:50: 13:01:ac:e5:e0:1d:2c:6d:69:83:2f:89:a6:62:77:04:1a:85: 41:d3:f9:61:2f:b5:e6:3d:e5:82:13:01:5c:2f:7e:16:8e:ef: ce:9f:3a:eb:40:8d:fd:7e:c4:be:b3:52:f3:5e:17:c3:bb:96: 16:83:c7:90 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdX2uVLYhuDtha+AeAbPChcZ8ad8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMDAwOVoX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAYTI3MWRhZTc0MzIzMTY0ZjgyNDhk YmEyOTRjZTI4MDRkOTg0NTJhNTk4ODJlYzg5NDE3Y2RlM2ZkNDYyYjA0ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLxrrfwJ3VkaJj27YTXWaUA02Nx/ F6jeABLZTTHuLI4LaSldL3d0+Nb6U3coUqqstQH3W696JpyTClXxqGxI+cEi1yoK tWT5hIinnni3brheBwijos4y0huQ9clNHv5iX6EN1ZtddqFhu/JOr9otiWbeX76l eayWXmovwwN3qLdrHyyKhntufSuGGiKJOWGP0Hxv4Mr2gyTDuWn3oNBKnSc3L1ep hxhVYtCknoBYfjr79a/9vfwoFoip1X3jyfnMZDzWJNqEdqeIPmZlijSYKMQ/LGxi bEfQTzdvpJSNfTcp4QHs8iUnDJLOqKm0TCPdImVO40diEgCvasmaf159fwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOlF8AuW7izSiBq5GiMe3iFMr7KRMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRhOWI5MWRlLWFlOWQtNDE5YS04MWU4LWUxMDY2ZWExZGVkMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9YgwDQYJKoZIhvcNAQELBQADggEBAL1bq8+kuX2h91sGdcjN zzS8CdAu1MQIHW2VhdYUji8F4O1JiPVULz24s98NWk9wznJBiUSEI9GonA9Q6Kkj WsPOHnbybOEOzsJLCOd32nAosXIeXPXhY+sl4CyHho3J0HVL7sw3CgObdaEPxrHY ef/F7nvTBIJJX8Rj3GINSzbBi1aD+lu68ROzoM+cyAGZIr/mjkcqPczKa/bESCFa Cl8VSm0HsH8Z5QVoScGmMdvOrFMhb7l13tKO65b3jOkzTIpDlrBVUBMBrOXgHSxt aYMviaZidwQahUHT+WEvteY95YITAVwvfhaO786fOutAjf1+xL6zUvNeF8O7lhaD x5A= -----END CERTIFICATE-----Generated at Sun Mar 1 23:46:22 2026 by rpki-client