$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d8399a4-56d7-47cd-a300-df287b4c76c9.roa File: 4d8399a4-56d7-47cd-a300-df287b4c76c9.roa (raw, json) Hash identifier: XOQf8jZJ+nf0D7ViT34w0t+oxVuSPTreAZ1hiNOLPi4= Subject key identifier: CD:59:4D:35:34:CA:A2:75:F6:90:F0:2D:E0:85:E3:55:A9:C5:1E:FE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 65ADA25CE74A212655E92BAD2CC1DE8D9E6FB62E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d8399a4-56d7-47cd-a300-df287b4c76c9.roa Signing time: Sun 22 Feb 2026 00:00:09 +0000 ROA not before: Sun 22 Feb 2026 00:00:09 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da36:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:ad:a2:5c:e7:4a:21:26:55:e9:2b:ad:2c:c1:de:8d:9e:6f:b6:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:00:09 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=4274fdb73dc2c9caf4dba05c01faf29053ffedde35c5e77df3b6dedc75221e1e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:b9:3a:e6:f0:29:c3:86:12:d0:04:9f:23:7f: 9f:b9:da:eb:69:55:4c:b9:af:86:9d:28:c8:89:e7: 73:d2:dd:4d:44:5e:5a:61:2b:8f:e3:4d:e9:19:4d: b5:df:a3:63:a8:b6:b9:00:0c:c0:30:dc:6e:fb:54: 6f:67:47:9b:62:68:fc:54:68:13:a2:0d:71:b5:44: 00:80:76:bf:2a:38:88:04:e8:d2:de:b3:8d:2e:0b: 1b:a5:15:e0:e0:77:5e:6d:4b:f7:80:34:53:d4:61: 9b:4a:1f:37:4d:54:9f:21:a8:db:22:54:40:79:27: d5:17:09:a6:82:ea:69:f3:18:68:76:9e:e4:79:f4: 3e:f5:e0:a6:73:0e:41:c5:ee:14:7f:65:4e:75:ab: 42:f5:c2:ec:b5:89:69:ae:b5:c1:56:3b:54:ec:7a: f2:ef:3f:87:fe:f9:b1:c1:b9:8e:d4:07:b4:ec:62: fa:8a:fb:76:0f:bb:25:b2:d5:c9:a4:fb:fc:fe:c1: 83:3d:18:e2:dd:bf:8b:b7:6c:48:cd:c2:2f:4c:5f: 3c:64:1d:fa:cd:f7:3c:75:6a:4b:bf:8d:01:54:ae: 9d:c6:a2:85:83:6e:70:d1:f7:7e:e8:4c:fe:d5:f8: 8c:77:37:65:49:4e:b7:0c:66:6d:3c:b4:91:4c:09: 23:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:59:4D:35:34:CA:A2:75:F6:90:F0:2D:E0:85:E3:55:A9:C5:1E:FE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d8399a4-56d7-47cd-a300-df287b4c76c9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da36:e000::/40 Signature Algorithm: sha256WithRSAEncryption c8:da:78:4e:0b:75:85:e8:f3:f7:0a:68:c3:89:7b:cc:53:fc: 1b:a8:b9:f0:ed:97:56:6c:6f:6c:44:f7:ef:b8:29:af:6a:6e: 63:51:4a:45:3c:a0:1b:b0:30:77:1c:f7:75:99:61:6c:b0:6f: 51:da:72:be:9b:e4:fb:5c:e2:63:fc:9f:4c:61:39:d8:b1:d6: 64:41:c3:c4:60:49:47:83:fd:44:72:9f:ec:5c:5c:8c:b0:cc: 94:0e:ad:f9:9a:1a:59:11:5e:52:24:a4:bc:56:98:ac:ce:fb: 76:cb:d5:63:b1:d9:f4:10:09:b2:5a:6c:74:68:df:03:04:c4: e8:a7:ce:b2:65:51:c4:37:f7:0e:49:56:70:1e:28:34:3d:3e: d6:55:80:7c:6a:35:2c:cf:6f:fc:05:c3:e1:c3:ab:dc:6e:58: 95:71:22:29:79:f0:64:b5:d5:17:af:ae:12:65:e1:4a:54:3c: b7:3f:52:3f:83:af:96:66:8f:a8:0d:b1:3e:a6:a1:ab:5a:af: 0d:7e:c4:cc:0f:e1:ea:7a:02:15:3e:f0:e4:00:65:51:93:98: 7c:9d:61:c5:ba:bf:96:03:e8:e5:2b:67:34:10:cc:4c:1e:56: 5a:b5:29:d1:eb:e4:e6:e3:0c:9f:62:98:cc:8d:ef:f1:27:a5: 23:4d:52:9c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZa2iXOdKISZV6SutLMHejZ5vti4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMDAwOVoX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNANDI3NGZkYjczZGMyYzljYWY0ZGJh MDVjMDFmYWYyOTA1M2ZmZWRkZTM1YzVlNzdkZjNiNmRlZGM3NTIyMWUxZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrk65vApw4YS0ASfI3+fudrraVVM ua+GnSjIiedz0t1NRF5aYSuP403pGU2136NjqLa5AAzAMNxu+1RvZ0ebYmj8VGgT og1xtUQAgHa/KjiIBOjS3rONLgsbpRXg4HdebUv3gDRT1GGbSh83TVSfIajbIlRA eSfVFwmmgupp8xhodp7kefQ+9eCmcw5Bxe4Uf2VOdatC9cLstYlprrXBVjtU7Hry 7z+H/vmxwbmO1Ae07GL6ivt2D7slstXJpPv8/sGDPRji3b+Lt2xIzcIvTF88ZB36 zfc8dWpLv40BVK6dxqKFg25w0fd+6Ez+1fiMdzdlSU63DGZtPLSRTAkjuQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFM1ZTTU0yqJ19pDwLeCF41WpxR7+MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRkODM5OWE0LTU2ZDctNDdjZC1hMzAwLWRmMjg3YjRjNzZjOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaNuAwDQYJKoZIhvcNAQELBQADggEBAMjaeE4LdYXo8/cKaMOJ e8xT/BuoufDtl1Zsb2xE9++4Ka9qbmNRSkU8oBuwMHcc93WZYWywb1Hacr6b5Ptc 4mP8n0xhOdix1mRBw8RgSUeD/URyn+xcXIywzJQOrfmaGlkRXlIkpLxWmKzO+3bL 1WOx2fQQCbJabHRo3wMExOinzrJlUcQ39w5JVnAeKDQ9PtZVgHxqNSzPb/wFw+HD q9xuWJVxIil58GS11RevrhJl4UpUPLc/Uj+Dr5Zmj6gNsT6moatarw1+xMwP4ep6 AhU+8OQAZVGTmHydYcW6v5YD6OUrZzQQzEweVlq1KdHr5ObjDJ9imMyN7/EnpSNN Upw= -----END CERTIFICATE-----Generated at Mon Mar 2 05:15:51 2026 by rpki-client