$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/72a92468-955c-4942-86f7-be976f5fe4ad.roa File: 72a92468-955c-4942-86f7-be976f5fe4ad.roa (raw, json) Hash identifier: KSFDQ/F193RdcWcoGH22qJtgWJEl3gOnQYBSNf/KTLM= Subject key identifier: E7:89:48:EB:E8:ED:B3:D2:E3:A8:0E:33:98:C0:9F:2E:69:22:BB:C2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 370B2163F076AEE097F24FC0A6637143352B10DF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/72a92468-955c-4942-86f7-be976f5fe4ad.roa Signing time: Wed 11 Feb 2026 00:20:59 +0000 ROA not before: Wed 11 Feb 2026 00:20:59 +0000 ROA not after: Tue 12 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:20c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:0b:21:63:f0:76:ae:e0:97:f2:4f:c0:a6:63:71:43:35:2b:10:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 11 00:20:59 2026 GMT Not After : May 12 23:59:59 2026 GMT Subject: serialNumber=7295481b2abc9309df4ac47ff0c3c00b7a236ef43f72e52f7be317e637d5a3c5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:e4:9f:35:75:58:71:20:ce:6c:c9:34:96:93: cf:1e:4d:48:b1:94:f2:8b:23:da:af:a7:9c:cd:c9: 20:77:30:7e:f7:db:ee:a4:7d:ec:54:12:81:50:5c: 9b:d5:c2:bb:9d:e1:45:5a:69:c9:38:8d:d1:e8:08: ff:ff:1f:8b:ae:0b:dd:20:d0:c9:52:75:1e:cf:9e: 07:23:c5:55:a0:b5:01:e7:27:c2:b5:97:e3:5d:76: 56:db:95:09:0d:bb:7a:24:67:b5:38:e4:a1:66:b3: 37:f1:78:ed:19:ca:0c:8e:31:0b:a4:84:61:ab:dc: 77:07:63:2f:90:ac:a1:d3:43:7d:75:81:26:33:23: aa:51:a7:89:a2:9e:dd:9b:8d:64:84:d9:f4:64:ba: 54:f9:68:95:9e:97:37:96:be:80:1a:f3:c3:15:b0: d8:83:2a:90:3b:3d:c8:dd:4a:fe:16:84:bb:9c:68: 51:7a:d6:70:18:fc:ae:18:e3:91:78:41:3c:bc:d6: 33:cf:3c:c2:61:11:d9:38:ae:1a:3a:62:6e:61:62: c6:63:c8:69:9d:89:1b:01:89:3f:28:9b:d4:d2:93: 75:b4:6a:21:8b:2b:32:cb:9b:b4:28:d4:a3:5d:97: 8a:69:a6:9e:06:c9:76:c1:7c:2e:0e:6f:87:f1:ee: 14:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:89:48:EB:E8:ED:B3:D2:E3:A8:0E:33:98:C0:9F:2E:69:22:BB:C2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/72a92468-955c-4942-86f7-be976f5fe4ad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:20c0::/46 Signature Algorithm: sha256WithRSAEncryption af:1d:94:ee:ad:2f:c3:4c:76:98:e7:3f:60:b1:15:1f:cd:56: 66:d1:ed:15:59:06:07:9a:f3:c7:c2:40:92:d2:e6:69:56:ee: bc:ee:ce:d6:6b:32:e7:a5:9c:dd:eb:04:94:7f:b1:89:cb:7f: f0:20:ca:28:e9:4c:c6:cd:ec:bb:f3:3c:1a:9d:72:94:8b:c4: b9:d5:e2:6f:82:63:94:30:a4:b0:c3:1d:5a:c8:1f:2a:ea:f5: 26:64:4b:f8:7f:2a:29:88:14:db:ce:b4:96:81:28:4c:b5:2a: fa:5e:74:93:da:86:79:ef:78:64:7a:60:58:b7:2b:c1:d3:4f: 6b:1c:07:9a:14:5c:1b:bf:7e:bf:86:a2:17:d8:8c:50:1b:ad: 89:e3:a3:53:df:20:57:45:89:33:8e:0b:bf:93:c6:27:ad:c2: 00:63:b4:40:d6:7b:a7:ed:ee:73:0e:45:17:ea:f8:22:36:f2: e5:b7:a8:ed:f2:d7:df:24:6c:a0:56:e7:67:d8:ac:08:0b:df: 6d:ff:68:c7:c0:0e:dc:7f:9d:82:04:8d:26:2d:30:06:ee:e0: 7d:c1:00:7c:b3:b4:1b:a8:26:d2:e7:2b:45:66:31:a2:ee:36: f5:83:90:32:8f:f1:ed:38:33:b3:a2:67:ac:34:c6:2e:79:c8: 87:a8:33:30 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUNwshY/B2ruCX8k/ApmNxQzUrEN8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxMTAwMjA1OVoX DTI2MDUxMjIzNTk1OVowejFJMEcGA1UEBRNANzI5NTQ4MWIyYWJjOTMwOWRmNGFj NDdmZjBjM2MwMGI3YTIzNmVmNDNmNzJlNTJmN2JlMzE3ZTYzN2Q1YTNjNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+SfNXVYcSDObMk0lpPPHk1IsZTy iyPar6eczckgdzB+99vupH3sVBKBUFyb1cK7neFFWmnJOI3R6Aj//x+LrgvdINDJ UnUez54HI8VVoLUB5yfCtZfjXXZW25UJDbt6JGe1OOShZrM38XjtGcoMjjELpIRh q9x3B2MvkKyh00N9dYEmMyOqUaeJop7dm41khNn0ZLpU+WiVnpc3lr6AGvPDFbDY gyqQOz3I3Ur+FoS7nGhRetZwGPyuGOOReEE8vNYzzzzCYRHZOK4aOmJuYWLGY8hp nYkbAYk/KJvU0pN1tGohiysyy5u0KNSjXZeKaaaeBsl2wXwuDm+H8e4UDwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFOeJSOvo7bPS46gOM5jAny5pIrvCMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzcyYTkyNDY4LTk1NWMtNDk0Mi04NmY3LWJlOTc2ZjVmZTRhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba8yDAMA0GCSqGSIb3DQEBCwUAA4IBAQCvHZTurS/DTHaY5z9g sRUfzVZm0e0VWQYHmvPHwkCS0uZpVu687s7WazLnpZzd6wSUf7GJy3/wIMoo6UzG zey78zwanXKUi8S51eJvgmOUMKSwwx1ayB8q6vUmZEv4fyopiBTbzrSWgShMtSr6 XnST2oZ573hkemBYtyvB009rHAeaFFwbv36/hqIX2IxQG62J46NT3yBXRYkzjgu/ k8YnrcIAY7RA1nun7e5zDkUX6vgiNvLlt6jt8tffJGygVudn2KwIC99t/2jHwA7c f52CBI0mLTAG7uB9wQB8s7QbqCbS5ytFZjGi7jb1g5Ayj/HtODOzomesNMYueciH qDMw -----END CERTIFICATE-----Generated at Sun Mar 1 22:10:06 2026 by rpki-client