$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/805b67b5-4a3c-4df5-ba24-7f671bea2f7d.roa File: 805b67b5-4a3c-4df5-ba24-7f671bea2f7d.roa (raw, json) Hash identifier: Zwiryl/THxFk9Sn63HIseMxqwqGMp0QcwsVBJvZSA3E= Subject key identifier: AB:BF:2A:3D:C8:38:01:78:6B:23:B0:77:75:97:EC:7D:22:25:C9:7D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 37CCF2D70CA00170EE4F1C14160C7E0361EEA325 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/805b67b5-4a3c-4df5-ba24-7f671bea2f7d.roa Signing time: Sat 21 Feb 2026 00:01:09 +0000 ROA not before: Sat 21 Feb 2026 00:01:09 +0000 ROA not after: Fri 22 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:cc:f2:d7:0c:a0:01:70:ee:4f:1c:14:16:0c:7e:03:61:ee:a3:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 21 00:01:09 2026 GMT Not After : May 22 23:59:59 2026 GMT Subject: serialNumber=6a3fc2ca85bbc25838458fe3931ea30f8db7778ebf139c2b7e372ba197219449, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:ee:21:e5:b2:44:6c:9f:75:4f:0b:ea:4e:ad: d6:4d:53:fa:87:80:ec:64:83:8f:4f:ad:c3:ae:7a: 48:c3:0f:97:ab:21:bc:f3:29:38:b3:17:72:b2:f0: e4:0e:f0:43:11:5d:8e:17:50:44:de:f7:b3:8c:d1: e0:6c:d1:b2:83:4b:ac:d8:7b:e8:31:37:d9:17:13: 9b:11:9e:46:77:56:ba:b2:c9:3e:8b:bf:74:1a:90: 72:f3:37:f5:01:a3:94:fe:62:f7:ed:e1:75:5a:fa: 2d:c1:68:fe:3b:db:ca:4d:1a:5c:54:72:30:61:bf: e6:b0:a0:67:21:f1:44:e2:eb:e8:5a:d8:f9:2a:bf: 71:ae:d4:b9:f5:2e:ec:a5:85:a0:1b:46:66:f2:20: f1:cc:11:13:53:0d:d0:86:83:52:ba:76:fd:77:d5: 92:df:21:c0:cf:f1:3c:5a:32:1c:1a:d0:02:49:89: b3:40:21:87:84:8f:43:a0:10:72:47:fb:dc:bb:00: ca:62:f5:71:d9:d0:c0:19:04:88:02:8a:01:31:4e: 05:c3:22:e1:86:77:ab:14:71:dc:25:a4:80:d8:73: 36:75:d7:41:aa:d1:78:a8:17:c8:7d:13:6b:fd:46: 8f:c9:c6:7a:f8:9b:af:1d:6d:c7:c1:c6:66:91:77: 78:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:BF:2A:3D:C8:38:01:78:6B:23:B0:77:75:97:EC:7D:22:25:C9:7D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/805b67b5-4a3c-4df5-ba24-7f671bea2f7d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:8000::/40 Signature Algorithm: sha256WithRSAEncryption 6a:97:a8:c4:32:60:1e:b2:e5:df:71:37:69:f6:b6:14:33:66: e1:91:a2:5a:60:9d:62:b4:ad:92:25:e7:14:6c:4b:92:f9:97: e9:6a:f9:c4:bc:52:4b:f2:f6:c2:10:ac:0e:67:f9:f7:e3:9a: d5:e1:b8:29:5a:4c:6b:3c:39:46:02:7b:22:d1:32:7d:dc:70: ee:d5:c9:c7:6e:17:a6:e1:3c:ab:5f:cf:3e:1c:a3:2c:b1:4c: 39:5e:f8:b6:1a:33:41:23:a7:92:69:0e:f3:bb:ff:76:7f:6b: 21:c7:a0:77:bd:e2:ac:6e:ae:87:3a:0f:6d:c4:4e:c3:94:c4: 3d:d9:62:10:81:d5:0a:ce:d7:cc:be:cc:8c:3f:1b:7f:c6:78: 39:fb:46:6d:92:90:e2:0d:ab:5b:9c:40:38:db:d4:be:61:6e: 30:1a:28:bb:83:a5:61:97:9d:e7:11:58:c0:66:0a:8e:88:4b: 16:2d:9f:05:c4:5b:8b:a1:09:d4:19:1f:c6:38:62:58:53:8d: c7:63:3a:6d:db:61:ea:f3:09:89:a4:1a:60:00:4a:a7:d4:92: 05:ac:82:a2:4e:40:7e:3e:da:43:06:b3:84:10:3e:e2:b5:90: 26:99:28:ea:6a:73:13:ea:b2:47:af:ff:c8:8f:96:36:23:c9: 02:75:ac:1c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUN8zy1wygAXDuTxwUFgx+A2HuoyUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMTAwMDEwOVoX DTI2MDUyMjIzNTk1OVowejFJMEcGA1UEBRNANmEzZmMyY2E4NWJiYzI1ODM4NDU4 ZmUzOTMxZWEzMGY4ZGI3Nzc4ZWJmMTM5YzJiN2UzNzJiYTE5NzIxOTQ0OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtO4h5bJEbJ91TwvqTq3WTVP6h4Ds ZIOPT63DrnpIww+XqyG88yk4sxdysvDkDvBDEV2OF1BE3vezjNHgbNGyg0us2Hvo MTfZFxObEZ5Gd1a6ssk+i790GpBy8zf1AaOU/mL37eF1WvotwWj+O9vKTRpcVHIw Yb/msKBnIfFE4uvoWtj5Kr9xrtS59S7spYWgG0Zm8iDxzBETUw3QhoNSunb9d9WS 3yHAz/E8WjIcGtACSYmzQCGHhI9DoBByR/vcuwDKYvVx2dDAGQSIAooBMU4FwyLh hnerFHHcJaSA2HM2dddBqtF4qBfIfRNr/UaPycZ6+JuvHW3HwcZmkXd4pQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKu/Kj3IOAF4ayOwd3WX7H0iJcl9MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzgwNWI2N2I1LTRhM2MtNGRmNS1iYTI0LTdmNjcxYmVhMmY3ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaYAwDQYJKoZIhvcNAQELBQADggEBAGqXqMQyYB6y5d9xN2n2 thQzZuGRolpgnWK0rZIl5xRsS5L5l+lq+cS8Ukvy9sIQrA5n+ffjmtXhuClaTGs8 OUYCeyLRMn3ccO7VycduF6bhPKtfzz4coyyxTDle+LYaM0Ejp5JpDvO7/3Z/ayHH oHe94qxuroc6D23ETsOUxD3ZYhCB1QrO18y+zIw/G3/GeDn7Rm2SkOINq1ucQDjb 1L5hbjAaKLuDpWGXnecRWMBmCo6ISxYtnwXEW4uhCdQZH8Y4YlhTjcdjOm3bYerz CYmkGmAASqfUkgWsgqJOQH4+2kMGs4QQPuK1kCaZKOpqcxPqskev/8iPljYjyQJ1 rBw= -----END CERTIFICATE-----Generated at Sun Mar 1 23:47:43 2026 by rpki-client