$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6edf2912-47ba-4d32-af54-cfec67c5a726.roa File: 6edf2912-47ba-4d32-af54-cfec67c5a726.roa (raw, json) Hash identifier: U7BiQAfRbjC5rDOUyu8vF1sKyQ9CbAwx73jgCR6J64M= Subject key identifier: 5E:82:20:34:CE:72:88:02:03:9A:6A:4B:B8:34:BB:1D:69:16:27:BD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 652E452742D9D8C29DD302D11FB1A1C3D976D8A6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6edf2912-47ba-4d32-af54-cfec67c5a726.roa Signing time: Sun 22 Feb 2026 00:10:48 +0000 ROA not before: Sun 22 Feb 2026 00:10:48 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:2e:45:27:42:d9:d8:c2:9d:d3:02:d1:1f:b1:a1:c3:d9:76:d8:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:10:48 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=01f7237685b188498b3fd2dc6756d687112e3c5cf013ce8433cfd315dfc0f6df, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:67:28:86:de:fd:2e:6c:99:e8:e1:5b:33:10: e5:01:bc:47:cc:d6:8f:8a:47:5f:13:4f:4b:41:5e: 81:04:75:f8:27:f8:ed:50:44:69:9a:54:60:d6:be: 34:65:0b:45:4c:4d:dc:d5:63:3b:b4:a5:c9:36:c2: 52:d9:9c:e1:0c:04:94:0c:ff:e7:7e:b9:b9:43:ef: 84:08:9c:ed:4b:ed:fd:76:d0:7c:58:74:8f:de:33: eb:21:72:6d:2b:c0:4b:e3:b7:24:8a:f2:c1:f3:96: 6c:5d:3c:6f:bd:bc:39:8f:a9:a0:86:a3:f0:f3:d7: 8b:bf:8f:c1:95:bf:34:29:d7:68:b8:69:cc:b0:63: aa:cf:7d:32:90:fe:bb:6d:dd:f7:a1:a1:24:db:3a: 03:e0:a6:9f:d6:c8:1c:91:ea:d5:74:5e:83:4b:51: d7:67:d5:1c:4f:b2:36:9e:e9:6e:99:0d:97:e6:d6: 59:d3:34:3b:b1:e9:29:e4:4d:4e:dc:5a:d3:88:ab: da:6b:c4:c9:8b:b2:9f:b0:6a:0f:cd:9a:52:68:65: 07:fa:dc:a9:60:5d:b0:07:7d:a7:ac:cd:21:28:9e: 63:fb:e3:a3:d5:2c:9b:83:f6:fe:d3:d9:22:ce:47: 67:21:b7:d8:dc:f8:96:4a:dd:32:9a:fd:33:de:0f: 4a:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:82:20:34:CE:72:88:02:03:9A:6A:4B:B8:34:BB:1D:69:16:27:BD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6edf2912-47ba-4d32-af54-cfec67c5a726.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:800::/40 Signature Algorithm: sha256WithRSAEncryption 5e:c7:5d:91:be:39:ba:fe:ee:f3:ae:2d:41:d2:b3:71:29:0b: 36:78:96:e9:5a:12:12:d5:87:9e:64:5a:8c:05:b4:8b:a0:3c: 44:e0:9e:4a:2c:17:62:85:68:67:b0:5b:24:c6:b3:95:6c:ea: 7e:0c:23:db:76:bf:de:27:77:da:17:c7:71:b5:e8:7c:6f:07: 57:75:78:a8:45:88:4a:6a:06:a5:4f:3e:98:b3:1a:45:84:b4: bd:42:a2:d3:07:ed:c1:9a:06:b7:e9:9f:9f:6d:a0:70:d8:56: 96:66:2f:31:31:1e:a5:cb:65:49:7c:82:4a:42:6d:d9:b1:75: 7d:d5:2c:b7:15:b1:88:4e:2d:61:7d:80:29:75:31:78:3b:0d: 2a:a7:e9:22:db:e6:67:f3:35:e4:0e:55:e9:26:21:3e:cd:8e: cb:26:3e:3b:64:3d:28:0e:7d:f2:79:25:60:1c:1b:03:8e:62: be:bd:06:7a:35:3d:68:d4:d7:90:dc:21:64:a4:0d:7e:7b:59: 8d:58:e9:e2:cc:0a:fe:01:2d:7a:72:ef:45:ac:44:33:ea:33: 17:2a:b7:fb:89:34:47:b8:0a:f4:00:2e:26:f0:8f:50:1a:78: 7b:2b:c4:38:c6:a4:5b:6e:a9:17:63:ad:80:72:da:59:b2:02: 6a:63:39:b1 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZS5FJ0LZ2MKd0wLRH7Ghw9l22KYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMTA0OFoX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAMDFmNzIzNzY4NWIxODg0OThiM2Zk MmRjNjc1NmQ2ODcxMTJlM2M1Y2YwMTNjZTg0MzNjZmQzMTVkZmMwZjZkZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWcoht79LmyZ6OFbMxDlAbxHzNaP ikdfE09LQV6BBHX4J/jtUERpmlRg1r40ZQtFTE3c1WM7tKXJNsJS2ZzhDASUDP/n frm5Q++ECJztS+39dtB8WHSP3jPrIXJtK8BL47ckivLB85ZsXTxvvbw5j6mghqPw 89eLv4/Blb80KddouGnMsGOqz30ykP67bd33oaEk2zoD4Kaf1sgckerVdF6DS1HX Z9UcT7I2nulumQ2X5tZZ0zQ7sekp5E1O3FrTiKvaa8TJi7KfsGoPzZpSaGUH+typ YF2wB32nrM0hKJ5j++Oj1Sybg/b+09kizkdnIbfY3PiWSt0ymv0z3g9KdwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFF6CIDTOcogCA5pqS7g0ux1pFie9MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzZlZGYyOTEyLTQ3YmEtNGQzMi1hZjU0LWNmZWM2N2M1YTcyNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacAgwDQYJKoZIhvcNAQELBQADggEBAF7HXZG+Obr+7vOuLUHS s3EpCzZ4lulaEhLVh55kWowFtIugPETgnkosF2KFaGewWyTGs5Vs6n4MI9t2v94n d9oXx3G16HxvB1d1eKhFiEpqBqVPPpizGkWEtL1CotMH7cGaBrfpn59toHDYVpZm LzExHqXLZUl8gkpCbdmxdX3VLLcVsYhOLWF9gCl1MXg7DSqn6SLb5mfzNeQOVekm IT7NjssmPjtkPSgOffJ5JWAcGwOOYr69Bno1PWjU15DcIWSkDX57WY1Y6eLMCv4B LXpy70WsRDPqMxcqt/uJNEe4CvQALibwj1AaeHsrxDjGpFtuqRdjrYBy2lmyAmpj ObE= -----END CERTIFICATE-----Generated at Mon Mar 2 08:50:18 2026 by rpki-client