$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/74b1fe31-3591-4da8-95f4-39ba57fac545.roa File: 74b1fe31-3591-4da8-95f4-39ba57fac545.roa (raw, json) Hash identifier: fLgnoHgKr1g0Fb2+6fEKXjDshsIK3kS86EvbOCTcdow= Subject key identifier: 2E:88:9D:B0:71:8D:ED:3A:5C:C0:1F:C3:33:D8:03:63:DC:82:64:30 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6F0FA5793F0DA786CA10F72664F87480EBA8FE54 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/74b1fe31-3591-4da8-95f4-39ba57fac545.roa Signing time: Tue 24 Feb 2026 00:00:06 +0000 ROA not before: Tue 24 Feb 2026 00:00:06 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:0f:a5:79:3f:0d:a7:86:ca:10:f7:26:64:f8:74:80:eb:a8:fe:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 24 00:00:06 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=0e513a3d0376c9245ef076b23ad7e2892fbb84cf885860958fb76ce629577e65, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:b6:22:95:fb:f1:14:e3:b3:eb:0a:1b:32:07: 40:d8:18:2a:05:c0:4a:9c:67:7a:2e:5e:31:42:11: e2:6e:25:e2:33:79:09:0e:31:38:18:93:59:18:6e: d0:13:6d:3e:86:9a:9c:50:6b:48:fc:69:e3:76:0c: a9:d9:4e:cf:5c:89:8a:32:85:a6:85:2a:8e:d1:13: a1:62:b6:d9:95:73:29:c5:20:6d:a2:bc:68:ba:46: 8e:db:9f:5c:12:c7:33:36:c1:e4:92:a0:1c:2b:e2: 83:fa:cb:26:8f:0d:56:0c:6d:eb:a3:f5:71:bd:cf: f2:14:7b:af:3e:c9:c3:ec:c7:d7:9d:fb:e9:b3:b2: 26:3a:6e:94:ca:d3:d9:fb:96:40:77:cb:b2:77:7d: 7d:6e:a9:97:d0:40:96:44:20:22:1d:c0:25:14:7b: b6:5b:9a:5d:1a:5f:b3:58:87:3d:02:93:32:ce:34: c7:02:bd:82:2e:2e:1d:65:dd:6e:57:7a:74:c4:7a: f0:37:98:ef:5f:0b:4f:a3:1a:63:4f:73:c4:dd:6e: cb:7f:c5:2f:86:5d:4c:57:00:73:2e:fb:57:ca:3b: 06:7e:a6:f2:25:a2:3c:a0:3b:87:d8:57:11:95:15: 3e:af:6c:0d:42:5e:fb:93:0c:58:b1:8b:6e:91:70: ae:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:88:9D:B0:71:8D:ED:3A:5C:C0:1F:C3:33:D8:03:63:DC:82:64:30 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/74b1fe31-3591-4da8-95f4-39ba57fac545.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:1000::/40 Signature Algorithm: sha256WithRSAEncryption 55:8c:81:20:c5:02:36:9f:35:99:bf:02:e0:13:12:77:6c:b1: fd:2e:6a:e8:8d:0f:c9:80:7b:a4:51:2b:36:6c:fe:05:7f:bf: cf:40:e0:0a:77:d8:de:16:c1:6b:d4:8f:8a:be:55:a7:38:55: 2c:c0:bb:1e:fc:d6:3f:11:80:c0:27:72:54:ab:1b:a6:6b:1e: 8f:4e:14:69:e0:8b:c7:61:e1:d6:0a:ab:10:97:2e:32:9b:00: 71:2f:ce:e0:cf:58:ce:88:5c:17:26:c0:f8:d0:bc:f1:69:6b: 9c:c9:70:20:05:53:bf:ec:ba:10:99:1c:b3:ee:b1:65:5b:39: f1:5b:aa:13:7b:43:c4:bd:7d:c7:3e:6b:c5:25:5b:fd:95:ef: 84:24:55:d7:9b:33:87:51:60:5a:a5:af:15:1a:36:1b:e3:98: f8:0d:91:7a:11:26:77:fc:ce:1e:20:51:45:af:fb:9f:c6:ec: ef:65:0e:ac:35:d2:ab:7c:e8:58:e3:55:4c:52:0e:9e:99:eb: 9d:3f:b4:35:88:58:a5:03:11:bc:a4:24:66:61:b0:a5:d2:04: 66:e6:25:63:3a:3a:5c:e9:2f:17:d3:cc:31:16:35:35:8c:3f: c6:79:23:c3:c4:9b:e5:80:66:c5:ea:c0:56:76:91:8a:bf:ff: c1:48:cd:8d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUbw+leT8Np4bKEPcmZPh0gOuo/lQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyNDAwMDAwNloX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAMGU1MTNhM2QwMzc2YzkyNDVlZjA3 NmIyM2FkN2UyODkyZmJiODRjZjg4NTg2MDk1OGZiNzZjZTYyOTU3N2U2NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrYilfvxFOOz6wobMgdA2BgqBcBK nGd6Ll4xQhHibiXiM3kJDjE4GJNZGG7QE20+hpqcUGtI/Gnjdgyp2U7PXImKMoWm hSqO0ROhYrbZlXMpxSBtorxoukaO259cEsczNsHkkqAcK+KD+ssmjw1WDG3ro/Vx vc/yFHuvPsnD7MfXnfvps7ImOm6UytPZ+5ZAd8uyd319bqmX0ECWRCAiHcAlFHu2 W5pdGl+zWIc9ApMyzjTHAr2CLi4dZd1uV3p0xHrwN5jvXwtPoxpjT3PE3W7Lf8Uv hl1MVwBzLvtXyjsGfqbyJaI8oDuH2FcRlRU+r2wNQl77kwxYsYtukXCubwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFC6InbBxje06XMAfwzPYA2PcgmQwMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc0YjFmZTMxLTM1OTEtNGRhOC05NWY0LTM5YmE1N2ZhYzU0NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8RAwDQYJKoZIhvcNAQELBQADggEBAFWMgSDFAjafNZm/AuAT Endssf0uauiND8mAe6RRKzZs/gV/v89A4Ap32N4WwWvUj4q+Vac4VSzAux781j8R gMAnclSrG6ZrHo9OFGngi8dh4dYKqxCXLjKbAHEvzuDPWM6IXBcmwPjQvPFpa5zJ cCAFU7/suhCZHLPusWVbOfFbqhN7Q8S9fcc+a8UlW/2V74QkVdebM4dRYFqlrxUa NhvjmPgNkXoRJnf8zh4gUUWv+5/G7O9lDqw10qt86FjjVUxSDp6Z650/tDWIWKUD EbykJGZhsKXSBGbmJWM6OlzpLxfTzDEWNTWMP8Z5I8PEm+WAZsXqwFZ2kYq//8FI zY0= -----END CERTIFICATE-----Generated at Sun Mar 1 23:53:43 2026 by rpki-client