$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7105aadf-8449-4060-98c4-d4b349ff7892.roa File: 7105aadf-8449-4060-98c4-d4b349ff7892.roa (raw, json) Hash identifier: y5fT0w/+UAfC7PD82vZ3EM4q5cGkKr0fqpz+iCmtiLQ= Subject key identifier: AD:A1:4E:A9:4D:3F:0D:57:07:AC:C0:30:D2:86:67:DF:CC:57:2B:E1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 53FD139762165D025343CB3FC178619AF39B018A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7105aadf-8449-4060-98c4-d4b349ff7892.roa Signing time: Fri 13 Feb 2026 00:00:12 +0000 ROA not before: Fri 13 Feb 2026 00:00:12 +0000 ROA not after: Thu 14 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:fd:13:97:62:16:5d:02:53:43:cb:3f:c1:78:61:9a:f3:9b:01:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 13 00:00:12 2026 GMT Not After : May 14 23:59:59 2026 GMT Subject: serialNumber=8d18717353f84fe0c601a3c856ff511be5738bb41903428e2ebf07baf0f1a4e0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:18:08:dd:71:2b:ac:07:ea:04:b6:b1:a4:78: 8c:a6:a1:f4:d4:d5:f5:b0:b5:ac:33:68:e9:24:96: d5:68:7e:91:4e:cc:05:0c:48:f5:25:c7:3c:88:eb: 18:66:4c:94:69:89:dc:87:90:20:c6:e7:51:22:87: a8:88:ce:85:9d:53:73:17:17:8b:8a:01:59:78:c5: c4:68:eb:12:a4:45:ee:da:32:5c:43:ed:47:6a:4f: f9:bf:c3:06:e4:8c:04:a1:a8:61:84:68:bc:dc:79: f7:b7:61:3d:f7:11:b7:e8:a8:e9:63:2a:c1:a7:ad: 7c:64:7c:a1:bc:fa:79:70:e3:5c:26:60:b0:df:c5: 3c:fd:95:19:2f:41:9a:39:61:37:f2:92:8b:a6:c9: 0c:0d:ec:5f:c3:fe:ed:f5:84:1d:69:35:50:05:b1: 36:7a:6c:87:2a:1b:80:91:02:26:71:15:92:5d:72: e4:07:7a:00:32:26:cc:de:8a:dc:69:a9:6f:16:69: a4:57:75:53:39:0e:29:13:2e:ad:50:fb:ce:af:33: 77:b5:bc:78:9e:7a:5c:16:1a:e3:fe:c7:32:26:4d: dc:76:26:1d:78:46:77:c2:9f:9f:cb:0f:83:1f:53: 13:e0:a6:ef:da:ac:36:98:7e:35:5b:1a:18:46:58: 6e:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:A1:4E:A9:4D:3F:0D:57:07:AC:C0:30:D2:86:67:DF:CC:57:2B:E1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7105aadf-8449-4060-98c4-d4b349ff7892.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:b000::/40 Signature Algorithm: sha256WithRSAEncryption 08:19:f2:b5:b2:46:75:f0:45:5a:8e:7f:d1:38:86:0f:ae:c1: 35:a9:6a:d9:09:fa:1c:27:3f:08:25:2a:fe:8e:81:00:77:fc: 86:d3:5f:63:f0:0d:75:ae:40:d9:a6:d8:dd:54:fc:1e:d0:82: 2b:17:a9:d8:29:e5:c4:4e:d8:7b:24:4c:59:3b:51:34:14:0e: 52:d0:a7:5f:5a:80:33:0d:ff:42:7f:81:85:8c:e0:a4:2f:59: 96:51:72:81:29:e9:20:26:a9:c5:dd:8c:a6:fd:0b:a7:c5:d5: f5:77:5e:aa:51:84:44:6c:e7:79:66:1e:37:97:f6:3c:ce:98: 2d:a4:b5:ef:22:c3:66:bc:16:ac:63:ad:b0:2f:22:75:dd:bd: 95:a5:69:5f:b2:58:2f:66:41:8a:5e:77:de:70:af:6b:09:f1: c9:b9:4e:fe:6d:e6:c4:f7:d0:3c:55:76:4f:d5:3d:52:9b:bc: e2:ce:11:a9:86:59:f0:c0:6a:b5:94:0a:f2:c1:aa:31:6d:24: fa:91:b1:01:34:6a:3f:a0:6b:a6:af:92:76:66:e8:a3:5a:10: 98:5e:5b:ca:c9:9c:57:61:53:99:69:3b:ff:e4:76:63:00:3a: ad:e8:3f:df:31:1a:ac:4d:c7:01:4f:33:9a:a5:99:c2:48:41: bc:83:79:95 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUU/0Tl2IWXQJTQ8s/wXhhmvObAYowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxMzAwMDAxMloX DTI2MDUxNDIzNTk1OVowejFJMEcGA1UEBRNAOGQxODcxNzM1M2Y4NGZlMGM2MDFh M2M4NTZmZjUxMWJlNTczOGJiNDE5MDM0MjhlMmViZjA3YmFmMGYxYTRlMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxgI3XErrAfqBLaxpHiMpqH01NX1 sLWsM2jpJJbVaH6RTswFDEj1Jcc8iOsYZkyUaYnch5AgxudRIoeoiM6FnVNzFxeL igFZeMXEaOsSpEXu2jJcQ+1Hak/5v8MG5IwEoahhhGi83Hn3t2E99xG36KjpYyrB p618ZHyhvPp5cONcJmCw38U8/ZUZL0GaOWE38pKLpskMDexfw/7t9YQdaTVQBbE2 emyHKhuAkQImcRWSXXLkB3oAMibM3orcaalvFmmkV3VTOQ4pEy6tUPvOrzN3tbx4 nnpcFhrj/scyJk3cdiYdeEZ3wp+fyw+DH1MT4Kbv2qw2mH41WxoYRlhuTQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFK2hTqlNPw1XB6zAMNKGZ9/MVyvhMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzcxMDVhYWRmLTg0NDktNDA2MC05OGM0LWQ0YjM0OWZmNzg5Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9bAwDQYJKoZIhvcNAQELBQADggEBAAgZ8rWyRnXwRVqOf9E4 hg+uwTWpatkJ+hwnPwglKv6OgQB3/IbTX2PwDXWuQNmm2N1U/B7QgisXqdgp5cRO 2HskTFk7UTQUDlLQp19agDMN/0J/gYWM4KQvWZZRcoEp6SAmqcXdjKb9C6fF1fV3 XqpRhERs53lmHjeX9jzOmC2kte8iw2a8FqxjrbAvInXdvZWlaV+yWC9mQYped95w r2sJ8cm5Tv5t5sT30DxVdk/VPVKbvOLOEamGWfDAarWUCvLBqjFtJPqRsQE0aj+g a6avknZm6KNaEJheW8rJnFdhU5lpO//kdmMAOq3oP98xGqxNxwFPM5qlmcJIQbyD eZU= -----END CERTIFICATE-----Generated at Sun Mar 1 22:13:21 2026 by rpki-client