$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7c128a18-fe39-4c85-9076-3ff17462d555.roa File: 7c128a18-fe39-4c85-9076-3ff17462d555.roa (raw, json) Hash identifier: bYPoqSh97/3FC3GXviXvje/PoKK/kZ81SY2wKpnJLcw= Subject key identifier: 84:73:34:BA:4D:F8:95:A2:4F:0F:FC:8E:91:70:C9:58:B6:1F:1C:84 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 47F053E05358E812126B2ECDCA5927302A8A57A7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7c128a18-fe39-4c85-9076-3ff17462d555.roa Signing time: Fri 20 Feb 2026 00:10:42 +0000 ROA not before: Fri 20 Feb 2026 00:10:42 +0000 ROA not after: Thu 21 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:b000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:f0:53:e0:53:58:e8:12:12:6b:2e:cd:ca:59:27:30:2a:8a:57:a7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 20 00:10:42 2026 GMT Not After : May 21 23:59:59 2026 GMT Subject: serialNumber=b4762c1f272a38fe83091776fe4340e3e6b6aa962e7d7065be8b3bf2fe411a79, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:77:83:56:e1:1a:57:aa:42:ce:fe:92:61:79: b0:b4:7d:05:09:b0:ce:95:cb:b1:e6:92:db:64:b5: b5:db:d0:68:ce:a1:bd:e1:96:c8:a3:52:fb:47:62: 45:2a:2c:7c:7e:55:8a:bf:0d:42:c2:3a:a3:24:4f: 87:7d:57:aa:d8:89:a7:59:5a:f4:eb:18:d1:d5:8d: ae:ff:9f:1f:76:36:70:a2:bb:da:3c:e6:3b:f4:f6: a5:12:88:ff:89:c5:c9:9d:96:6a:65:38:5f:3b:70: fe:2a:95:f1:7b:f2:51:8a:a5:2b:97:d5:d4:bc:d4: 64:30:7e:7b:4e:d9:b2:1a:e1:8b:1e:82:b9:35:66: ce:f3:5e:bb:3e:0c:95:60:52:46:82:5f:1b:c5:77: 66:c1:10:87:24:12:a7:a2:d8:48:ac:97:3c:d2:12: a8:fb:87:49:eb:c0:9d:38:23:66:c8:40:4e:42:d3: cf:73:6a:21:79:98:15:38:a9:98:36:aa:a0:f0:93: c9:99:8c:86:ff:2e:77:6c:29:bd:e1:14:e8:19:de: b2:05:26:bc:6d:8b:2c:a6:e9:da:77:50:72:0c:19: c2:3f:a8:32:4c:54:08:a2:50:fb:4b:38:5b:7e:e4: 88:15:4d:0b:16:47:bf:e5:d0:22:bd:8c:25:73:db: 3b:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:73:34:BA:4D:F8:95:A2:4F:0F:FC:8E:91:70:C9:58:B6:1F:1C:84 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7c128a18-fe39-4c85-9076-3ff17462d555.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:b000::/40 Signature Algorithm: sha256WithRSAEncryption 60:ef:1c:1e:52:f2:5b:54:d6:f4:54:08:d2:b5:fb:d7:35:3c: 07:45:b0:65:10:59:ff:24:da:c5:29:22:b2:96:fa:77:19:24: 1b:e6:d5:19:4a:9d:dc:2c:83:8a:af:8c:66:ec:4b:7d:ce:59: b2:84:1f:b4:5f:ae:18:a6:6b:b8:33:6b:39:b3:e5:cb:2a:89: 4d:22:84:2e:f6:72:41:d8:d4:19:a8:fe:fe:ed:01:0c:2c:7f: c2:c2:7f:69:85:a7:80:f0:a1:38:9e:fb:70:d4:2a:ce:32:93: 97:e2:41:83:d3:54:96:69:0c:a9:ff:c2:10:a5:a1:1d:4c:58: 81:bc:a9:ad:08:82:51:71:2d:ef:b1:00:1e:c7:3a:bc:d6:f4: 95:8c:69:40:56:d3:c8:e9:60:93:ee:f1:23:71:d1:28:8e:1f: d4:13:6f:90:b4:44:a8:ea:89:ec:f5:f0:62:72:cc:42:82:0a: 8e:f1:bc:ec:47:c7:ff:93:38:bb:3c:cc:18:50:e6:8a:4e:ee: c6:d6:3e:42:9b:28:59:88:33:e1:65:b5:3b:fb:9e:22:42:67: 2c:8f:e0:f9:20:a4:fa:e5:da:ff:9a:f3:ba:dc:14:b2:15:94: c9:7d:ff:fb:63:c7:2e:19:8a:e1:7e:f0:39:b3:1d:24:3d:aa: 19:d1:a0:66 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUR/BT4FNY6BISay7NylknMCqKV6cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMDAwMTA0MloX DTI2MDUyMTIzNTk1OVowejFJMEcGA1UEBRNAYjQ3NjJjMWYyNzJhMzhmZTgzMDkx Nzc2ZmU0MzQwZTNlNmI2YWE5NjJlN2Q3MDY1YmU4YjNiZjJmZTQxMWE3OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXeDVuEaV6pCzv6SYXmwtH0FCbDO lcux5pLbZLW129BozqG94ZbIo1L7R2JFKix8flWKvw1CwjqjJE+HfVeq2ImnWVr0 6xjR1Y2u/58fdjZworvaPOY79PalEoj/icXJnZZqZThfO3D+KpXxe/JRiqUrl9XU vNRkMH57TtmyGuGLHoK5NWbO8167PgyVYFJGgl8bxXdmwRCHJBKnothIrJc80hKo +4dJ68CdOCNmyEBOQtPPc2oheZgVOKmYNqqg8JPJmYyG/y53bCm94RToGd6yBSa8 bYsspunad1ByDBnCP6gyTFQIolD7SzhbfuSIFU0LFke/5dAivYwlc9s7jQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIRzNLpN+JWiTw/8jpFwyVi2HxyEMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzdjMTI4YTE4LWZlMzktNGM4NS05MDc2LTNmZjE3NDYyZDU1NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9rAwDQYJKoZIhvcNAQELBQADggEBAGDvHB5S8ltU1vRUCNK1 +9c1PAdFsGUQWf8k2sUpIrKW+ncZJBvm1RlKndwsg4qvjGbsS33OWbKEH7Rfrhim a7gzazmz5csqiU0ihC72ckHY1Bmo/v7tAQwsf8LCf2mFp4DwoTie+3DUKs4yk5fi QYPTVJZpDKn/whCloR1MWIG8qa0IglFxLe+xAB7HOrzW9JWMaUBW08jpYJPu8SNx 0SiOH9QTb5C0RKjqiez18GJyzEKCCo7xvOxHx/+TOLs8zBhQ5opO7sbWPkKbKFmI M+FltTv7niJCZyyP4PkgpPrl2v+a87rcFLIVlMl9//tjxy4ZiuF+8DmzHSQ9qhnR oGY= -----END CERTIFICATE-----Generated at Sun Mar 1 22:17:34 2026 by rpki-client