$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5caef593-3e1a-4239-836f-142b22751593.roa File: 5caef593-3e1a-4239-836f-142b22751593.roa (raw, json) Hash identifier: IMi0EsOZQijSQxRuPRQF1EaDY52x3kLnXf1Y2XxsYB8= Subject key identifier: C1:86:04:1F:5E:F1:52:D7:C7:54:37:E4:43:50:C8:0B:E4:AF:AB:E5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7B784BBEF98A48E01B5440CCFFFCC5B5ECB3DC34 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5caef593-3e1a-4239-836f-142b22751593.roa Signing time: Sun 22 Feb 2026 00:10:04 +0000 ROA not before: Sun 22 Feb 2026 00:10:04 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:78:4b:be:f9:8a:48:e0:1b:54:40:cc:ff:fc:c5:b5:ec:b3:dc:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:10:04 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=f3092e994cab63b1242c6589928dac72063af32991e270f8efda6754368936d7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:11:31:67:95:96:e7:f4:4e:01:70:5e:cf:b4: cb:e1:3b:94:fd:5e:97:ad:85:54:38:3a:5a:0f:8b: be:cf:3e:80:8f:d5:ae:5f:6d:1d:87:74:7f:e7:08: b3:0d:d9:b3:6b:6d:fe:76:b9:e9:62:0a:98:3d:fd: 3c:9e:e2:6d:2e:d2:8f:aa:a9:e7:80:83:c0:7d:9a: c0:34:b1:e3:30:6a:c1:17:3a:5a:8a:40:00:55:67: 93:f8:d6:90:e9:36:33:00:01:8a:3b:ea:f4:bf:a5: 79:af:a3:31:23:d2:8c:16:83:b1:57:51:7e:01:0b: aa:43:ff:d0:84:f0:24:7f:49:fa:ee:6f:00:54:03: 02:27:53:e5:cc:e8:c5:6c:ab:d5:43:80:43:bb:68: d2:1d:9d:d4:e4:44:49:c2:3c:28:7a:ff:e8:d9:a4: 18:aa:76:86:ba:0e:43:d4:e2:ea:fe:78:41:5d:43: 45:33:ee:08:39:55:74:c2:7e:eb:29:92:e4:e5:06: dc:b0:97:8f:f0:36:74:62:af:0a:ae:44:4b:00:8d: db:72:90:00:2f:f0:30:77:25:73:a9:08:ea:a0:a3: 3f:b2:41:b4:7c:5b:de:d6:14:d3:87:f3:30:5e:6f: e6:89:91:31:b7:ff:fe:f2:37:54:35:f2:49:57:39: 9d:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:86:04:1F:5E:F1:52:D7:C7:54:37:E4:43:50:C8:0B:E4:AF:AB:E5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5caef593-3e1a-4239-836f-142b22751593.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:1000::/40 Signature Algorithm: sha256WithRSAEncryption 87:ea:b7:43:98:08:1d:d0:96:ed:c4:e8:92:43:04:8e:16:3f: bf:38:b6:bb:3d:29:60:ea:6e:1c:46:75:c8:d6:08:44:54:a4: df:ec:b9:d8:ab:f6:c5:50:57:2d:d8:94:94:4f:b3:45:19:f9: 93:34:ed:0a:fa:44:1c:7d:50:44:b2:23:83:0f:b6:06:2d:8f: 9a:ed:57:47:e6:9d:f7:4c:9b:aa:4f:4b:5c:4e:90:54:0e:79: 58:b4:ae:52:aa:7c:47:42:40:76:3a:08:f6:84:47:ac:db:16: 42:c7:59:f5:43:f8:53:4e:48:49:13:dd:36:60:0d:1d:a4:69: e5:4b:64:00:b6:23:7c:f3:24:a2:62:95:da:17:d4:13:32:51: db:0a:e6:fe:81:ea:19:a9:28:b2:a5:f1:3d:a4:36:7f:5c:3d: 63:6e:c4:b7:ce:b2:1c:37:11:1f:6c:b4:75:20:c9:13:6e:c6: 5e:66:6a:9a:85:ae:16:de:84:f4:e8:59:f0:2b:1d:f0:bc:31: 53:69:11:ca:b4:b9:05:83:e9:d2:f0:bc:95:cc:5c:05:fb:75: 92:af:32:0e:d5:13:26:90:32:91:0e:a3:9c:ca:5f:88:5f:fb: 9e:ec:16:ce:a3:89:5b:90:0a:4f:3a:3f:fd:3d:1d:7e:13:38: 60:e1:ab:da -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUe3hLvvmKSOAbVEDM//zFteyz3DQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMTAwNFoX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAZjMwOTJlOTk0Y2FiNjNiMTI0MmM2 NTg5OTI4ZGFjNzIwNjNhZjMyOTkxZTI3MGY4ZWZkYTY3NTQzNjg5MzZkNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRExZ5WW5/ROAXBez7TL4TuU/V6X rYVUODpaD4u+zz6Aj9WuX20dh3R/5wizDdmza23+drnpYgqYPf08nuJtLtKPqqnn gIPAfZrANLHjMGrBFzpaikAAVWeT+NaQ6TYzAAGKO+r0v6V5r6MxI9KMFoOxV1F+ AQuqQ//QhPAkf0n67m8AVAMCJ1PlzOjFbKvVQ4BDu2jSHZ3U5ERJwjwoev/o2aQY qnaGug5D1OLq/nhBXUNFM+4IOVV0wn7rKZLk5QbcsJeP8DZ0Yq8KrkRLAI3bcpAA L/AwdyVzqQjqoKM/skG0fFve1hTTh/MwXm/miZExt//+8jdUNfJJVzmdaQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMGGBB9e8VLXx1Q35ENQyAvkr6vlMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVjYWVmNTkzLTNlMWEtNDIzOS04MzZmLTE0MmIyMjc1MTU5My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauRAwDQYJKoZIhvcNAQELBQADggEBAIfqt0OYCB3Qlu3E6JJD BI4WP784trs9KWDqbhxGdcjWCERUpN/sudir9sVQVy3YlJRPs0UZ+ZM07Qr6RBx9 UESyI4MPtgYtj5rtV0fmnfdMm6pPS1xOkFQOeVi0rlKqfEdCQHY6CPaER6zbFkLH WfVD+FNOSEkT3TZgDR2kaeVLZAC2I3zzJKJildoX1BMyUdsK5v6B6hmpKLKl8T2k Nn9cPWNuxLfOshw3ER9stHUgyRNuxl5mapqFrhbehPToWfArHfC8MVNpEcq0uQWD 6dLwvJXMXAX7dZKvMg7VEyaQMpEOo5zKX4hf+57sFs6jiVuQCk86P/09HX4TOGDh q9o= -----END CERTIFICATE-----Generated at Sun Mar 1 23:53:48 2026 by rpki-client