$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e9beec2-4dab-4f31-b0cb-ad6a3a5761b2.roa File: 4e9beec2-4dab-4f31-b0cb-ad6a3a5761b2.roa (raw, json) Hash identifier: 4GZ1Tp3jEtefecn+fyNYr+qxfTFiThKFXaoZ+PYDgD8= Subject key identifier: 0B:21:F7:B1:25:26:69:00:9C:14:47:EE:DD:4C:0E:B0:A9:BC:BB:B0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3159ED23733C8EE7D9ED7AD1E8F4F1E2C7675EFA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e9beec2-4dab-4f31-b0cb-ad6a3a5761b2.roa Signing time: Tue 24 Feb 2026 00:10:07 +0000 ROA not before: Tue 24 Feb 2026 00:10:07 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafa:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:59:ed:23:73:3c:8e:e7:d9:ed:7a:d1:e8:f4:f1:e2:c7:67:5e:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 24 00:10:07 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=68574b960f7950bbf705f7850a248f74c226a5ccd611f9aa587b850c62f31f65, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:8b:36:2f:81:fa:5d:6a:1d:dd:d0:33:3d:f6: 2f:75:a6:a5:36:e3:2f:c2:64:15:95:53:4f:ca:4b: 26:a6:89:2d:4e:5a:c2:f3:ed:ce:d2:bb:05:97:a0: 07:2a:cb:e7:d0:18:4c:8f:87:cf:ba:94:3e:63:c9: 78:b1:b1:36:46:a5:ee:69:b3:21:7b:12:71:4c:90: 6c:d6:55:f3:71:bf:00:70:6a:93:05:00:80:71:c9: bc:1f:5a:fc:b4:15:07:b0:b4:04:e3:56:ce:a9:1e: 30:d6:a5:8f:49:df:11:89:12:ca:b4:95:77:ad:5c: 60:14:1f:0b:ea:59:70:a0:65:96:c8:83:a9:2b:f6: 1e:39:dd:45:4d:31:03:bd:a2:9c:e7:e2:9a:ef:4a: 7e:fc:b1:76:bb:21:0c:c7:d3:96:7b:4b:2c:8b:98: 69:02:22:aa:e5:89:64:06:4e:ef:71:a6:04:0e:66: 68:92:ca:fe:b5:6d:e5:8f:5e:b4:90:05:90:97:78: c0:01:f9:bf:e9:05:95:41:90:f4:94:d9:2a:87:2f: 84:51:ac:64:1a:87:bd:b2:ca:5d:29:6f:c5:00:15: 2c:2b:ba:5d:e5:a3:71:6c:29:81:5c:65:9e:6d:1b: 8a:81:4b:17:5a:51:dc:34:d4:52:6f:3d:aa:47:3d: a3:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:21:F7:B1:25:26:69:00:9C:14:47:EE:DD:4C:0E:B0:A9:BC:BB:B0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e9beec2-4dab-4f31-b0cb-ad6a3a5761b2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafa:c000::/40 Signature Algorithm: sha256WithRSAEncryption 0b:1d:56:ed:ca:cd:aa:bc:18:ab:50:f7:e9:ad:32:41:5a:07: 91:fd:e4:61:c9:51:79:8c:c7:05:37:0e:ad:f8:cf:d1:6b:fa: 54:64:a8:4b:66:c4:da:5f:fb:c9:d2:a3:dc:80:c9:96:73:e8: bf:87:ec:67:4c:33:47:eb:bf:7a:29:26:db:03:2c:5a:0f:f3: 13:e0:b7:6b:f8:69:0d:ea:39:59:5d:a0:e1:8c:88:bc:5a:66: 18:ae:49:09:76:22:84:18:c2:74:21:7f:77:3d:30:8a:6f:28: 13:e5:27:2d:c6:8e:b6:22:f9:66:7b:ad:25:94:21:09:91:58: 0b:a6:62:30:a0:73:bf:b8:82:96:2b:97:ce:d2:0e:28:3d:1c: 6e:ba:77:5a:06:57:bf:a6:1d:d9:bc:7f:01:3e:9a:63:f6:ba: 1a:2f:4a:64:7e:69:73:50:7c:22:2f:93:46:68:ee:d1:99:bf: 8b:12:5d:5c:2d:cd:46:09:ed:f7:f6:4d:91:72:55:0a:d5:8e: 21:e4:8b:5e:da:7a:62:27:20:49:ff:1d:e2:fa:f1:b8:85:3f: cd:73:05:dd:bf:94:24:ac:ab:dc:6b:d3:02:6e:5e:e8:b6:f1: 14:24:02:99:a3:bb:40:4d:27:7e:bf:18:a9:02:02:dc:1d:3a: 6d:18:1a:f6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUMVntI3M8jufZ7XrR6PTx4sdnXvowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyNDAwMTAwN1oX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNANjg1NzRiOTYwZjc5NTBiYmY3MDVm Nzg1MGEyNDhmNzRjMjI2YTVjY2Q2MTFmOWFhNTg3Yjg1MGM2MmYzMWY2NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4s2L4H6XWod3dAzPfYvdaalNuMv wmQVlVNPyksmpoktTlrC8+3O0rsFl6AHKsvn0BhMj4fPupQ+Y8l4sbE2RqXuabMh exJxTJBs1lXzcb8AcGqTBQCAccm8H1r8tBUHsLQE41bOqR4w1qWPSd8RiRLKtJV3 rVxgFB8L6llwoGWWyIOpK/YeOd1FTTEDvaKc5+Ka70p+/LF2uyEMx9OWe0ssi5hp AiKq5YlkBk7vcaYEDmZoksr+tW3lj160kAWQl3jAAfm/6QWVQZD0lNkqhy+EUaxk Goe9sspdKW/FABUsK7pd5aNxbCmBXGWebRuKgUsXWlHcNNRSbz2qRz2jowIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAsh97ElJmkAnBRH7t1MDrCpvLuwMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRlOWJlZWMyLTRkYWItNGYzMS1iMGNiLWFkNmEzYTU3NjFiMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+sAwDQYJKoZIhvcNAQELBQADggEBAAsdVu3Kzaq8GKtQ9+mt MkFaB5H95GHJUXmMxwU3Dq34z9Fr+lRkqEtmxNpf+8nSo9yAyZZz6L+H7GdMM0fr v3opJtsDLFoP8xPgt2v4aQ3qOVldoOGMiLxaZhiuSQl2IoQYwnQhf3c9MIpvKBPl Jy3GjrYi+WZ7rSWUIQmRWAumYjCgc7+4gpYrl87SDig9HG66d1oGV7+mHdm8fwE+ mmP2uhovSmR+aXNQfCIvk0Zo7tGZv4sSXVwtzUYJ7ff2TZFyVQrVjiHki17aemIn IEn/HeL68biFP81zBd2/lCSsq9xr0wJuXui28RQkApmju0BNJ36/GKkCAtwdOm0Y GvY= -----END CERTIFICATE-----Generated at Mon Mar 2 04:51:21 2026 by rpki-client