$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8167b956-49b6-4bfc-b015-6dcca357c141.roa File: 8167b956-49b6-4bfc-b015-6dcca357c141.roa (raw, json) Hash identifier: kvDUz+TuucEh/ip1+wy84K0/TONQ0puiPBaTHEGoR3U= Subject key identifier: D3:C6:B2:6A:9A:8A:A5:77:AC:29:67:5F:B6:C8:B4:A0:83:1F:BF:42 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 508B94552655736E9B43459716C4E03D212030B8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8167b956-49b6-4bfc-b015-6dcca357c141.roa Signing time: Sat 28 Feb 2026 00:00:05 +0000 ROA not before: Sat 28 Feb 2026 00:00:05 +0000 ROA not after: Fri 29 May 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:8b:94:55:26:55:73:6e:9b:43:45:97:16:c4:e0:3d:21:20:30:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 28 00:00:05 2026 GMT Not After : May 29 23:59:59 2026 GMT Subject: serialNumber=9607a331d32c68ba86d47eda067397ec7bb4223a7591bf5e7f08df8cf46aeab9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:3d:88:d3:0c:40:23:64:dd:99:86:e5:6d:4d: 41:aa:3c:23:b6:7d:c6:8d:fc:dd:4a:97:eb:7c:2f: a1:76:8c:61:2f:5c:5c:58:31:ca:ee:5c:32:9b:4e: 10:69:f3:68:18:ae:45:41:20:61:38:2b:b4:7c:50: 61:f1:61:ad:2c:d5:07:ce:53:a1:21:4b:23:d3:cb: d0:3c:0e:89:1c:41:1d:72:32:c7:a2:a7:67:73:6a: 7f:c1:f2:ee:1a:9f:40:7b:06:fc:01:47:a7:5d:d2: 62:ee:25:95:ee:31:53:36:22:5d:e4:b7:7a:33:84: 13:ab:0b:0e:17:3e:a7:3b:2b:2e:9b:31:bc:35:1d: fd:8b:8b:92:14:1f:1b:81:ce:12:4c:af:06:26:d7: 35:df:3f:30:38:79:1e:0e:17:e8:b7:fd:c4:79:10: 2c:20:72:7d:41:ed:6e:7b:17:6a:38:88:40:e8:77: 5b:9c:1f:d0:c3:45:e0:ce:37:79:ef:b1:e3:05:84: 0d:1d:12:85:e8:6f:2e:f4:5c:88:93:c4:af:91:3f: ce:fb:21:48:90:a4:b0:5a:e1:e1:0b:cb:1c:02:bc: db:b7:b2:5a:96:6b:9e:13:7f:84:f4:52:b3:59:85: e1:ba:8d:3d:12:40:55:1f:6e:2c:dd:c5:e1:f6:ff: 41:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:C6:B2:6A:9A:8A:A5:77:AC:29:67:5F:B6:C8:B4:A0:83:1F:BF:42 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8167b956-49b6-4bfc-b015-6dcca357c141.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:7000::/40 Signature Algorithm: sha256WithRSAEncryption c9:71:be:a5:20:b8:6c:73:fc:b1:91:c5:f9:9d:ee:ff:a0:f8: fe:34:10:1b:36:76:da:11:e1:89:83:cd:14:2c:85:74:52:99: f1:3a:f5:c1:27:a7:76:70:a1:a5:3a:75:35:99:3a:f8:9e:f9: c0:23:0d:ab:e3:58:b0:7a:c4:39:1a:62:33:26:c8:48:0e:fe: 5c:05:bd:3f:0a:40:43:df:1a:5d:1b:e2:dd:68:a5:7e:3d:b0: 1c:6a:14:00:15:ef:88:ca:01:81:68:0e:9b:2b:ca:ee:68:0c: 9b:a3:22:ac:fb:a6:14:51:c7:74:63:97:56:4b:15:5a:d1:f3: bb:3e:03:80:1b:36:5c:c6:8a:06:0c:8b:7a:8e:d7:5e:66:6e: d0:fd:a5:36:de:68:15:aa:cb:16:3d:db:e7:20:7f:2b:c0:ed: 6f:e0:7d:05:3d:24:00:6b:b2:94:3e:df:5a:ca:52:2c:68:38: 0c:af:c8:d0:0b:fe:f1:40:d5:15:ac:94:05:49:2a:43:5c:e5: a2:f8:8b:41:15:e1:2c:c6:82:6e:d3:1c:2d:b4:1e:a1:e5:05: 67:ce:fb:dd:f9:29:f3:e6:32:38:2a:bd:4e:01:b1:6a:a2:ae: 94:5e:53:20:d4:50:a0:bc:14:df:ef:64:67:e5:a1:e8:f1:c7: da:41:6d:79 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUUIuUVSZVc26bQ0WXFsTgPSEgMLgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyODAwMDAwNVoX DTI2MDUyOTIzNTk1OVowejFJMEcGA1UEBRNAOTYwN2EzMzFkMzJjNjhiYTg2ZDQ3 ZWRhMDY3Mzk3ZWM3YmI0MjIzYTc1OTFiZjVlN2YwOGRmOGNmNDZhZWFiOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2z2I0wxAI2TdmYblbU1Bqjwjtn3G jfzdSpfrfC+hdoxhL1xcWDHK7lwym04QafNoGK5FQSBhOCu0fFBh8WGtLNUHzlOh IUsj08vQPA6JHEEdcjLHoqdnc2p/wfLuGp9Aewb8AUenXdJi7iWV7jFTNiJd5Ld6 M4QTqwsOFz6nOysumzG8NR39i4uSFB8bgc4STK8GJtc13z8wOHkeDhfot/3EeRAs IHJ9Qe1uexdqOIhA6HdbnB/Qw0Xgzjd577HjBYQNHRKF6G8u9FyIk8SvkT/O+yFI kKSwWuHhC8scArzbt7JalmueE3+E9FKzWYXhuo09EkBVH24s3cXh9v9BgQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNPGsmqaiqV3rClnX7bItKCDH79CMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzgxNjdiOTU2LTQ5YjYtNGJmYy1iMDE1LTZkY2NhMzU3YzE0MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba73AwDQYJKoZIhvcNAQELBQADggEBAMlxvqUguGxz/LGRxfmd 7v+g+P40EBs2dtoR4YmDzRQshXRSmfE69cEnp3ZwoaU6dTWZOvie+cAjDavjWLB6 xDkaYjMmyEgO/lwFvT8KQEPfGl0b4t1opX49sBxqFAAV74jKAYFoDpsryu5oDJuj Iqz7phRRx3Rjl1ZLFVrR87s+A4AbNlzGigYMi3qO115mbtD9pTbeaBWqyxY92+cg fyvA7W/gfQU9JABrspQ+31rKUixoOAyvyNAL/vFA1RWslAVJKkNc5aL4i0EV4SzG gm7THC20HqHlBWfO+935KfPmMjgqvU4BsWqirpReUyDUUKC8FN/vZGfloejxx9pB bXk= -----END CERTIFICATE-----Generated at Mon Mar 2 03:23:14 2026 by rpki-client