$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/652666fe-aad6-4cd8-8e35-91322c742337.roa File: 652666fe-aad6-4cd8-8e35-91322c742337.roa (raw, json) Hash identifier: GWl/w1vzryas/etYh9t6Ic7BQdhNFQQZdW0GJRESS54= Subject key identifier: 48:F8:94:98:69:80:6B:12:9F:B9:DB:A3:C3:7A:58:CD:FB:6F:62:6D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0420ACDF17AB5BD810A24C76A9404CEEC3C11FA8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/652666fe-aad6-4cd8-8e35-91322c742337.roa Signing time: Fri 20 Feb 2026 00:00:10 +0000 ROA not before: Fri 20 Feb 2026 00:00:10 +0000 ROA not after: Thu 21 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:9000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:20:ac:df:17:ab:5b:d8:10:a2:4c:76:a9:40:4c:ee:c3:c1:1f:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 20 00:00:10 2026 GMT Not After : May 21 23:59:59 2026 GMT Subject: serialNumber=65fecff25d46d0c1435f335ba9d985bfdef9b1fd865c53f73f7248f22968d0e5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:4b:32:47:8a:cb:e5:40:26:62:7f:16:ae:d9: f6:ba:a2:78:b4:96:63:e1:e4:32:d1:4d:89:51:8b: 64:f5:7d:ca:b9:e6:d5:82:b8:d8:cc:9b:a7:4c:96: e1:1a:48:ba:17:56:7e:17:5d:82:55:e5:09:29:9b: a9:c3:80:e4:17:10:7d:5e:e8:a9:13:a3:e4:d9:32: 0f:7e:fe:bf:6e:fb:d3:21:df:bf:9c:92:e6:cd:52: ec:08:58:8c:6e:c5:99:0f:81:35:2a:e5:45:15:03: 1f:e3:93:7a:89:9f:47:2f:73:aa:b6:16:e0:5e:df: 21:da:ee:cc:53:d1:e7:70:8c:b5:e1:f9:c1:b3:e2: 24:d9:55:d3:f0:f1:a4:4d:cf:cb:86:53:a3:36:79: 4e:3b:b1:7b:ef:fd:36:9b:63:01:8f:00:a3:08:91: c9:51:1f:0c:c2:38:c2:fe:bd:a4:7a:27:cd:9f:4d: 3e:f6:10:b4:53:7d:3d:1e:93:18:eb:66:a0:85:3e: fd:7c:0c:6b:60:53:58:a2:38:dc:0f:d3:67:1c:b9: e8:39:aa:5e:fc:04:7d:86:7d:f4:84:ad:13:d7:67: 23:05:c6:c0:ad:d2:43:00:cd:9f:31:16:63:e8:e2: cf:a1:49:ed:21:4c:08:66:f2:ef:e5:e9:2d:8b:27: 48:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:F8:94:98:69:80:6B:12:9F:B9:DB:A3:C3:7A:58:CD:FB:6F:62:6D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/652666fe-aad6-4cd8-8e35-91322c742337.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:9000::/40 Signature Algorithm: sha256WithRSAEncryption 41:af:dd:b6:56:30:dd:40:72:13:20:f8:e3:d3:62:1b:01:02: 3b:4b:98:e4:f1:be:af:7b:19:a5:79:b9:13:e2:fa:d9:2b:7b: 07:e8:f9:b0:0e:68:58:bc:65:ec:49:39:c8:05:c5:5a:36:68: 7f:13:7a:50:66:4f:09:39:25:06:3a:a1:fb:68:70:d3:68:71: b1:6c:a6:fe:f6:c2:9d:48:73:d8:ed:da:c2:8f:c6:8d:3e:bd: ee:a5:d2:35:93:75:bf:f7:75:b8:0d:fe:0f:6f:76:5a:21:c8: f9:4c:1a:07:97:3a:92:1c:0a:fd:e6:e2:df:83:5c:aa:cc:05: 17:f9:a6:d9:d3:34:93:5d:86:80:d8:98:b7:dd:86:c2:6d:c1: 66:22:71:2c:01:8b:84:57:ff:fe:35:c4:64:3f:a1:42:a2:c3: ce:64:e6:1a:49:bc:bb:0e:18:98:65:b3:40:8b:d9:0f:a5:68: 96:e5:a5:cb:ea:ec:67:8c:14:c9:0f:8d:74:ec:c7:2f:e5:ac: 3c:d0:86:f8:fa:3c:5d:11:a0:bc:bb:ad:6b:35:10:9e:2e:73: 57:9b:d7:89:c8:6e:1c:ff:0b:29:68:52:c3:8a:5e:94:82:03: 57:a6:39:11:87:a1:78:b6:cf:4f:ce:48:3f:25:20:26:74:c1: 60:f5:df:77 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBCCs3xerW9gQokx2qUBM7sPBH6gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMDAwMDAxMFoX DTI2MDUyMTIzNTk1OVowejFJMEcGA1UEBRNANjVmZWNmZjI1ZDQ2ZDBjMTQzNWYz MzViYTlkOTg1YmZkZWY5YjFmZDg2NWM1M2Y3M2Y3MjQ4ZjIyOTY4ZDBlNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsksyR4rL5UAmYn8Wrtn2uqJ4tJZj 4eQy0U2JUYtk9X3KuebVgrjYzJunTJbhGki6F1Z+F12CVeUJKZupw4DkFxB9Xuip E6Pk2TIPfv6/bvvTId+/nJLmzVLsCFiMbsWZD4E1KuVFFQMf45N6iZ9HL3Oqthbg Xt8h2u7MU9HncIy14fnBs+Ik2VXT8PGkTc/LhlOjNnlOO7F77/02m2MBjwCjCJHJ UR8MwjjC/r2keifNn00+9hC0U309HpMY62aghT79fAxrYFNYojjcD9NnHLnoOape /AR9hn30hK0T12cjBcbArdJDAM2fMRZj6OLPoUntIUwIZvLv5ektiydInwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFEj4lJhpgGsSn7nbo8N6WM37b2JtMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY1MjY2NmZlLWFhZDYtNGNkOC04ZTM1LTkxMzIyYzc0MjMzNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/5AwDQYJKoZIhvcNAQELBQADggEBAEGv3bZWMN1AchMg+OPT YhsBAjtLmOTxvq97GaV5uRPi+tkrewfo+bAOaFi8ZexJOcgFxVo2aH8TelBmTwk5 JQY6oftocNNocbFspv72wp1Ic9jt2sKPxo0+ve6l0jWTdb/3dbgN/g9vdlohyPlM GgeXOpIcCv3m4t+DXKrMBRf5ptnTNJNdhoDYmLfdhsJtwWYicSwBi4RX//41xGQ/ oUKiw85k5hpJvLsOGJhls0CL2Q+laJblpcvq7GeMFMkPjXTsxy/lrDzQhvj6PF0R oLy7rWs1EJ4uc1eb14nIbhz/CyloUsOKXpSCA1emORGHoXi2z0/OSD8lICZ0wWD1 33c= -----END CERTIFICATE-----Generated at Sun Mar 1 22:14:51 2026 by rpki-client