$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d316ef2-56e4-4581-990e-015883180353.roa File: 5d316ef2-56e4-4581-990e-015883180353.roa (raw, json) Hash identifier: vq2yNYWXK4kq5RlwWWMPD8ySFijITsKvBSRZMsYuw5Y= Subject key identifier: 99:D4:41:3A:32:3B:78:DB:10:32:29:CD:3C:80:6C:77:82:84:75:11 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 653D5E633BFF510ADDAA7357144A071E8F90F6BB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d316ef2-56e4-4581-990e-015883180353.roa Signing time: Wed 11 Feb 2026 00:00:37 +0000 ROA not before: Wed 11 Feb 2026 00:00:37 +0000 ROA not after: Tue 12 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:3d:5e:63:3b:ff:51:0a:dd:aa:73:57:14:4a:07:1e:8f:90:f6:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 11 00:00:37 2026 GMT Not After : May 12 23:59:59 2026 GMT Subject: serialNumber=7b07205895dd3e18f334c8cf4e46295ddfe600c327a64dbee4c3d7bfeda908fd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:e8:58:2c:6a:ca:f3:be:d5:cd:6c:6f:98:9b: 92:53:0c:c9:b9:62:55:df:c6:b1:aa:01:15:34:d1: 6e:49:ac:b1:3f:66:3e:45:d1:91:c1:28:54:31:70: d2:48:a5:36:de:1c:0c:55:37:7c:e1:f1:6a:1c:74: b6:bb:05:b7:87:13:cf:04:52:51:73:95:04:71:39: e9:a1:d8:12:06:41:e7:92:05:21:86:0f:62:a3:0d: b0:e2:ba:2d:82:a4:8b:3a:f3:ac:38:d7:0b:ed:41: 5c:6d:2a:3c:8f:a8:ab:33:9b:50:61:4b:ac:29:15: 9d:17:ff:fd:22:0f:91:a3:41:f7:9d:50:31:0a:d3: 39:40:5d:c8:ee:27:c9:b6:5c:95:b1:6f:fd:d9:03: ef:6a:34:95:fc:15:0d:1a:98:00:9d:a3:8d:b6:6c: 13:69:90:f3:23:ba:a8:24:9f:28:3c:57:20:9d:33: 7e:b3:04:f3:02:20:cb:fb:95:ba:55:9e:e8:1e:f2: a5:f9:64:1e:15:54:87:39:10:74:31:f3:b2:25:11: 4f:3b:ec:79:3d:cb:a4:91:52:d5:a0:35:52:57:a1: e8:3c:bf:50:39:ec:8a:d4:e8:8a:ad:05:6d:28:4c: 60:78:c2:75:6d:db:12:63:48:d0:e2:39:d6:e6:80: f6:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:D4:41:3A:32:3B:78:DB:10:32:29:CD:3C:80:6C:77:82:84:75:11 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d316ef2-56e4-4581-990e-015883180353.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:4000::/40 Signature Algorithm: sha256WithRSAEncryption 0f:e7:57:85:3c:dd:ef:8c:f0:dc:c3:c8:32:49:3f:59:9c:57: 38:86:c6:94:02:44:01:8d:e2:e7:07:ce:d3:35:58:64:70:6c: 57:55:f6:cf:de:bc:59:a0:78:04:64:2e:6d:ee:62:25:57:dc: 6d:72:4e:5c:74:c0:22:18:b6:38:e5:51:59:e1:64:a6:15:86: 5a:dd:5b:be:7c:93:3c:fc:e1:85:12:0f:1f:73:ae:8b:cc:c1: 13:4b:de:a1:f9:d4:f8:c3:42:2a:c9:0f:52:ba:47:1f:46:ae: f6:9d:78:73:19:37:ed:6b:4d:31:8e:72:5d:85:53:85:60:ab: 8d:c1:12:3f:69:a0:90:fe:cd:f2:9d:25:13:56:86:65:25:6b: 4f:e6:90:5b:cf:e1:3d:80:2b:8b:3f:e8:1b:99:b3:d6:3a:3f: 5f:47:eb:9b:b9:40:94:e8:d8:0e:16:2d:99:68:9e:2e:1f:9b: 50:94:36:5e:17:4d:07:20:7c:ee:de:15:17:62:b3:34:e6:d8: 05:09:20:08:16:14:e8:88:e4:bb:84:05:b6:d4:9a:3d:81:50: e6:96:ea:48:1f:bc:f9:37:d9:5c:25:9a:68:cd:72:43:5f:05: 97:0f:59:c1:62:cd:2b:96:fc:ab:91:35:51:d5:9c:3b:f8:35: 7c:df:f4:0b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZT1eYzv/UQrdqnNXFEoHHo+Q9rswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxMTAwMDAzN1oX DTI2MDUxMjIzNTk1OVowejFJMEcGA1UEBRNAN2IwNzIwNTg5NWRkM2UxOGYzMzRj OGNmNGU0NjI5NWRkZmU2MDBjMzI3YTY0ZGJlZTRjM2Q3YmZlZGE5MDhmZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwehYLGrK877VzWxvmJuSUwzJuWJV 38axqgEVNNFuSayxP2Y+RdGRwShUMXDSSKU23hwMVTd84fFqHHS2uwW3hxPPBFJR c5UEcTnpodgSBkHnkgUhhg9iow2w4rotgqSLOvOsONcL7UFcbSo8j6irM5tQYUus KRWdF//9Ig+Ro0H3nVAxCtM5QF3I7ifJtlyVsW/92QPvajSV/BUNGpgAnaONtmwT aZDzI7qoJJ8oPFcgnTN+swTzAiDL+5W6VZ7oHvKl+WQeFVSHORB0MfOyJRFPO+x5 PcukkVLVoDVSV6HoPL9QOeyK1OiKrQVtKExgeMJ1bdsSY0jQ4jnW5oD28wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJnUQToyO3jbEDIpzTyAbHeChHURMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVkMzE2ZWYyLTU2ZTQtNDU4MS05OTBlLTAxNTg4MzE4MDM1My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba80AwDQYJKoZIhvcNAQELBQADggEBAA/nV4U83e+M8NzDyDJJ P1mcVziGxpQCRAGN4ucHztM1WGRwbFdV9s/evFmgeARkLm3uYiVX3G1yTlx0wCIY tjjlUVnhZKYVhlrdW758kzz84YUSDx9zrovMwRNL3qH51PjDQirJD1K6Rx9Grvad eHMZN+1rTTGOcl2FU4Vgq43BEj9poJD+zfKdJRNWhmUla0/mkFvP4T2AK4s/6BuZ s9Y6P19H65u5QJTo2A4WLZloni4fm1CUNl4XTQcgfO7eFRdiszTm2AUJIAgWFOiI 5LuEBbbUmj2BUOaW6kgfvPk32VwlmmjNckNfBZcPWcFizSuW/KuRNVHVnDv4NXzf 9As= -----END CERTIFICATE-----Generated at Mon Mar 2 05:36:23 2026 by rpki-client