$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/66d9e388-aa28-4860-9a9f-792c475c3583.roa File: 66d9e388-aa28-4860-9a9f-792c475c3583.roa (raw, json) Hash identifier: CK79CTVleknDl8DNTeigFr+w8pWICDKErd+zu2TcDg8= Subject key identifier: 07:6B:AA:05:0D:50:AF:5C:8A:64:6B:CB:AF:ED:4A:DB:64:21:A8:D4 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4363CB4C006C2C2CC085F5DC8DAD385BE12D9C4E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/66d9e388-aa28-4860-9a9f-792c475c3583.roa Signing time: Wed 11 Feb 2026 00:21:04 +0000 ROA not before: Wed 11 Feb 2026 00:21:04 +0000 ROA not after: Tue 12 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:c080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:63:cb:4c:00:6c:2c:2c:c0:85:f5:dc:8d:ad:38:5b:e1:2d:9c:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 11 00:21:04 2026 GMT Not After : May 12 23:59:59 2026 GMT Subject: serialNumber=81d8eb3b5820814c3fee3e1509ea0d11d446c1647045cdef03d2472d214d29a4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:90:b6:bd:c7:af:c6:f2:b1:7a:b5:d6:62:76: 0f:f3:8f:f2:06:bd:0f:be:2c:d6:86:8e:ff:3a:98: c8:e5:07:1c:5c:c4:5e:ef:e1:89:fb:8e:45:b1:35: 19:af:88:b7:64:9d:dd:e5:3c:e9:72:13:c3:f1:31: 68:fd:fb:b8:88:81:6b:16:6f:94:da:d9:e7:22:eb: b3:bd:e5:c4:4f:c0:65:74:46:fb:0a:8a:45:c5:e8: 81:0b:40:6e:61:fb:b0:79:68:85:77:3d:a5:e1:da: 5c:61:63:73:83:b3:ce:6f:6c:5d:13:ae:f7:9b:8f: a4:16:43:20:ff:d8:4f:d4:cc:db:ec:48:44:a3:c2: ec:e1:b8:57:72:b2:9d:ec:08:09:de:82:fb:06:81: 11:d9:32:1e:ec:45:5b:32:b1:45:db:5c:c9:37:cb: 68:d0:ba:34:65:1d:02:43:53:d7:74:fc:c3:f3:3d: f4:58:9f:f3:87:15:e5:f3:da:53:c2:80:07:51:f8: 35:a7:77:34:c6:29:1e:5f:fa:b8:6a:e3:d0:a9:0a: 0d:29:11:18:c8:ae:4c:ec:a3:7d:ae:19:8d:30:69: 76:16:0a:bb:f2:c7:91:91:a6:96:33:36:ed:fb:ad: 52:d4:51:3b:85:c6:0b:4c:f5:6e:68:91:90:e8:7e: 7a:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:6B:AA:05:0D:50:AF:5C:8A:64:6B:CB:AF:ED:4A:DB:64:21:A8:D4 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/66d9e388-aa28-4860-9a9f-792c475c3583.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:c080::/46 Signature Algorithm: sha256WithRSAEncryption 0a:31:41:6e:1e:7d:cc:03:93:28:02:63:78:a9:1a:f8:31:ad: 7a:ba:bc:c3:97:94:b0:2c:44:46:fe:fc:ff:f9:ac:14:35:5d: 05:45:7e:2c:bc:4f:1d:ba:c3:39:a0:b9:58:d7:1c:66:d5:a4: 29:13:a3:cf:a0:e9:ef:01:d6:96:b7:2e:d6:1e:64:a9:53:d1: 54:69:f8:c7:ad:91:1b:94:ba:71:b0:fa:28:cb:a2:75:e4:e1: 8f:28:c2:f8:e4:f2:6e:85:3b:0e:4f:d8:08:ad:11:8f:87:e6: 97:25:65:f6:86:f1:90:1e:cf:64:ec:f5:35:13:67:61:f7:5b: 42:8a:6d:ac:2b:a2:53:a0:3e:e6:cc:11:6c:0a:6e:fa:05:74: ba:ed:bf:3c:0e:89:d4:f8:22:0b:2d:e5:ae:3d:c7:58:c9:66: 2c:9e:30:57:d8:da:9e:d4:9f:9c:94:d3:7c:bc:e0:0c:9d:78: ab:ae:ee:bd:5a:a6:f2:16:ff:27:8f:a5:f3:5f:b7:56:c4:8e: d7:62:14:7a:94:96:b5:c7:5f:25:24:e5:1f:c4:79:cc:e4:12: 0e:d9:0d:3f:19:2e:02:b1:e0:55:d9:1b:a7:d0:ea:96:80:ff: 71:a8:9c:6f:08:38:d1:8b:dd:13:8c:f6:5a:fe:e0:b8:54:bb: 6d:ed:ab:27 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUQ2PLTABsLCzAhfXcja04W+EtnE4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxMTAwMjEwNFoX DTI2MDUxMjIzNTk1OVowejFJMEcGA1UEBRNAODFkOGViM2I1ODIwODE0YzNmZWUz ZTE1MDllYTBkMTFkNDQ2YzE2NDcwNDVjZGVmMDNkMjQ3MmQyMTRkMjlhNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5C2vcevxvKxerXWYnYP84/yBr0P vizWho7/OpjI5QccXMRe7+GJ+45FsTUZr4i3ZJ3d5TzpchPD8TFo/fu4iIFrFm+U 2tnnIuuzveXET8BldEb7CopFxeiBC0BuYfuweWiFdz2l4dpcYWNzg7POb2xdE673 m4+kFkMg/9hP1Mzb7EhEo8Ls4bhXcrKd7AgJ3oL7BoER2TIe7EVbMrFF21zJN8to 0Lo0ZR0CQ1PXdPzD8z30WJ/zhxXl89pTwoAHUfg1p3c0xikeX/q4auPQqQoNKREY yK5M7KN9rhmNMGl2Fgq78seRkaaWMzbt+61S1FE7hcYLTPVuaJGQ6H56ywIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAdrqgUNUK9cimRry6/tSttkIajUMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY2ZDllMzg4LWFhMjgtNDg2MC05YTlmLTc5MmM0NzVjMzU4My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba88CAMA0GCSqGSIb3DQEBCwUAA4IBAQAKMUFuHn3MA5MoAmN4 qRr4Ma16urzDl5SwLERG/vz/+awUNV0FRX4svE8dusM5oLlY1xxm1aQpE6PPoOnv AdaWty7WHmSpU9FUafjHrZEblLpxsPooy6J15OGPKML45PJuhTsOT9gIrRGPh+aX JWX2hvGQHs9k7PU1E2dh91tCim2sK6JToD7mzBFsCm76BXS67b88DonU+CILLeWu PcdYyWYsnjBX2Nqe1J+clNN8vOAMnXirru69WqbyFv8nj6XzX7dWxI7XYhR6lJa1 x18lJOUfxHnM5BIO2Q0/GS4CseBV2Run0OqWgP9xqJxvCDjRi90TjPZa/uC4VLtt 7asn -----END CERTIFICATE-----Generated at Sun Mar 1 22:14:04 2026 by rpki-client