$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5421f030-bd8e-457e-b9e5-ffbc49afebe1.roa File: 5421f030-bd8e-457e-b9e5-ffbc49afebe1.roa (raw, json) Hash identifier: lulyQdSLRo4n60O9envbpxSnmGd8QnBpNALpxkTsQO4= Subject key identifier: C6:D0:34:C5:AE:CA:A7:75:60:7F:A7:97:00:FC:0F:5D:A9:43:1A:C7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0FB0F8F1BBFCA1CB6C36830566EEBD6163CA3B01 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5421f030-bd8e-457e-b9e5-ffbc49afebe1.roa Signing time: Sat 14 Feb 2026 00:00:06 +0000 ROA not before: Sat 14 Feb 2026 00:00:06 +0000 ROA not after: Fri 15 May 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2406:dab9:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:b0:f8:f1:bb:fc:a1:cb:6c:36:83:05:66:ee:bd:61:63:ca:3b:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 14 00:00:06 2026 GMT Not After : May 15 23:59:59 2026 GMT Subject: serialNumber=6dc4a38a32a098db0af1b517480194baffbb0b74d2e767aa75a85b962429f679, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:7f:fc:d4:c3:34:26:d9:5b:95:c5:23:f4:57: a4:24:cf:1d:48:6e:6a:64:1c:f6:76:68:42:f4:5b: b8:ed:c1:4a:ba:fa:20:ed:de:2d:cd:f4:ea:51:08: 99:a5:26:74:63:6c:93:60:a8:4e:c8:7b:89:85:2f: 92:9e:27:5d:ae:2c:3b:1a:0a:9b:7e:e7:54:54:bc: a0:21:da:dd:0b:29:a8:22:9d:3f:73:41:20:41:64: f4:a6:61:57:94:5f:97:7c:cc:a2:02:db:16:62:23: 1b:13:9d:5f:7f:0b:3f:cd:b1:98:ac:c5:eb:bc:39: 7c:24:a1:d8:ee:ba:45:28:71:35:d6:70:67:3a:0f: 71:f6:9f:5b:97:b0:ce:21:f3:07:11:5b:87:d9:28: 32:3e:9d:72:61:07:4e:42:e1:f1:cb:03:00:42:ad: e0:46:66:4c:d5:90:fb:18:ab:b2:87:10:80:83:85: a4:a6:49:48:c8:22:8b:af:16:59:8b:29:4a:df:d3: 16:58:91:89:5c:03:3d:96:8f:ac:a8:6a:36:dc:57: 94:df:ca:09:23:83:b6:0a:93:00:ee:9b:13:4b:97: 9b:32:c9:df:af:c5:11:16:a2:67:40:0b:c7:50:32: 5a:99:27:53:c9:bc:d8:16:73:d2:3d:f2:d6:92:8e: 1d:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:D0:34:C5:AE:CA:A7:75:60:7F:A7:97:00:FC:0F:5D:A9:43:1A:C7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5421f030-bd8e-457e-b9e5-ffbc49afebe1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:b000::/40 Signature Algorithm: sha256WithRSAEncryption 56:03:f3:b6:d8:7f:5f:f7:ea:bf:c1:40:89:4c:b8:38:91:5d: 78:8c:ab:6c:53:c9:92:97:76:d2:9c:16:82:05:33:80:43:7c: c1:3e:ca:fc:38:2e:ba:0c:43:23:20:98:be:2e:c9:d8:a2:d6: cb:98:bd:eb:0b:43:56:18:cb:34:45:38:f8:4f:57:2d:58:5e: cc:31:84:94:63:e9:04:84:fd:e5:b8:04:09:59:80:6d:56:e9: 6d:cf:34:6a:69:d2:81:0c:98:a6:b2:03:34:ce:5f:99:18:4e: 6e:e7:76:30:94:39:9c:ee:90:85:0d:6c:63:ca:d1:fd:bd:e7: e1:9b:72:43:6e:00:66:f8:4b:e1:c9:8b:ba:b2:8c:fa:33:c3: f8:59:08:85:07:70:c8:8e:5d:98:ec:1a:60:62:92:d2:63:ec: 62:bf:41:41:b6:37:30:80:fc:c7:eb:ce:af:fc:9a:44:83:eb: b0:86:a0:08:c8:91:45:9b:27:58:fb:24:da:ab:9c:a3:e5:7d: f0:63:48:0d:c8:f4:85:20:36:f7:c5:44:72:f4:30:7b:2f:65: 78:83:27:d7:c4:97:22:81:4c:0d:c3:c7:5c:1f:1a:1d:d3:6a: af:2a:d1:05:8a:fc:5f:8f:da:b3:52:fa:39:dc:54:c4:75:3d: ce:68:c4:ad -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUD7D48bv8octsNoMFZu69YWPKOwEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxNDAwMDAwNloX DTI2MDUxNTIzNTk1OVowejFJMEcGA1UEBRNANmRjNGEzOGEzMmEwOThkYjBhZjFi NTE3NDgwMTk0YmFmZmJiMGI3NGQyZTc2N2FhNzVhODViOTYyNDI5ZjY3OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArX/81MM0JtlblcUj9FekJM8dSG5q ZBz2dmhC9Fu47cFKuvog7d4tzfTqUQiZpSZ0Y2yTYKhOyHuJhS+Sniddriw7Ggqb fudUVLygIdrdCymoIp0/c0EgQWT0pmFXlF+XfMyiAtsWYiMbE51ffws/zbGYrMXr vDl8JKHY7rpFKHE11nBnOg9x9p9bl7DOIfMHEVuH2SgyPp1yYQdOQuHxywMAQq3g RmZM1ZD7GKuyhxCAg4WkpklIyCKLrxZZiylK39MWWJGJXAM9lo+sqGo23FeU38oJ I4O2CpMA7psTS5ebMsnfr8URFqJnQAvHUDJamSdTybzYFnPSPfLWko4dTwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMbQNMWuyqd1YH+nlwD8D12pQxrHMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU0MjFmMDMwLWJkOGUtNDU3ZS1iOWU1LWZmYmM0OWFmZWJlMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaubAwDQYJKoZIhvcNAQELBQADggEBAFYD87bYf1/36r/BQIlM uDiRXXiMq2xTyZKXdtKcFoIFM4BDfME+yvw4LroMQyMgmL4uydii1suYvesLQ1YY yzRFOPhPVy1YXswxhJRj6QSE/eW4BAlZgG1W6W3PNGpp0oEMmKayAzTOX5kYTm7n djCUOZzukIUNbGPK0f295+GbckNuAGb4S+HJi7qyjPozw/hZCIUHcMiOXZjsGmBi ktJj7GK/QUG2NzCA/Mfrzq/8mkSD67CGoAjIkUWbJ1j7JNqrnKPlffBjSA3I9IUg NvfFRHL0MHsvZXiDJ9fElyKBTA3Dx1wfGh3Taq8q0QWK/F+P2rNS+jncVMR1Pc5o xK0= -----END CERTIFICATE-----Generated at Sun Mar 1 21:56:07 2026 by rpki-client