$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/52887821-8ea1-4c00-aade-d864665119f4.roa File: 52887821-8ea1-4c00-aade-d864665119f4.roa (raw, json) Hash identifier: pRMJmbgYqbYUEkj1zvJDljq9zZwhxH0jb6cBUq8X+lk= Subject key identifier: 40:8C:25:03:B7:24:03:BE:85:C3:51:5F:CD:8F:6F:99:82:E8:74:0E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 060C9E679FBEAF05097F8F1958E70558CB7D4251 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/52887821-8ea1-4c00-aade-d864665119f4.roa Signing time: Sun 22 Feb 2026 00:21:14 +0000 ROA not before: Sun 22 Feb 2026 00:21:14 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da11:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:0c:9e:67:9f:be:af:05:09:7f:8f:19:58:e7:05:58:cb:7d:42:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:21:14 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=8ad864af130f32eb6ec0fc54d3ac7196a164303d4aae16ee9152dc2feaa0d245, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:a1:7c:94:26:d3:b2:7a:dd:5c:fe:67:b4:4a: 44:e6:4a:f8:8a:d4:f4:92:4d:ef:37:97:c8:ec:ed: 27:00:76:cb:6e:5a:b3:ca:39:a1:71:cc:75:a7:fe: 2e:9f:ae:6a:8b:57:48:bb:19:09:f1:d9:57:81:76: b5:f2:8b:50:5b:9f:17:ab:56:4d:b5:34:a7:b7:0d: 67:fb:b2:5b:24:3d:90:02:a5:92:73:4a:22:5c:59: 72:07:60:1c:75:ce:79:ee:21:5d:44:c0:d2:26:e0: 4d:36:06:3d:97:1a:0a:0d:ff:20:49:10:cc:61:63: 61:57:7f:79:6a:f8:4e:9d:8e:36:31:c4:a1:9b:1d: 42:78:a0:28:ac:b5:07:1a:b8:c3:96:01:62:05:e3: 4f:2b:50:69:08:22:41:40:ed:f8:f9:0a:51:26:ef: c6:fa:0f:49:25:d0:5a:4e:cb:c0:aa:a5:90:e5:a5: ad:34:7e:e9:0c:87:11:a8:e4:33:e3:25:8f:08:49: 5d:5c:80:b8:3d:f4:24:cf:03:68:10:73:f1:0b:2f: e5:1f:ed:18:b5:77:28:b0:da:5d:9d:2c:5d:a6:99: 88:70:d6:8f:85:72:61:bf:65:86:20:30:7b:c7:d2: 7c:63:b5:c6:15:6a:b1:81:c5:56:ae:56:81:ad:d9: d8:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:8C:25:03:B7:24:03:BE:85:C3:51:5F:CD:8F:6F:99:82:E8:74:0E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/52887821-8ea1-4c00-aade-d864665119f4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da11:400::/38 Signature Algorithm: sha256WithRSAEncryption 3f:03:57:20:f2:73:32:4c:c0:8a:0d:23:6a:6b:39:f3:da:04: 12:b8:ad:43:f1:5c:a1:8d:c9:62:81:bd:3b:2f:56:02:a2:fa: f5:8f:b3:dc:c4:ed:58:11:b1:b5:85:b0:97:4b:26:4e:c1:3f: b0:4c:c1:bd:9c:70:30:e5:cb:27:5c:42:d8:55:f1:15:60:1a: 21:ed:62:2d:c5:d4:70:4d:49:57:cd:13:6e:b5:2a:96:11:30: 6d:8d:32:c9:35:7f:1b:81:d9:93:81:59:82:45:69:cc:d5:0c: 20:c2:a2:38:07:18:41:38:f7:d2:22:42:00:71:7e:9d:ce:e8: c4:f5:cf:f4:48:8e:27:b3:88:9f:30:2e:2a:a9:f9:43:d5:ed: f9:ad:ed:13:bb:f7:6d:4e:2b:2e:e0:49:29:04:ad:d3:79:45: d4:68:bf:db:49:5d:b1:69:75:f5:da:03:07:9c:bd:91:c9:a8: 67:1b:9f:16:7a:e7:7f:45:dc:58:3d:a0:8d:ad:a7:a2:eb:e5: 0f:c7:8c:2d:f3:f1:c7:cc:28:e2:0b:b8:54:74:18:8b:ce:20: 05:43:be:45:2e:bd:1c:7e:62:9e:95:ea:a8:bc:26:a8:29:c2: 17:a7:87:cc:56:f6:ed:a9:61:21:d3:0a:55:e5:89:fc:d0:38: 6c:28:b2:60 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBgyeZ5++rwUJf48ZWOcFWMt9QlEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMjExNFoX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAOGFkODY0YWYxMzBmMzJlYjZlYzBm YzU0ZDNhYzcxOTZhMTY0MzAzZDRhYWUxNmVlOTE1MmRjMmZlYWEwZDI0NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqF8lCbTsnrdXP5ntEpE5kr4itT0 kk3vN5fI7O0nAHbLblqzyjmhccx1p/4un65qi1dIuxkJ8dlXgXa18otQW58Xq1ZN tTSntw1n+7JbJD2QAqWSc0oiXFlyB2Acdc557iFdRMDSJuBNNgY9lxoKDf8gSRDM YWNhV395avhOnY42McShmx1CeKAorLUHGrjDlgFiBeNPK1BpCCJBQO34+QpRJu/G +g9JJdBaTsvAqqWQ5aWtNH7pDIcRqOQz4yWPCEldXIC4PfQkzwNoEHPxCy/lH+0Y tXcosNpdnSxdppmIcNaPhXJhv2WGIDB7x9J8Y7XGFWqxgcVWrlaBrdnYrQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFECMJQO3JAO+hcNRX82Pb5mC6HQOMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzUyODg3ODIxLThlYTEtNGMwMC1hYWRlLWQ4NjQ2NjUxMTlmNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaEQQwDQYJKoZIhvcNAQELBQADggEBAD8DVyDyczJMwIoNI2pr OfPaBBK4rUPxXKGNyWKBvTsvVgKi+vWPs9zE7VgRsbWFsJdLJk7BP7BMwb2ccDDl yydcQthV8RVgGiHtYi3F1HBNSVfNE261KpYRMG2NMsk1fxuB2ZOBWYJFaczVDCDC ojgHGEE499IiQgBxfp3O6MT1z/RIjieziJ8wLiqp+UPV7fmt7RO7921OKy7gSSkE rdN5RdRov9tJXbFpdfXaAwecvZHJqGcbnxZ6539F3Fg9oI2tp6Lr5Q/HjC3z8cfM KOILuFR0GIvOIAVDvkUuvRx+Yp6V6qi8Jqgpwhenh8xW9u2pYSHTClXlifzQOGwo smA= -----END CERTIFICATE-----Generated at Sun Mar 1 23:58:02 2026 by rpki-client