$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67dad65f-f2a7-46ef-a537-8f09b1a99c3c.roa File: 67dad65f-f2a7-46ef-a537-8f09b1a99c3c.roa (raw, json) Hash identifier: FfVA9pGb4/dP8+N2yV59hynIICRpeMWF4VSI0SmdFLo= Subject key identifier: 61:C8:40:45:83:4D:EB:C7:6A:46:57:84:05:D8:C3:D7:28:C1:38:E5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7D4FEFDF5DBA6BD49B97385449D81627BA1F658C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67dad65f-f2a7-46ef-a537-8f09b1a99c3c.roa Signing time: Fri 20 Feb 2026 00:20:07 +0000 ROA not before: Fri 20 Feb 2026 00:20:07 +0000 ROA not after: Thu 21 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:4840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:4f:ef:df:5d:ba:6b:d4:9b:97:38:54:49:d8:16:27:ba:1f:65:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 20 00:20:07 2026 GMT Not After : May 21 23:59:59 2026 GMT Subject: serialNumber=cd58481231442e4ad08986754cae89a1baf1cd8f272cababbc568d1e2c4b30c2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:58:f8:3a:ba:68:30:9d:6e:2d:f4:4d:00:55: df:e5:2e:44:70:f4:33:2e:1c:8d:e7:f9:78:48:85: 2a:a6:78:d7:8a:4e:4f:4c:8a:cc:6e:65:b0:66:c3: 3d:1a:95:b1:79:3d:29:e5:46:34:c1:1f:dd:58:cd: 75:be:db:0b:0c:3b:23:c7:56:57:73:c8:25:a6:c6: eb:3a:60:8a:b1:50:e9:64:ee:8f:b0:96:30:48:0d: 9a:91:11:0e:31:69:05:38:c0:b3:f8:54:60:6d:cd: 74:de:8e:bb:58:c7:2f:79:ee:40:db:d3:41:89:e5: 71:63:5c:a7:71:6f:26:ea:65:17:bf:f0:5f:e9:6e: 7e:42:88:6f:6d:51:08:04:93:5f:40:ea:2e:20:17: e7:a9:6f:eb:75:80:76:96:88:8a:39:02:65:3f:d5: 2c:2d:36:f1:7e:50:5b:aa:52:66:0d:5a:3e:81:27: ba:5f:72:85:70:61:6f:c6:39:5f:e8:69:d2:4e:fe: 0e:60:cd:30:1d:24:bf:9f:ed:0b:85:3a:e6:84:32: 43:37:b9:41:91:1d:f6:cc:76:89:78:48:50:46:49: f8:58:00:6d:39:d2:a9:39:f1:9b:37:45:b8:4e:f8: fe:9e:5b:1f:ee:bf:a4:c5:da:45:9d:d6:ff:81:29: 05:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:C8:40:45:83:4D:EB:C7:6A:46:57:84:05:D8:C3:D7:28:C1:38:E5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67dad65f-f2a7-46ef-a537-8f09b1a99c3c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:4840::/48 Signature Algorithm: sha256WithRSAEncryption 35:5f:cf:a8:0c:26:be:32:ad:01:59:85:7e:77:16:65:6f:ff: 57:8f:db:79:17:af:f5:9f:ee:26:22:c5:4a:45:5c:c8:8e:fd: 68:29:9e:de:66:18:fc:f9:ef:a5:a2:79:dc:64:38:bc:ec:15: 55:c9:1c:7c:a8:8a:71:60:5f:43:ab:77:ce:dd:7f:e5:e3:4a: 06:a6:83:b9:5a:b1:17:84:d5:8d:78:97:f7:1e:3a:e0:3a:1f: 2d:89:f0:7f:0c:e5:83:65:16:73:56:4f:02:dc:27:dd:19:d2: dd:d9:40:b1:25:aa:d2:63:30:44:2c:81:0d:1a:f3:4e:cf:95: ed:5c:75:db:2a:2f:e0:2c:7d:15:5a:be:a6:6d:67:d7:55:8c: 16:b9:75:a5:32:24:ba:75:62:ab:64:46:2a:db:c8:ae:9a:ae: 85:3a:b7:45:51:0b:3d:5b:d0:99:9e:48:8f:a3:68:bc:62:de: f7:e9:2c:49:36:20:05:f3:2c:79:aa:a0:6b:c5:15:84:9f:0f: f0:c5:5b:a8:4e:c5:ad:8f:67:16:b3:b0:26:17:8a:24:8f:26: d9:b5:25:92:80:87:d4:d4:36:12:b0:94:8c:fb:8c:6e:00:26: 65:c1:7f:96:c9:b3:f6:8d:e5:23:69:85:c6:26:2c:4b:3d:90: 55:8f:ca:7b -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUfU/v3126a9SblzhUSdgWJ7ofZYwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMDAwMjAwN1oX DTI2MDUyMTIzNTk1OVowejFJMEcGA1UEBRNAY2Q1ODQ4MTIzMTQ0MmU0YWQwODk4 Njc1NGNhZTg5YTFiYWYxY2Q4ZjI3MmNhYmFiYmM1NjhkMWUyYzRiMzBjMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlj4OrpoMJ1uLfRNAFXf5S5EcPQz LhyN5/l4SIUqpnjXik5PTIrMbmWwZsM9GpWxeT0p5UY0wR/dWM11vtsLDDsjx1ZX c8glpsbrOmCKsVDpZO6PsJYwSA2akREOMWkFOMCz+FRgbc103o67WMcvee5A29NB ieVxY1yncW8m6mUXv/Bf6W5+QohvbVEIBJNfQOouIBfnqW/rdYB2loiKOQJlP9Us LTbxflBbqlJmDVo+gSe6X3KFcGFvxjlf6GnSTv4OYM0wHSS/n+0LhTrmhDJDN7lB kR32zHaJeEhQRkn4WABtOdKpOfGbN0W4Tvj+nlsf7r+kxdpFndb/gSkFewIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGHIQEWDTevHakZXhAXYw9cowTjlMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY3ZGFkNjVmLWYyYTctNDZlZi1hNTM3LThmMDliMWE5OWMzYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAEhAMA0GCSqGSIb3DQEBCwUAA4IBAQA1X8+oDCa+Mq0BWYV+ dxZlb/9Xj9t5F6/1n+4mIsVKRVzIjv1oKZ7eZhj8+e+lonncZDi87BVVyRx8qIpx YF9Dq3fO3X/l40oGpoO5WrEXhNWNeJf3HjrgOh8tifB/DOWDZRZzVk8C3CfdGdLd 2UCxJarSYzBELIENGvNOz5XtXHXbKi/gLH0VWr6mbWfXVYwWuXWlMiS6dWKrZEYq 28iumq6FOrdFUQs9W9CZnkiPo2i8Yt736SxJNiAF8yx5qqBrxRWEnw/wxVuoTsWt j2cWs7AmF4okjybZtSWSgIfU1DYSsJSM+4xuACZlwX+WybP2jeUjaYXGJixLPZBV j8p7 -----END CERTIFICATE-----Generated at Sun Mar 1 22:14:14 2026 by rpki-client