$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/680b28c0-fd78-49c9-9355-94724e964ebe.roa File: 680b28c0-fd78-49c9-9355-94724e964ebe.roa (raw, json) Hash identifier: dWRiXN/dt9iWMmD+ffE2+5GVBRWPXLCpIIAhalmlcU8= Subject key identifier: 58:82:17:35:89:37:B5:47:56:F3:0F:27:0F:90:46:65:42:7A:D9:1C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4579F31EBE704E947F69F53A9967AE0D39CFA536 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/680b28c0-fd78-49c9-9355-94724e964ebe.roa Signing time: Fri 20 Feb 2026 00:20:10 +0000 ROA not before: Fri 20 Feb 2026 00:20:10 +0000 ROA not after: Thu 21 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:c040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:79:f3:1e:be:70:4e:94:7f:69:f5:3a:99:67:ae:0d:39:cf:a5:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 20 00:20:10 2026 GMT Not After : May 21 23:59:59 2026 GMT Subject: serialNumber=ec09223200f92db9f83c6fb309a476ac61dfa656baabb969cf0bdb0454b6ed12, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:d9:01:9d:98:65:0e:83:81:39:d5:9f:0b:dc: 28:a4:31:8b:04:1c:cf:13:2f:85:10:b1:a6:07:c7: 52:93:a7:cd:15:af:96:91:fa:14:ba:f9:64:04:0b: c6:64:ac:d7:2d:8e:09:3b:fc:18:61:2c:01:62:35: d7:15:60:57:36:f4:33:f4:1c:e3:e6:a9:3d:40:4b: 4d:e6:f6:75:c2:f1:18:de:e8:40:6a:8b:6c:6a:f4: 2a:62:d5:a4:95:f8:4b:71:a4:7b:cf:ed:6f:ef:c4: aa:d3:36:a3:3c:1e:e3:fc:c5:5b:92:43:94:46:db: 19:2a:7e:b3:db:b5:81:3b:df:68:2c:99:b3:0b:e6: ed:df:b1:63:8d:c7:09:85:3d:86:4b:30:a1:0e:45: 52:95:1e:c6:2c:4d:65:ef:10:e1:73:a2:65:d4:d0: fb:16:de:95:10:3c:25:c3:4b:86:6d:48:42:fd:1d: d8:87:2c:74:fc:07:70:08:38:00:49:58:7e:57:f1: 90:c0:fd:95:05:99:b7:27:14:fd:76:65:e4:8f:57: a1:c5:44:97:c6:42:6f:10:9a:7e:a1:12:4b:05:c9: 1a:73:48:b4:eb:68:38:7c:65:a0:8f:5f:92:59:aa: 07:06:e9:76:03:0f:d9:9c:46:34:24:75:0d:70:65: 0e:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:82:17:35:89:37:B5:47:56:F3:0F:27:0F:90:46:65:42:7A:D9:1C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/680b28c0-fd78-49c9-9355-94724e964ebe.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:c040::/48 Signature Algorithm: sha256WithRSAEncryption 8e:ee:a6:e1:c2:d1:da:8e:c9:c7:d2:2f:23:28:a7:82:3f:3b: b5:b1:2c:06:1c:21:fb:ba:9a:7d:59:0f:e8:62:2e:03:53:dc: fc:48:17:75:99:31:7d:9f:52:b9:97:f2:a7:a7:79:07:b2:3e: a6:0a:61:13:60:4a:77:36:93:ec:02:d4:58:a6:58:88:ea:f3: 39:46:14:2d:d5:8b:25:dc:43:02:29:f8:20:bd:ee:4b:72:c7: e6:11:b0:00:72:66:cf:d1:14:e5:96:b3:df:04:b3:b5:00:44: ba:42:a1:8c:1e:bb:3f:4f:bb:9f:0e:5c:9b:4f:de:ca:9d:6c: f8:18:15:89:2e:5d:48:2a:43:3c:f6:ab:fa:6a:48:7e:68:ad: b0:ad:e2:50:76:93:f7:ef:7c:26:83:c0:7c:62:f8:dc:4b:37: 39:52:dc:fd:53:ba:4f:20:5a:e7:17:78:54:48:97:6f:ec:5f: 90:5c:59:ac:d3:53:ee:15:13:4a:c3:11:97:2f:3a:2b:d3:71: 3d:0b:96:06:46:2b:3c:b7:7b:c5:bb:8f:c8:2e:6a:1a:93:bb: b0:b0:d7:4b:82:63:6e:30:6a:c2:e7:b4:08:fe:e6:2d:c2:6c: 4d:38:5a:67:c1:f8:7f:b5:07:b4:64:7d:89:b6:aa:58:6d:c5: 9b:81:b4:f7 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIURXnzHr5wTpR/afU6mWeuDTnPpTYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMDAwMjAxMFoX DTI2MDUyMTIzNTk1OVowejFJMEcGA1UEBRNAZWMwOTIyMzIwMGY5MmRiOWY4M2M2 ZmIzMDlhNDc2YWM2MWRmYTY1NmJhYWJiOTY5Y2YwYmRiMDQ1NGI2ZWQxMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtkBnZhlDoOBOdWfC9wopDGLBBzP Ey+FELGmB8dSk6fNFa+WkfoUuvlkBAvGZKzXLY4JO/wYYSwBYjXXFWBXNvQz9Bzj 5qk9QEtN5vZ1wvEY3uhAaotsavQqYtWklfhLcaR7z+1v78Sq0zajPB7j/MVbkkOU RtsZKn6z27WBO99oLJmzC+bt37FjjccJhT2GSzChDkVSlR7GLE1l7xDhc6Jl1ND7 Ft6VEDwlw0uGbUhC/R3Yhyx0/AdwCDgASVh+V/GQwP2VBZm3JxT9dmXkj1ehxUSX xkJvEJp+oRJLBckac0i062g4fGWgj1+SWaoHBul2Aw/ZnEY0JHUNcGUO/wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFiCFzWJN7VHVvMPJw+QRmVCetkcMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY4MGIyOGMwLWZkNzgtNDljOS05MzU1LTk0NzI0ZTk2NGViZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYcBAMA0GCSqGSIb3DQEBCwUAA4IBAQCO7qbhwtHajsnH0i8j KKeCPzu1sSwGHCH7upp9WQ/oYi4DU9z8SBd1mTF9n1K5l/Knp3kHsj6mCmETYEp3 NpPsAtRYpliI6vM5RhQt1Ysl3EMCKfggve5LcsfmEbAAcmbP0RTllrPfBLO1AES6 QqGMHrs/T7ufDlybT97KnWz4GBWJLl1IKkM89qv6akh+aK2wreJQdpP373wmg8B8 YvjcSzc5Utz9U7pPIFrnF3hUSJdv7F+QXFms01PuFRNKwxGXLzor03E9C5YGRis8 t3vFu4/ILmoak7uwsNdLgmNuMGrC57QI/uYtwmxNOFpnwfh/tQe0ZH2JtqpYbcWb gbT3 -----END CERTIFICATE-----Generated at Mon Mar 2 03:26:20 2026 by rpki-client