$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d6a264a-aa2a-46c2-95e0-8711aa342743.roa File: 4d6a264a-aa2a-46c2-95e0-8711aa342743.roa (raw, json) Hash identifier: ATLqCU91jHodjPmpMUltpFrZ4dKSyGGHxga6nKbTaRs= Subject key identifier: 8C:7F:A7:59:1F:57:0F:D0:53:F5:94:5B:A4:6A:D1:FC:D5:8E:BC:88 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0EC4CEE072B0530DD24FECDFB4E6668EFA4F29DE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d6a264a-aa2a-46c2-95e0-8711aa342743.roa Signing time: Sun 22 Feb 2026 00:40:09 +0000 ROA not before: Sun 22 Feb 2026 00:40:09 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:c8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:c4:ce:e0:72:b0:53:0d:d2:4f:ec:df:b4:e6:66:8e:fa:4f:29:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:40:09 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=d6b3fe6c6bd015f5d2f0f32729a0476255f8d98a6640e2a3c77493718e9cafc6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:d7:94:0c:46:55:2d:75:7d:bd:db:28:b2:e8: c0:2e:ed:45:55:c2:5e:d6:01:e9:ef:10:6e:9c:cb: 2c:3b:5c:fa:62:a0:e2:e0:4b:c4:8a:d0:c4:2e:d7: 2a:86:0a:55:bd:24:4f:27:54:bb:bb:89:90:b8:21: c8:2d:e5:09:01:b6:e2:b5:1c:d2:74:71:93:78:89: f1:80:56:81:67:f9:55:6e:3d:07:66:7e:d2:ab:55: c9:e0:29:92:59:09:b6:26:53:5f:52:be:45:4a:d5: 17:59:fb:27:94:ae:2f:70:60:09:80:d2:75:d1:4a: 9b:b3:71:68:99:e3:52:c3:81:df:ad:7d:16:3c:8a: a7:2a:13:ad:93:7b:05:7a:0c:dc:31:3d:45:3f:9b: 40:b9:bf:29:98:70:d5:b0:5e:be:17:48:27:31:42: 00:58:b9:3c:1c:f9:e4:f7:e1:97:31:5f:11:cc:01: 39:9f:ce:7b:12:96:c6:29:7a:6e:06:b7:92:10:0e: b5:bb:73:ac:f8:d3:3f:6a:6a:c9:f7:a6:be:c3:12: 08:81:1a:e2:c3:f5:9b:be:a7:8a:1d:1a:d9:d6:4a: 23:e7:cf:da:fe:ee:ca:dd:0b:a9:6a:0f:b0:b2:3b: c6:2c:f8:96:79:37:6f:cb:f3:a0:79:c3:4a:61:0d: d1:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:7F:A7:59:1F:57:0F:D0:53:F5:94:5B:A4:6A:D1:FC:D5:8E:BC:88 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d6a264a-aa2a-46c2-95e0-8711aa342743.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:c8c0::/48 Signature Algorithm: sha256WithRSAEncryption 93:a1:6a:25:f2:5d:c3:5e:09:9d:0d:1b:1e:57:81:27:1f:3c: 85:aa:2c:af:7d:ec:b4:4f:a8:10:8a:63:8b:08:08:12:3a:92: cf:5c:8a:40:d8:ca:69:97:fc:f9:a3:d7:4a:2f:c1:09:b8:a9: 7c:79:d0:da:52:ee:1c:10:cf:f7:90:95:ff:2c:55:35:7e:37: 44:35:e3:67:30:58:fd:96:bc:b3:4b:44:5e:79:14:a3:1e:2e: 87:50:39:33:83:9f:ec:82:9a:b5:17:08:a1:a3:4f:67:f7:77: c8:5f:82:5d:00:a0:31:1b:6d:65:36:09:fa:56:92:bf:44:b3: 0d:cd:39:b7:32:cc:49:59:1d:12:6a:68:a6:8b:0d:ce:a2:9f: 2d:a6:0d:25:1e:05:89:76:b1:77:44:1b:2d:92:22:3b:2a:c2: 16:86:2e:2b:c6:9b:7c:35:09:1d:95:63:87:30:38:2c:d2:ab: 42:a7:29:8b:07:9b:50:0d:69:21:ec:f6:8e:5c:7a:98:5a:57: 6e:71:c2:69:03:36:b6:c8:c6:95:9a:da:2f:8e:14:30:ed:f7: 6e:21:6c:ac:0b:61:5b:16:7e:71:19:93:38:5b:03:91:e0:23: 93:1b:15:e3:df:54:d1:a4:f0:08:dc:3d:9d:ed:9c:6c:e4:a8: 95:63:bf:53 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUDsTO4HKwUw3ST+zftOZmjvpPKd4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwNDAwOVoX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAZDZiM2ZlNmM2YmQwMTVmNWQyZjBm MzI3MjlhMDQ3NjI1NWY4ZDk4YTY2NDBlMmEzYzc3NDkzNzE4ZTljYWZjNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdeUDEZVLXV9vdsosujALu1FVcJe 1gHp7xBunMssO1z6YqDi4EvEitDELtcqhgpVvSRPJ1S7u4mQuCHILeUJAbbitRzS dHGTeInxgFaBZ/lVbj0HZn7Sq1XJ4CmSWQm2JlNfUr5FStUXWfsnlK4vcGAJgNJ1 0Uqbs3FomeNSw4HfrX0WPIqnKhOtk3sFegzcMT1FP5tAub8pmHDVsF6+F0gnMUIA WLk8HPnk9+GXMV8RzAE5n857EpbGKXpuBreSEA61u3Os+NM/amrJ96a+wxIIgRri w/WbvqeKHRrZ1koj58/a/u7K3Qupag+wsjvGLPiWeTdvy/OgecNKYQ3RxwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIx/p1kfVw/QU/WUW6Rq0fzVjryIMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRkNmEyNjRhLWFhMmEtNDZjMi05NWUwLTg3MTFhYTM0Mjc0My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaOMjAMA0GCSqGSIb3DQEBCwUAA4IBAQCToWol8l3DXgmdDRse V4EnHzyFqiyvfey0T6gQimOLCAgSOpLPXIpA2Mppl/z5o9dKL8EJuKl8edDaUu4c EM/3kJX/LFU1fjdENeNnMFj9lryzS0ReeRSjHi6HUDkzg5/sgpq1Fwiho09n93fI X4JdAKAxG21lNgn6VpK/RLMNzTm3MsxJWR0Samimiw3Oop8tpg0lHgWJdrF3RBst kiI7KsIWhi4rxpt8NQkdlWOHMDgs0qtCpymLB5tQDWkh7PaOXHqYWlduccJpAza2 yMaVmtovjhQw7fduIWysC2FbFn5xGZM4WwOR4COTGxXj31TRpPAI3D2d7Zxs5KiV Y79T -----END CERTIFICATE-----Generated at Mon Mar 2 01:42:51 2026 by rpki-client