$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4f94d4be-2864-45c5-a16e-6384684a8060.roa File: 4f94d4be-2864-45c5-a16e-6384684a8060.roa (raw, json) Hash identifier: e0sWuFJHPjZ+/+IaGex2Rik8sppEzIUaQitRpFesnas= Subject key identifier: 73:DE:FA:71:F2:F8:F8:34:9C:62:A5:68:D0:94:EF:6D:EE:07:56:18 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5A3C93CC7C3A38351CF7B6C9511E2052ACD5D680 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4f94d4be-2864-45c5-a16e-6384684a8060.roa Signing time: Sun 22 Feb 2026 00:10:43 +0000 ROA not before: Sun 22 Feb 2026 00:10:43 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da16:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:3c:93:cc:7c:3a:38:35:1c:f7:b6:c9:51:1e:20:52:ac:d5:d6:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:10:43 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=6f421716d0a0f8196d944f4707cb1d571e560fe822cdacd0695176ed727eb945, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:d7:f5:6e:ec:5b:71:75:18:0d:71:14:35:5d: 0e:75:73:1e:1e:58:9c:6e:2b:8b:67:c5:cf:2b:ae: 80:a3:eb:b8:49:5f:42:42:c7:92:64:cd:99:65:7e: 4e:59:53:e7:ba:e6:75:ce:84:24:43:c0:82:0b:c8: da:1d:27:a3:fb:79:d4:12:9a:9f:10:a2:e9:b9:21: c8:b3:34:b4:ef:f7:01:f2:eb:8c:56:b1:44:5f:ba: de:0c:e0:30:00:e7:93:dc:e2:09:a9:a0:4a:50:8c: c9:58:9f:98:50:fa:e2:71:62:2c:65:57:2c:07:16: fe:aa:12:58:5d:50:f7:e9:bd:8b:4e:5e:aa:87:6d: 1a:4a:a7:f3:5e:f6:73:51:df:03:db:39:eb:ec:74: 79:6d:5f:4e:2c:32:97:11:e9:75:90:9e:a9:e5:a2: 1e:9e:a0:e3:7a:40:6b:1e:2d:ad:60:fa:1c:35:a6: e4:6d:1e:d6:d2:2a:c1:82:57:e3:0c:78:92:b0:a4: 21:3b:5c:cf:5c:8b:52:35:b6:92:7d:26:cf:4e:23: 76:3b:d2:93:cb:8a:db:b7:60:c2:bf:a0:76:62:ef: 5a:77:21:22:00:ec:44:6c:85:b7:b9:63:80:bb:7f: 1e:7c:b4:15:ea:f4:b6:6d:ea:85:ea:ef:68:5e:00: f5:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:DE:FA:71:F2:F8:F8:34:9C:62:A5:68:D0:94:EF:6D:EE:07:56:18 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4f94d4be-2864-45c5-a16e-6384684a8060.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da16:400::/38 Signature Algorithm: sha256WithRSAEncryption 1e:0e:8b:96:0c:35:00:05:a9:dc:de:b1:28:b2:3b:bb:43:4a: f0:ac:26:9f:66:0b:50:61:54:a1:5d:c7:77:30:0d:b6:15:38: 58:5a:b9:27:32:e5:f1:31:b4:04:80:e5:de:e6:e1:29:14:27: 37:82:93:2e:b4:c0:eb:99:4e:b8:bd:79:ec:43:e9:34:8f:2d: 89:39:3d:5d:ce:eb:fc:e6:02:7b:af:7f:d2:c6:41:12:35:f1: bb:e2:c2:c7:69:f5:a6:b0:ef:ef:1b:80:5b:7d:f7:bb:71:64: cd:a5:7d:bd:27:70:59:2a:6a:20:cf:33:b1:1f:36:1c:12:a2: 37:3e:88:45:f3:38:d6:9f:c7:c2:b8:ab:db:13:9b:df:62:65: 2a:cc:85:b9:8e:34:5d:e3:4e:86:8b:b3:01:d8:ed:05:de:e9: d4:2f:ee:4d:9d:0b:69:ff:b4:d9:6a:de:fe:d8:31:27:8b:7f: f1:fd:5a:3a:0d:ef:93:4f:9b:8e:23:5e:4f:00:2c:2b:ed:f4: 15:19:81:5d:ee:da:94:f7:53:c9:53:2e:ed:4e:57:2f:44:d2: 67:1b:80:68:73:6b:da:25:2b:05:b8:8b:8a:a8:70:25:79:5e: 2c:79:d6:0b:de:a5:b8:da:ef:8c:d5:14:5e:13:10:2e:2c:33: 6a:27:63:3f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWjyTzHw6ODUc97bJUR4gUqzV1oAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMTA0M1oX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNANmY0MjE3MTZkMGEwZjgxOTZkOTQ0 ZjQ3MDdjYjFkNTcxZTU2MGZlODIyY2RhY2QwNjk1MTc2ZWQ3MjdlYjk0NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNf1buxbcXUYDXEUNV0OdXMeHlic biuLZ8XPK66Ao+u4SV9CQseSZM2ZZX5OWVPnuuZ1zoQkQ8CCC8jaHSej+3nUEpqf EKLpuSHIszS07/cB8uuMVrFEX7reDOAwAOeT3OIJqaBKUIzJWJ+YUPricWIsZVcs Bxb+qhJYXVD36b2LTl6qh20aSqfzXvZzUd8D2znr7HR5bV9OLDKXEel1kJ6p5aIe nqDjekBrHi2tYPocNabkbR7W0irBglfjDHiSsKQhO1zPXItSNbaSfSbPTiN2O9KT y4rbt2DCv6B2Yu9adyEiAOxEbIW3uWOAu38efLQV6vS2beqF6u9oXgD1ewIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHPe+nHy+Pg0nGKlaNCU723uB1YYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRmOTRkNGJlLTI4NjQtNDVjNS1hMTZlLTYzODQ2ODRhODA2MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaFgQwDQYJKoZIhvcNAQELBQADggEBAB4Oi5YMNQAFqdzesSiy O7tDSvCsJp9mC1BhVKFdx3cwDbYVOFhauScy5fExtASA5d7m4SkUJzeCky60wOuZ Tri9eexD6TSPLYk5PV3O6/zmAnuvf9LGQRI18bviwsdp9aaw7+8bgFt997txZM2l fb0ncFkqaiDPM7EfNhwSojc+iEXzONafx8K4q9sTm99iZSrMhbmONF3jToaLswHY 7QXe6dQv7k2dC2n/tNlq3v7YMSeLf/H9WjoN75NPm44jXk8ALCvt9BUZgV3u2pT3 U8lTLu1OVy9E0mcbgGhza9olKwW4i4qocCV5Xix51gvepbja74zVFF4TEC4sM2on Yz8= -----END CERTIFICATE-----Generated at Sun Mar 1 22:14:16 2026 by rpki-client