$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/524c65cc-d022-4b07-863e-495ad7b730c6.roa File: 524c65cc-d022-4b07-863e-495ad7b730c6.roa (raw, json) Hash identifier: VM/jaI7endWwneLVMSVBPAlEcB6pjBIkhTpRQVSAK1w= Subject key identifier: 00:C0:3C:0A:D2:FC:C2:96:B8:95:16:DE:40:EC:56:B3:5D:09:40:25 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1FA9C6B0DE5F7D92E316E05A5F4E1580E9DAA9B0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/524c65cc-d022-4b07-863e-495ad7b730c6.roa Signing time: Sun 22 Feb 2026 00:20:12 +0000 ROA not before: Sun 22 Feb 2026 00:20:12 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:a9:c6:b0:de:5f:7d:92:e3:16:e0:5a:5f:4e:15:80:e9:da:a9:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:20:12 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=622969a224402b48a8c40e0127522bce26da639ee9496bb6fd91413ea64669b5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:ec:b8:ad:9f:ed:ef:53:ab:3e:59:d3:b4:2d: 32:6a:2f:7f:59:72:4b:df:38:fa:9b:d1:bd:f7:19: 34:59:89:16:89:44:14:77:f1:71:e6:95:54:91:cc: 9d:fc:21:3b:56:c6:34:51:23:0b:96:07:5a:83:f3: 44:f5:8e:df:2c:c8:3c:74:94:31:b7:66:64:e4:6a: a5:57:a6:50:94:29:ad:7c:f3:e4:a4:bb:c3:c5:ee: a4:dc:1f:23:ef:01:8f:b5:44:9f:44:ca:aa:de:f1: f0:cc:c5:cd:f6:8e:26:03:cd:1e:1e:bd:fc:f5:fb: dc:41:8f:07:e9:6c:48:38:1f:2f:94:9a:74:35:46: df:6a:48:52:f0:87:c7:32:3b:94:29:35:26:ac:eb: 29:9c:00:ea:cc:c6:a0:c6:1d:eb:d0:2b:38:cc:87: 48:ea:08:94:00:8d:e4:21:1e:35:b2:d2:1e:3a:6c: 29:1e:fa:17:03:e5:25:59:b2:51:de:45:d0:f8:27: d1:59:71:e4:57:f2:1a:db:69:b9:53:49:f3:30:16: 5c:f7:cb:2b:d2:78:af:87:8d:bf:ac:bd:4f:92:ee: 8b:b3:99:9c:52:0e:5e:ca:66:32:19:87:9a:fe:a2: f7:11:40:be:72:86:45:22:bd:3b:ea:7a:49:33:b7: b3:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:C0:3C:0A:D2:FC:C2:96:B8:95:16:DE:40:EC:56:B3:5D:09:40:25 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/524c65cc-d022-4b07-863e-495ad7b730c6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:2800::/40 Signature Algorithm: sha256WithRSAEncryption c7:d5:14:54:c0:c8:2a:15:25:cc:a4:54:28:98:e3:06:ab:d6: 9d:fa:39:d7:fc:81:aa:6d:1f:f9:42:fa:12:d7:ac:85:94:f3: 54:aa:dc:ef:2e:b8:79:ea:df:53:d5:ba:fc:f8:36:f5:b3:e3: 64:62:b5:ca:1b:cf:ee:e4:72:9c:d6:66:ea:a9:cd:44:fc:68: c1:73:91:ca:f9:ef:8f:ed:21:8f:fc:5a:6c:6c:ea:38:37:88: 9d:b5:12:c5:b1:c0:ed:9b:c8:24:d6:cb:15:7d:83:ef:97:96: 12:b7:3d:30:38:f2:dd:54:e7:2b:46:d9:7e:d5:36:68:ef:8e: 85:07:88:fb:02:30:27:9e:79:be:ce:1e:42:40:f0:ad:e6:c7: 7d:db:ad:8d:31:fb:06:5f:f8:8c:0b:13:c9:2c:2b:0a:a7:f4: 2d:72:84:c6:79:c2:2e:e9:ce:98:fe:71:55:cc:81:c0:ff:e4: 29:00:ac:3a:7a:a2:5f:77:e1:68:52:2a:2f:57:69:8d:70:2b: eb:5f:5f:05:32:d8:65:e4:cd:ee:ea:cb:cd:46:6b:e5:3a:3b: b2:50:ab:79:a3:08:82:cb:19:71:4c:e6:be:ed:a7:8c:7c:f0: bc:c0:06:37:ed:d2:8d:e0:24:14:a8:e7:73:5d:af:ba:69:61: de:62:2a:29 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUH6nGsN5ffZLjFuBaX04VgOnaqbAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMjAxMloX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNANjIyOTY5YTIyNDQwMmI0OGE4YzQw ZTAxMjc1MjJiY2UyNmRhNjM5ZWU5NDk2YmI2ZmQ5MTQxM2VhNjQ2NjliNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+y4rZ/t71OrPlnTtC0yai9/WXJL 3zj6m9G99xk0WYkWiUQUd/Fx5pVUkcyd/CE7VsY0USMLlgdag/NE9Y7fLMg8dJQx t2Zk5GqlV6ZQlCmtfPPkpLvDxe6k3B8j7wGPtUSfRMqq3vHwzMXN9o4mA80eHr38 9fvcQY8H6WxIOB8vlJp0NUbfakhS8IfHMjuUKTUmrOspnADqzMagxh3r0Cs4zIdI 6giUAI3kIR41stIeOmwpHvoXA+UlWbJR3kXQ+CfRWXHkV/Ia22m5U0nzMBZc98sr 0nivh42/rL1Pku6Ls5mcUg5eymYyGYea/qL3EUC+coZFIr076npJM7ezVwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFADAPArS/MKWuJUW3kDsVrNdCUAlMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzUyNGM2NWNjLWQwMjItNGIwNy04NjNlLTQ5NWFkN2I3MzBjNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaCgwDQYJKoZIhvcNAQELBQADggEBAMfVFFTAyCoVJcykVCiY 4war1p36Odf8gaptH/lC+hLXrIWU81Sq3O8uuHnq31PVuvz4NvWz42Ritcobz+7k cpzWZuqpzUT8aMFzkcr574/tIY/8Wmxs6jg3iJ21EsWxwO2byCTWyxV9g++XlhK3 PTA48t1U5ytG2X7VNmjvjoUHiPsCMCeeeb7OHkJA8K3mx33brY0x+wZf+IwLE8ks Kwqn9C1yhMZ5wi7pzpj+cVXMgcD/5CkArDp6ol934WhSKi9XaY1wK+tfXwUy2GXk ze7qy81Ga+U6O7JQq3mjCILLGXFM5r7tp4x88LzABjft0o3gJBSo53Ndr7ppYd5i Kik= -----END CERTIFICATE-----Generated at Sun Mar 1 22:08:07 2026 by rpki-client