$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa File: 4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa (raw, json) Hash identifier: KFrWj6f1M7P0TFY/XRngM5sQkc9dgnm3Fau5tjUSfXI= Subject key identifier: 44:FD:18:31:2F:44:BA:7E:75:99:52:0F:F2:D0:35:98:22:53:9D:EA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7F016B888A589CF0733ECA0F3D3EDA9B42D29C40 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa Signing time: Tue 24 Feb 2026 00:10:05 +0000 ROA not before: Tue 24 Feb 2026 00:10:05 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafa:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:01:6b:88:8a:58:9c:f0:73:3e:ca:0f:3d:3e:da:9b:42:d2:9c:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 24 00:10:05 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=d00244f82316fb47c08e2ace39efb232c6ecfb11b113aa1465db322c62846196, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:03:d9:ac:ff:f2:5f:8d:cf:77:ba:ee:2a:a4: c8:d4:e9:57:ae:28:bf:04:9c:1b:03:ae:d6:9f:6b: ce:a3:93:99:63:90:09:12:51:82:76:fa:a8:ba:d1: 16:22:e5:c8:a2:f2:4a:29:4e:54:3f:d5:79:a1:cc: a0:47:56:94:1f:ca:b1:6c:b1:b7:52:52:25:c3:ed: 2d:63:5a:7f:e4:58:ec:ed:2a:ad:83:3f:7e:70:16: f3:dc:6f:24:3a:d9:8d:4b:ed:5f:67:25:32:a6:e8: 62:41:4f:47:66:2d:88:a9:b5:d9:09:7c:2e:ad:7f: ee:10:d7:76:10:82:94:55:f2:90:94:46:ca:95:64: 31:b5:bf:6c:18:4e:bb:3e:21:69:13:27:7e:d8:f8: 73:88:50:4e:df:ec:2b:68:e9:07:27:06:79:9b:88: 4a:7c:b4:db:c7:d1:4c:24:09:bf:b5:5e:19:99:f0: 7e:f3:67:6a:62:66:22:97:f9:9a:d6:f7:df:af:f4: b8:14:83:e5:5a:db:27:e2:8c:7b:69:80:b7:ba:62: e0:f9:7c:74:52:0a:d5:37:d5:fe:a6:45:7c:0b:d4: dc:27:0f:12:07:4e:61:c9:1a:68:bb:ea:62:89:9b: 74:3e:4e:31:51:6a:a8:99:cf:6e:d8:ef:e6:11:98: ec:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:FD:18:31:2F:44:BA:7E:75:99:52:0F:F2:D0:35:98:22:53:9D:EA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d5a8513-21e5-4af7-b1b9-e85bc8e16eb8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafa:4000::/40 Signature Algorithm: sha256WithRSAEncryption 37:22:88:9b:d2:77:61:38:67:5a:af:74:05:dd:cb:ff:db:53: c8:70:ec:9f:22:1d:2b:15:69:f4:02:51:76:a9:f5:d7:b4:62: 9b:30:5b:d0:e1:cd:de:fa:c8:35:a3:28:ae:d8:dd:b9:40:31: e4:d9:0b:5f:83:8b:06:a0:56:f4:6b:12:c0:0d:50:6a:54:98: c8:b2:33:2e:83:23:4a:c1:6e:ce:66:2d:d6:90:e6:c8:07:3d: d8:dc:b6:4b:7a:c2:70:13:53:62:09:40:5f:36:6d:74:9b:44: bf:60:0a:33:73:20:29:63:1b:97:4e:51:5e:0b:b2:28:c9:36: 7e:0a:91:2b:a7:9b:8c:30:21:9c:17:07:58:dd:f0:91:0f:97: e2:17:fa:e6:7f:29:8d:71:bc:05:5d:a3:f5:ea:31:3c:25:e4: cb:5d:25:e1:f3:ee:a2:11:08:e4:57:db:71:7e:de:58:d3:21: cf:73:d4:76:23:fd:32:ad:3e:5c:a6:15:99:15:b9:ce:fe:51: 8a:63:9d:25:0d:29:48:83:0b:70:92:54:b7:c7:95:6f:9e:7d: c4:12:71:40:44:03:f1:99:0b:fb:f2:0e:58:b3:ee:b1:26:95: d5:3f:f3:9c:72:d3:10:09:a1:65:2b:30:ba:71:af:7f:2f:75: e1:aa:c4:9e -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfwFriIpYnPBzPsoPPT7am0LSnEAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyNDAwMTAwNVoX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAZDAwMjQ0ZjgyMzE2ZmI0N2MwOGUy YWNlMzllZmIyMzJjNmVjZmIxMWIxMTNhYTE0NjVkYjMyMmM2Mjg0NjE5NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwPZrP/yX43Pd7ruKqTI1OlXrii/ BJwbA67Wn2vOo5OZY5AJElGCdvqoutEWIuXIovJKKU5UP9V5ocygR1aUH8qxbLG3 UlIlw+0tY1p/5Fjs7Sqtgz9+cBbz3G8kOtmNS+1fZyUypuhiQU9HZi2IqbXZCXwu rX/uENd2EIKUVfKQlEbKlWQxtb9sGE67PiFpEyd+2PhziFBO3+wraOkHJwZ5m4hK fLTbx9FMJAm/tV4ZmfB+82dqYmYil/ma1vffr/S4FIPlWtsn4ox7aYC3umLg+Xx0 UgrVN9X+pkV8C9TcJw8SB05hyRpou+piiZt0Pk4xUWqomc9u2O/mEZjsRwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFET9GDEvRLp+dZlSD/LQNZgiU53qMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRkNWE4NTEzLTIxZTUtNGFmNy1iMWI5LWU4NWJjOGUxNmViOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+kAwDQYJKoZIhvcNAQELBQADggEBADciiJvSd2E4Z1qvdAXd y//bU8hw7J8iHSsVafQCUXap9de0YpswW9Dhzd76yDWjKK7Y3blAMeTZC1+Diwag VvRrEsANUGpUmMiyMy6DI0rBbs5mLdaQ5sgHPdjctkt6wnATU2IJQF82bXSbRL9g CjNzICljG5dOUV4LsijJNn4KkSunm4wwIZwXB1jd8JEPl+IX+uZ/KY1xvAVdo/Xq MTwl5MtdJeHz7qIRCORX23F+3ljTIc9z1HYj/TKtPlymFZkVuc7+UYpjnSUNKUiD C3CSVLfHlW+efcQScUBEA/GZC/vyDliz7rEmldU/85xy0xAJoWUrMLpxr38vdeGq xJ4= -----END CERTIFICATE-----Generated at Sun Mar 1 23:36:36 2026 by rpki-client