$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/809f0c96-bf0f-41ef-a664-a5509c777eb1.roa File: 809f0c96-bf0f-41ef-a664-a5509c777eb1.roa (raw, json) Hash identifier: EKCL2Kof5EtSjAygbRepbwOq1RHEOV4cykQxOUoRMDA= Subject key identifier: 3A:43:4F:15:DA:90:08:E8:2C:26:85:CE:5A:FE:B6:85:A9:E4:D0:7D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5C02C667CCE1D2C70B057C29C7F720884309B136 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/809f0c96-bf0f-41ef-a664-a5509c777eb1.roa Signing time: Wed 11 Feb 2026 00:00:03 +0000 ROA not before: Wed 11 Feb 2026 00:00:03 +0000 ROA not after: Tue 12 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:02:c6:67:cc:e1:d2:c7:0b:05:7c:29:c7:f7:20:88:43:09:b1:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 11 00:00:03 2026 GMT Not After : May 12 23:59:59 2026 GMT Subject: serialNumber=10db87547933111a8dcce90d80d4a933f0f557597857ea130e3c2b48c21f4545, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:de:af:af:5d:e5:e9:fb:f9:63:d8:e5:6c:9a: 28:8d:07:1a:b2:97:fe:ed:aa:2f:01:13:66:f6:21: 37:46:2c:97:a2:2a:5a:e1:e9:44:14:20:05:9f:03: fd:aa:39:95:9e:c1:bb:48:56:2d:cd:ae:c2:a0:aa: 70:1f:e5:84:92:4d:23:24:f1:a6:5f:d3:5c:9b:1a: 84:fd:e7:1d:0d:b0:cb:40:eb:a8:c3:52:aa:72:c1: 48:b9:ad:27:84:9d:bc:51:45:7d:d4:7f:cb:de:74: ca:d0:17:b1:93:21:7a:ec:f5:5a:a0:10:d4:09:15: 24:ba:4b:81:73:e8:53:8a:f2:14:f0:b2:f0:5e:7d: 58:97:25:8e:51:60:4f:54:ea:14:93:e1:8d:05:8d: 62:a6:47:bd:dd:5f:1e:00:1f:20:00:4d:a7:2a:80: 86:a3:94:c9:0a:69:29:55:c3:05:b2:aa:00:16:4f: 1b:14:87:69:3f:11:1c:66:04:62:d3:bb:34:88:3d: c7:8c:74:66:28:22:a8:f1:31:0d:05:d7:5e:fe:b9: 9d:3a:10:82:d3:a2:a3:6c:48:da:f1:6c:f4:1d:5d: 46:7a:70:a6:2b:81:64:6f:65:e5:52:65:6e:a8:6b: f4:c9:de:ab:d7:55:05:28:70:19:b8:87:68:11:8a: 7c:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:43:4F:15:DA:90:08:E8:2C:26:85:CE:5A:FE:B6:85:A9:E4:D0:7D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/809f0c96-bf0f-41ef-a664-a5509c777eb1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:6000::/40 Signature Algorithm: sha256WithRSAEncryption c9:df:32:c8:d1:a7:cc:c0:5f:0c:a2:62:14:67:ab:07:82:cf: 57:65:ce:58:91:fb:90:77:49:f3:7d:68:1d:13:88:f9:f2:a5: 06:c4:3e:fe:23:c0:40:b0:d5:f1:e1:e2:46:94:68:da:1c:05: 0a:b2:50:a2:b0:4c:69:99:ed:77:c3:73:1a:fa:81:b3:d7:5b: e3:5a:51:57:96:9d:ff:52:a7:29:ac:7e:fe:2a:70:79:d7:af: 13:6e:09:4b:21:08:3d:d9:9d:75:ef:7b:ed:f7:7e:32:dc:c7: 97:f1:82:31:09:2d:e0:e5:1b:82:e1:d0:bd:94:92:fa:91:ef: 98:61:24:23:6d:a5:5e:42:18:94:24:30:93:7f:46:37:3e:56: 40:34:2c:ce:bd:7b:b4:81:7f:a8:7d:b8:1c:24:a1:87:8f:b4: 2b:14:a8:23:ae:bb:27:43:f3:b4:af:65:ac:4e:42:00:0a:7c: de:32:c9:79:fc:30:77:db:29:e3:a0:13:9f:94:57:1a:5f:cd: 78:a2:75:6c:2d:94:33:97:b5:9e:a8:92:6c:2b:1a:7f:79:e6: 8f:54:da:4e:c0:5f:7d:8f:42:d5:94:02:b6:2b:01:8a:5a:5a: 67:13:20:17:82:3a:00:39:ff:f9:8a:62:80:52:19:ed:94:69: d1:cd:1b:27 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUXALGZ8zh0scLBXwpx/cgiEMJsTYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxMTAwMDAwM1oX DTI2MDUxMjIzNTk1OVowejFJMEcGA1UEBRNAMTBkYjg3NTQ3OTMzMTExYThkY2Nl OTBkODBkNGE5MzNmMGY1NTc1OTc4NTdlYTEzMGUzYzJiNDhjMjFmNDU0NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9t6vr13l6fv5Y9jlbJoojQcaspf+ 7aovARNm9iE3RiyXoipa4elEFCAFnwP9qjmVnsG7SFYtza7CoKpwH+WEkk0jJPGm X9NcmxqE/ecdDbDLQOuow1KqcsFIua0nhJ28UUV91H/L3nTK0BexkyF67PVaoBDU CRUkukuBc+hTivIU8LLwXn1YlyWOUWBPVOoUk+GNBY1ipke93V8eAB8gAE2nKoCG o5TJCmkpVcMFsqoAFk8bFIdpPxEcZgRi07s0iD3HjHRmKCKo8TENBdde/rmdOhCC 06KjbEja8Wz0HV1GenCmK4Fkb2XlUmVuqGv0yd6r11UFKHAZuIdoEYp8dwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDpDTxXakAjoLCaFzlr+toWp5NB9MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzgwOWYwYzk2LWJmMGYtNDFlZi1hNjY0LWE1NTA5Yzc3N2ViMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9WAwDQYJKoZIhvcNAQELBQADggEBAMnfMsjRp8zAXwyiYhRn qweCz1dlzliR+5B3SfN9aB0TiPnypQbEPv4jwECw1fHh4kaUaNocBQqyUKKwTGmZ 7XfDcxr6gbPXW+NaUVeWnf9Spymsfv4qcHnXrxNuCUshCD3ZnXXve+33fjLcx5fx gjEJLeDlG4Lh0L2UkvqR75hhJCNtpV5CGJQkMJN/Rjc+VkA0LM69e7SBf6h9uBwk oYePtCsUqCOuuydD87SvZaxOQgAKfN4yyXn8MHfbKeOgE5+UVxpfzXiidWwtlDOX tZ6okmwrGn955o9U2k7AX32PQtWUArYrAYpaWmcTIBeCOgA5//mKYoBSGe2UadHN Gyc= -----END CERTIFICATE-----Generated at Sun Mar 1 22:20:06 2026 by rpki-client