$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/562ea526-d7fd-4f54-a7f1-2891e7003176.roa File: 562ea526-d7fd-4f54-a7f1-2891e7003176.roa (raw, json) Hash identifier: aT9IyOIaZyNQcTvv7rwbu+Ug3COD17kBNfPmyWaRvCM= Subject key identifier: 16:10:D9:98:32:22:A1:75:FC:0B:CE:18:DF:A9:C3:6E:03:A8:74:FF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4D73153E609E30EF04DBED2C15B95882C33EE636 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/562ea526-d7fd-4f54-a7f1-2891e7003176.roa Signing time: Fri 20 Feb 2026 00:01:16 +0000 ROA not before: Fri 20 Feb 2026 00:01:16 +0000 ROA not after: Thu 21 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:60a0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:73:15:3e:60:9e:30:ef:04:db:ed:2c:15:b9:58:82:c3:3e:e6:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 20 00:01:16 2026 GMT Not After : May 21 23:59:59 2026 GMT Subject: serialNumber=8551a646659fbefed6180ce0f7db19fadc062758f8f692d0a08d2bc872305636, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:3d:cc:7f:16:60:6d:b6:84:4e:27:e7:86:b0: b6:7f:0e:09:32:13:c0:e1:1f:48:9d:22:00:a2:40: 8c:6a:a6:db:d6:87:10:27:f2:7f:f9:33:f9:bd:36: 44:07:5f:96:67:20:f6:e6:bf:1d:68:47:b2:19:e0: 90:1d:da:5c:de:b7:01:af:cb:95:24:d8:0d:e2:9a: b3:3e:b5:14:ae:ed:25:5b:e8:0c:35:aa:9a:d6:0d: 25:54:19:01:43:45:63:a0:92:96:07:73:dd:e8:7d: 66:bd:49:49:b4:ff:bd:19:f2:bd:e1:6b:19:52:fc: f7:b4:c3:b1:64:83:b4:e7:31:22:43:89:8d:dd:e6: bb:8b:a5:93:00:49:79:bf:b0:da:69:51:5e:85:87: a2:c8:1d:8c:be:73:a8:2a:ae:38:94:87:f4:f1:46: 33:4f:61:79:98:55:65:23:ac:c4:0f:0b:f6:06:d4: eb:7f:3e:a2:ec:0a:e5:21:10:b7:77:c1:53:0e:05: dd:f9:48:7f:46:7e:42:da:98:c5:2d:43:37:11:1d: 51:33:8b:96:27:bb:72:de:1b:a0:c7:e6:7c:28:f5: ed:fd:6d:fe:77:05:ff:ea:12:ff:fe:3d:58:03:a5: 85:d6:f4:cb:7f:13:c8:09:1a:79:de:d4:fc:e7:46: b1:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:10:D9:98:32:22:A1:75:FC:0B:CE:18:DF:A9:C3:6E:03:A8:74:FF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/562ea526-d7fd-4f54-a7f1-2891e7003176.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:60a0::/48 Signature Algorithm: sha256WithRSAEncryption a1:f1:ae:ec:51:55:1e:8f:f7:75:4a:4a:57:8b:28:54:00:23: 10:36:b7:2a:46:21:89:85:67:7c:eb:3a:7c:9a:82:7a:39:48: 67:4d:55:bf:4f:6a:d7:cc:c3:a7:c9:ac:aa:eb:59:1e:58:4a: 62:94:46:c6:12:fd:63:60:fa:f2:1a:f0:2c:4f:37:1b:36:cf: e5:c6:1e:73:eb:b0:52:5d:1d:0a:d0:89:9e:d3:0b:76:54:70: d5:d6:76:e0:b3:ce:83:dd:58:0c:4d:b9:cd:08:f1:59:3b:35: 0e:3d:2c:d7:67:53:05:ef:fd:10:be:0c:37:96:b7:bf:80:b3: f7:ae:11:9d:dd:8a:bd:2d:06:21:da:49:7c:3d:bf:a3:56:91: b0:38:69:7e:32:50:28:7d:fe:ab:07:31:50:c8:cd:2c:26:29: fd:99:14:e2:cb:be:7b:9e:d9:f0:97:41:8b:f1:6a:55:f9:79: 2c:a8:ea:a1:77:fe:e3:7c:90:85:e0:1f:23:ea:60:19:cc:5f: 0c:75:ea:7c:b8:7d:cd:ff:82:36:b3:1c:0b:8d:fb:b6:5b:33: db:8b:e4:51:a7:b3:b6:67:6a:ab:44:5e:88:8c:7c:81:ea:3a: 0a:5a:3e:26:48:67:88:50:f6:93:71:fb:1e:78:1a:cf:b6:67: 81:94:b8:9f -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUTXMVPmCeMO8E2+0sFblYgsM+5jYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMDAwMDExNloX DTI2MDUyMTIzNTk1OVowejFJMEcGA1UEBRNAODU1MWE2NDY2NTlmYmVmZWQ2MTgw Y2UwZjdkYjE5ZmFkYzA2Mjc1OGY4ZjY5MmQwYTA4ZDJiYzg3MjMwNTYzNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqD3MfxZgbbaETifnhrC2fw4JMhPA 4R9InSIAokCMaqbb1ocQJ/J/+TP5vTZEB1+WZyD25r8daEeyGeCQHdpc3rcBr8uV JNgN4pqzPrUUru0lW+gMNaqa1g0lVBkBQ0VjoJKWB3Pd6H1mvUlJtP+9GfK94WsZ Uvz3tMOxZIO05zEiQ4mN3ea7i6WTAEl5v7DaaVFehYeiyB2MvnOoKq44lIf08UYz T2F5mFVlI6zEDwv2BtTrfz6i7ArlIRC3d8FTDgXd+Uh/Rn5C2pjFLUM3ER1RM4uW J7ty3hugx+Z8KPXt/W3+dwX/6hL//j1YA6WF1vTLfxPICRp53tT850axowIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBYQ2ZgyIqF1/AvOGN+pw24DqHT/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU2MmVhNTI2LWQ3ZmQtNGY1NC1hN2YxLTI4OTFlNzAwMzE3Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAGCgMA0GCSqGSIb3DQEBCwUAA4IBAQCh8a7sUVUej/d1SkpX iyhUACMQNrcqRiGJhWd86zp8moJ6OUhnTVW/T2rXzMOnyayq61keWEpilEbGEv1j YPryGvAsTzcbNs/lxh5z67BSXR0K0Ime0wt2VHDV1nbgs86D3VgMTbnNCPFZOzUO PSzXZ1MF7/0Qvgw3lre/gLP3rhGd3Yq9LQYh2kl8Pb+jVpGwOGl+MlAoff6rBzFQ yM0sJin9mRTiy757ntnwl0GL8WpV+XksqOqhd/7jfJCF4B8j6mAZzF8Mdep8uH3N /4I2sxwLjfu2WzPbi+RRp7O2Z2qrRF6IjHyB6joKWj4mSGeIUPaTcfseeBrPtmeB lLif -----END CERTIFICATE-----Generated at Sun Mar 1 23:49:10 2026 by rpki-client