$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/87bdbd43-8748-4d90-9b3d-91c88f2d844d.roa File: 87bdbd43-8748-4d90-9b3d-91c88f2d844d.roa (raw, json) Hash identifier: YZ6xPmAu0GCKl+COuqmwsHCJgjLcwAgIWqTK1WNjss0= Subject key identifier: 90:0A:90:99:A8:00:97:20:56:E0:20:4E:9B:CA:37:7B:6B:DA:21:53 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 15798E6937AC2B9028C0D7D207A2F0A573E00E78 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/87bdbd43-8748-4d90-9b3d-91c88f2d844d.roa Signing time: Sat 21 Feb 2026 00:10:31 +0000 ROA not before: Sat 21 Feb 2026 00:10:31 +0000 ROA not after: Fri 22 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:20c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:79:8e:69:37:ac:2b:90:28:c0:d7:d2:07:a2:f0:a5:73:e0:0e:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 21 00:10:31 2026 GMT Not After : May 22 23:59:59 2026 GMT Subject: serialNumber=37ab2d6f1962d37da4d23f2d8c1286069cfe7e2bfcb3fc171f89173d8620c141, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:08:64:7f:07:37:b6:ca:38:b3:d1:c2:7d:38: 0e:12:7d:01:13:49:71:d8:a2:89:88:8c:2d:9c:3f: ac:df:40:f8:9c:0a:c8:cc:a1:58:0d:f2:a0:d6:c6: bd:77:d6:a0:ff:02:ec:85:36:72:c7:d6:58:f7:f8: fc:35:6c:49:c8:58:b7:35:e1:c9:49:dc:86:d0:8c: 8e:3f:8d:94:a0:67:46:a6:63:9f:fe:4d:67:5d:cc: 2c:6b:41:aa:97:5d:ab:95:94:9b:d3:87:d3:18:67: 65:db:dd:77:d2:4a:64:13:ec:b6:2d:c4:5c:dc:cb: b2:88:c7:9d:69:f1:e0:8e:41:cf:64:af:f1:b4:ef: 79:d0:ad:75:b2:da:09:a6:85:42:5f:d1:ad:51:34: e0:25:7e:bf:0a:b1:7b:d5:c4:29:20:19:1d:d4:8b: 1e:85:41:82:55:e7:19:1e:e3:a9:72:4c:4b:ad:f0: b7:39:93:bd:9f:b2:66:8d:1d:4f:f0:ad:fd:25:d4: 2d:16:cc:66:ee:ec:ff:18:6d:0b:11:28:b9:44:36: f2:95:90:a1:34:29:4a:b1:93:e4:0c:40:07:2f:a6: 1a:28:d7:0c:a4:0a:e8:5b:53:a8:cc:25:80:90:51: 48:a1:a8:79:f3:ed:88:0f:ec:3b:77:34:c7:90:f5: 4e:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:0A:90:99:A8:00:97:20:56:E0:20:4E:9B:CA:37:7B:6B:DA:21:53 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/87bdbd43-8748-4d90-9b3d-91c88f2d844d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:20c0::/48 Signature Algorithm: sha256WithRSAEncryption a8:98:ff:16:3b:91:37:3c:a7:a2:57:db:ea:0a:b3:70:15:cb: 96:2b:46:fa:a9:e5:37:54:a4:29:e5:6b:f3:ac:ac:1a:7f:e5: 4a:0c:16:21:3d:97:9c:16:16:8c:1d:49:0a:9e:9c:4d:3e:86: 9a:2c:15:66:d6:43:16:df:2b:7f:58:11:07:a8:ab:1d:c4:8b: e7:5d:e7:6b:93:87:4d:9d:98:b3:fd:12:a3:1e:70:23:b7:bc: 2e:13:9d:eb:0d:94:aa:63:c5:8a:fe:1a:a2:5f:24:7d:9b:e1: 42:61:c8:eb:fd:e9:31:81:91:72:61:fd:88:97:2a:b3:62:45: 57:91:8a:82:be:a4:b3:d8:ea:3f:8a:9b:34:e7:c7:b8:7f:fe: 11:91:0d:9b:4e:2f:7c:aa:91:4a:62:fc:1d:d1:a6:63:c3:60: 15:39:04:38:7f:16:21:33:40:39:8a:80:05:01:65:3c:f0:c9: 68:d9:b9:bc:d0:2c:a6:ce:bf:39:55:a0:3c:f6:43:7b:bf:b4: 18:fe:b8:6f:e1:2c:09:33:15:aa:45:23:58:65:e0:a4:4e:14: a9:d2:5d:ab:bf:a4:9c:c1:01:71:9b:25:05:49:35:cb:71:9a: 22:95:89:22:8f:72:cb:0f:0f:b0:93:13:45:53:6e:67:6f:c1: d8:b5:25:c0 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUFXmOaTesK5AowNfSB6LwpXPgDngwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMTAwMTAzMVoX DTI2MDUyMjIzNTk1OVowejFJMEcGA1UEBRNAMzdhYjJkNmYxOTYyZDM3ZGE0ZDIz ZjJkOGMxMjg2MDY5Y2ZlN2UyYmZjYjNmYzE3MWY4OTE3M2Q4NjIwYzE0MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvghkfwc3tso4s9HCfTgOEn0BE0lx 2KKJiIwtnD+s30D4nArIzKFYDfKg1sa9d9ag/wLshTZyx9ZY9/j8NWxJyFi3NeHJ SdyG0IyOP42UoGdGpmOf/k1nXcwsa0Gql12rlZSb04fTGGdl29130kpkE+y2LcRc 3MuyiMedafHgjkHPZK/xtO950K11stoJpoVCX9GtUTTgJX6/CrF71cQpIBkd1Ise hUGCVecZHuOpckxLrfC3OZO9n7JmjR1P8K39JdQtFsxm7uz/GG0LESi5RDbylZCh NClKsZPkDEAHL6YaKNcMpAroW1OozCWAkFFIoah58+2ID+w7dzTHkPVOkQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJAKkJmoAJcgVuAgTpvKN3tr2iFTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg3YmRiZDQzLTg3NDgtNGQ5MC05YjNkLTkxYzg4ZjJkODQ0ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8iDAMA0GCSqGSIb3DQEBCwUAA4IBAQComP8WO5E3PKeiV9vq CrNwFcuWK0b6qeU3VKQp5WvzrKwaf+VKDBYhPZecFhaMHUkKnpxNPoaaLBVm1kMW 3yt/WBEHqKsdxIvnXedrk4dNnZiz/RKjHnAjt7wuE53rDZSqY8WK/hqiXyR9m+FC Ycjr/ekxgZFyYf2IlyqzYkVXkYqCvqSz2Oo/ips058e4f/4RkQ2bTi98qpFKYvwd 0aZjw2AVOQQ4fxYhM0A5ioAFAWU88Mlo2bm80Cymzr85VaA89kN7v7QY/rhv4SwJ MxWqRSNYZeCkThSp0l2rv6ScwQFxmyUFSTXLcZoilYkij3LLDw+wkxNFU25nb8HY tSXA -----END CERTIFICATE-----Generated at Sun Mar 1 21:51:40 2026 by rpki-client