$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6966423c-fa27-4cd5-898f-a147e75cdcb6.roa File: 6966423c-fa27-4cd5-898f-a147e75cdcb6.roa (raw, json) Hash identifier: RQ34ieu0sXfdvl+IdjW9Yd66bbWgFRtykxpccFkUD7U= Subject key identifier: 73:EE:DE:26:11:89:8D:EE:7F:2C:3A:DA:69:C2:18:3D:73:F8:99:83 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 11AE0A3E521320A50171B55BBB8EA51E0380884D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6966423c-fa27-4cd5-898f-a147e75cdcb6.roa Signing time: Sun 22 Feb 2026 00:20:45 +0000 ROA not before: Sun 22 Feb 2026 00:20:45 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:ae:0a:3e:52:13:20:a5:01:71:b5:5b:bb:8e:a5:1e:03:80:88:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:20:45 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=d2301310ab3bfc472077daf85b6e11b551b3e5791482140cbec9a03d99c0a105, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:de:45:32:02:c6:b7:39:b1:39:fe:8e:0f:64: c3:5b:12:d0:d3:8d:12:20:8a:51:f0:ea:ae:8b:90: f3:e7:e9:a6:87:42:32:09:17:5f:17:85:22:13:36: f6:0d:e3:9b:3d:20:dd:19:d3:5c:d0:ea:ef:e0:7e: 7e:8e:87:80:1e:a8:ae:99:6a:04:53:3b:38:53:ef: 77:c8:1f:81:97:d5:81:9f:41:0a:80:eb:c0:01:c5: 8f:f0:b0:78:83:81:85:ae:63:ad:48:db:d6:9e:f5: 11:5f:d8:c7:d3:15:d6:dd:08:4a:d2:f2:f2:3c:a1: d4:6a:d4:3b:af:d4:f7:d1:59:18:ff:36:45:24:ca: 2b:21:e9:ac:d4:a4:36:c8:66:12:5b:fc:0e:12:de: 05:d3:36:7e:d2:8b:fc:38:b0:0b:cc:76:d0:23:6f: 3b:37:aa:e1:42:4d:c0:2d:94:3e:b8:74:cc:b5:4a: 1c:db:f2:56:a5:60:d9:51:ca:8e:a7:03:a3:5f:a6: b9:d8:18:f8:bd:17:f8:35:ec:9e:07:09:1c:3f:37: 74:15:24:fd:ea:a1:9e:58:7b:32:02:90:33:84:18: 96:06:f0:85:d8:6e:dd:5f:ec:6f:37:21:b0:c3:61: b9:7e:80:b5:48:57:33:f2:cb:81:3d:30:98:8b:b6: fd:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:EE:DE:26:11:89:8D:EE:7F:2C:3A:DA:69:C2:18:3D:73:F8:99:83 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6966423c-fa27-4cd5-898f-a147e75cdcb6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:a000::/40 Signature Algorithm: sha256WithRSAEncryption a4:2d:1c:da:82:34:39:e6:8d:14:9e:86:83:df:84:1d:7e:70: 5b:c0:a8:14:a3:9f:d3:7f:d1:35:4f:94:f6:c9:c2:cd:87:8d: cf:b0:6c:55:2d:57:fc:55:6d:ed:23:a9:12:36:c7:40:98:7a: 56:6e:fe:33:cf:a0:11:f6:cb:72:11:b3:8c:94:5d:32:e0:2e: fc:69:da:b0:58:9f:70:07:54:95:8b:ed:f5:99:51:f3:cd:be: 6a:fc:04:d9:32:3a:ab:80:fc:49:4e:4f:c7:78:a9:65:c9:bc: 00:2c:65:16:d8:be:57:7c:d7:c6:d4:f7:7b:39:f2:13:7c:fa: c3:e7:1e:74:8b:78:5f:a8:f6:fd:b5:04:02:29:b0:8e:c3:28: ac:7f:2b:37:23:da:bd:7f:2e:7e:7d:f9:c8:bb:7f:74:ec:13: 39:e8:51:92:c3:64:67:e5:ee:f0:d4:5d:24:1a:64:50:78:bb: 8b:1f:81:68:f0:66:9d:dc:62:c6:ce:98:a4:9e:31:fd:da:ec: 49:ac:49:d3:f8:83:1f:c1:93:bd:25:b8:bb:27:71:e8:f1:47: f4:ac:2d:06:d6:f7:72:1c:14:3b:2e:f9:09:b8:c2:6b:b8:d9: eb:c8:32:68:f0:9f:ce:c8:45:c8:1b:7f:a8:06:94:ba:3f:ff: 66:39:6e:88 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUEa4KPlITIKUBcbVbu46lHgOAiE0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMjA0NVoX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAZDIzMDEzMTBhYjNiZmM0NzIwNzdk YWY4NWI2ZTExYjU1MWIzZTU3OTE0ODIxNDBjYmVjOWEwM2Q5OWMwYTEwNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqN5FMgLGtzmxOf6OD2TDWxLQ040S IIpR8Oqui5Dz5+mmh0IyCRdfF4UiEzb2DeObPSDdGdNc0Orv4H5+joeAHqiumWoE Uzs4U+93yB+Bl9WBn0EKgOvAAcWP8LB4g4GFrmOtSNvWnvURX9jH0xXW3QhK0vLy PKHUatQ7r9T30VkY/zZFJMorIems1KQ2yGYSW/wOEt4F0zZ+0ov8OLALzHbQI287 N6rhQk3ALZQ+uHTMtUoc2/JWpWDZUcqOpwOjX6a52Bj4vRf4NeyeBwkcPzd0FST9 6qGeWHsyApAzhBiWBvCF2G7dX+xvNyGww2G5foC1SFcz8suBPTCYi7b98QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHPu3iYRiY3ufyw62mnCGD1z+JmDMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY5NjY0MjNjLWZhMjctNGNkNS04OThmLWExNDdlNzVjZGNiNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauaAwDQYJKoZIhvcNAQELBQADggEBAKQtHNqCNDnmjRSehoPf hB1+cFvAqBSjn9N/0TVPlPbJws2Hjc+wbFUtV/xVbe0jqRI2x0CYelZu/jPPoBH2 y3IRs4yUXTLgLvxp2rBYn3AHVJWL7fWZUfPNvmr8BNkyOquA/ElOT8d4qWXJvAAs ZRbYvld818bU93s58hN8+sPnHnSLeF+o9v21BAIpsI7DKKx/Kzcj2r1/Ln59+ci7 f3TsEznoUZLDZGfl7vDUXSQaZFB4u4sfgWjwZp3cYsbOmKSeMf3a7EmsSdP4gx/B k70luLsncejxR/SsLQbW93IcFDsu+Qm4wmu42evIMmjwn87IRcgbf6gGlLo//2Y5 bog= -----END CERTIFICATE-----Generated at Sun Mar 1 21:57:53 2026 by rpki-client