$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/817269f2-96fa-459a-a02d-a57162c8041a.roa File: 817269f2-96fa-459a-a02d-a57162c8041a.roa (raw, json) Hash identifier: 4NK4ymbRiNzOZhIP9G+2iaLDBfeZ2IsB/bAtLyrqnu0= Subject key identifier: 36:0D:B4:4A:DA:1F:A7:88:C8:9E:D2:92:DB:79:4B:91:29:C8:68:26 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3C36F373E16A52DCC53D93E5E758FA7A86177A12 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/817269f2-96fa-459a-a02d-a57162c8041a.roa Signing time: Sun 22 Feb 2026 00:00:40 +0000 ROA not before: Sun 22 Feb 2026 00:00:40 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1e::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:36:f3:73:e1:6a:52:dc:c5:3d:93:e5:e7:58:fa:7a:86:17:7a:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:00:40 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=eaeab0b4c1d973c06549258bacb7dba98ca21f83efec20d1876a84ad54aec0c8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:8b:24:d1:09:62:ce:03:92:8f:33:e8:4d:96: 0a:e0:21:a4:2c:98:a6:26:a7:ac:2d:1a:f0:2d:0f: 36:45:0c:c0:45:90:54:e1:88:8c:60:54:f9:93:04: 87:da:fc:db:a0:38:4a:b5:54:14:dd:98:87:37:35: fb:29:d2:7e:f2:d8:de:75:95:cf:62:6b:85:41:13: 55:01:8c:71:5a:b9:3a:83:f7:ca:cc:19:2f:ad:72: ff:94:a2:d9:60:31:07:ab:34:1b:a2:6e:e7:a2:ac: da:0d:72:30:91:34:7f:5e:05:79:b3:78:a5:cc:6e: 5f:cd:b8:7d:90:0c:5a:58:de:b0:d4:14:79:b9:53: af:6b:4a:e3:9d:4e:ce:e1:9f:f3:33:17:71:aa:b0: c1:82:1e:6d:ea:de:ac:52:b6:d1:00:a4:fe:ae:98: 14:4c:fc:af:2a:f9:c8:dc:e2:d9:bd:ba:ae:4c:4e: f4:fc:9d:a8:e0:89:4c:2e:cc:f0:09:98:79:c2:53: 5f:1f:82:8d:73:c0:52:6e:dd:8a:dc:1e:72:28:cf: 5c:05:db:71:b9:02:62:fa:3b:62:3d:bf:39:c7:fd: d5:4e:fa:5a:43:26:51:22:85:5a:9f:0a:bf:0c:84: de:bd:ba:9f:d0:40:29:ff:ac:a7:3a:8a:a5:87:dd: fe:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:0D:B4:4A:DA:1F:A7:88:C8:9E:D2:92:DB:79:4B:91:29:C8:68:26 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/817269f2-96fa-459a-a02d-a57162c8041a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1e::/32 Signature Algorithm: sha256WithRSAEncryption 4e:9e:94:7d:ea:a7:f5:bc:0f:4c:1f:04:6a:eb:54:37:71:3c: 71:97:37:26:c1:03:1f:8a:71:a7:4b:36:38:51:5e:80:0a:06: d9:9e:eb:f7:69:b8:7d:05:34:86:fe:87:5b:7c:47:30:78:af: b3:7a:0c:ad:0b:44:81:54:83:b4:f5:b4:a3:2d:57:83:ac:28: 94:43:16:d7:bb:97:35:e6:ff:42:fb:f0:43:1d:80:87:a9:71: ae:93:ad:76:c1:33:a1:98:bd:ae:24:2b:f3:1c:8c:98:ea:27: ba:3a:d7:5d:b3:8e:17:4e:8e:97:0e:75:b9:a6:9c:69:73:a9: 4c:81:59:f2:67:78:38:70:46:fe:ce:ba:76:3e:d2:f6:03:a0: a3:8f:9b:b6:a5:a5:da:ac:3c:e6:fa:15:4e:09:bd:8e:43:74: c8:71:24:0f:c8:71:5e:4f:61:ae:39:ca:b5:1b:eb:1b:d4:3c: 62:46:2b:9c:6d:0f:2a:3e:00:3d:e6:3f:95:9e:a9:ac:32:85: 09:f2:72:c1:1b:ca:fa:89:f3:1c:85:de:7c:33:7b:e2:87:9f: 43:0c:ef:34:74:65:5a:92:61:01:56:3e:83:78:84:e8:04:0c: 0c:b1:20:4c:a5:13:a2:01:98:f1:d3:a8:f5:d3:e6:e5:b2:52: 18:7c:b5:8d -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUPDbzc+FqUtzFPZPl51j6eoYXehIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMDA0MFoX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAZWFlYWIwYjRjMWQ5NzNjMDY1NDky NThiYWNiN2RiYTk4Y2EyMWY4M2VmZWMyMGQxODc2YTg0YWQ1NGFlYzBjODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Isk0QlizgOSjzPoTZYK4CGkLJim JqesLRrwLQ82RQzARZBU4YiMYFT5kwSH2vzboDhKtVQU3ZiHNzX7KdJ+8tjedZXP YmuFQRNVAYxxWrk6g/fKzBkvrXL/lKLZYDEHqzQbom7noqzaDXIwkTR/XgV5s3il zG5fzbh9kAxaWN6w1BR5uVOva0rjnU7O4Z/zMxdxqrDBgh5t6t6sUrbRAKT+rpgU TPyvKvnI3OLZvbquTE70/J2o4IlMLszwCZh5wlNfH4KNc8BSbt2K3B5yKM9cBdtx uQJi+jtiPb85x/3VTvpaQyZRIoVanwq/DITevbqf0EAp/6ynOoqlh93+2QIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFDYNtEraH6eIyJ7Sktt5S5EpyGgmMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzgxNzI2OWYyLTk2ZmEtNDU5YS1hMDJkLWE1NzE2MmM4MDQxYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAbaHjANBgkqhkiG9w0BAQsFAAOCAQEATp6Ufeqn9bwPTB8EautU N3E8cZc3JsEDH4pxp0s2OFFegAoG2Z7r92m4fQU0hv6HW3xHMHivs3oMrQtEgVSD tPW0oy1Xg6wolEMW17uXNeb/QvvwQx2Ah6lxrpOtdsEzoZi9riQr8xyMmOonujrX XbOOF06Olw51uaacaXOpTIFZ8md4OHBG/s66dj7S9gOgo4+btqWl2qw85voVTgm9 jkN0yHEkD8hxXk9hrjnKtRvrG9Q8YkYrnG0PKj4APeY/lZ6prDKFCfJywRvK+onz HIXefDN74oefQwzvNHRlWpJhAVY+g3iE6AQMDLEgTKUTogGY8dOo9dPm5bJSGHy1 jQ== -----END CERTIFICATE-----Generated at Sun Mar 1 22:13:57 2026 by rpki-client