$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/87e22441-1418-4229-88ee-c283b029cb95.roa File: 87e22441-1418-4229-88ee-c283b029cb95.roa (raw, json) Hash identifier: C9kb/iyAc6IXhDfnSJMqqgQo7On4OzGveauIgfF20p8= Subject key identifier: 8D:C3:BA:BF:1B:8F:DF:73:1E:CA:0B:D6:11:FE:F2:53:BA:45:A2:32 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5821F47A7CE0E58D83D0EDB4AFA94D0BB472C259 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/87e22441-1418-4229-88ee-c283b029cb95.roa Signing time: Sat 28 Feb 2026 00:00:40 +0000 ROA not before: Sat 28 Feb 2026 00:00:40 +0000 ROA not after: Fri 29 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daef:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:21:f4:7a:7c:e0:e5:8d:83:d0:ed:b4:af:a9:4d:0b:b4:72:c2:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 28 00:00:40 2026 GMT Not After : May 29 23:59:59 2026 GMT Subject: serialNumber=633d61f09a4715a5d114af9c31f9911cce7f8616b75b4821b54f837aeb5e93c6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:c9:1b:15:52:63:99:e1:0c:4a:46:ec:76:46: 9e:0b:5e:28:8f:ba:ed:41:ad:cf:b9:c8:fa:c9:cf: e9:96:f3:9d:29:da:c5:b2:b6:c2:3c:c7:9c:17:86: e3:96:26:f7:8f:b5:cc:64:e5:bc:eb:bf:76:70:ef: 99:df:9c:42:ac:69:9e:6f:9a:3c:e2:51:f9:34:d9: 06:be:fa:04:f8:c0:71:11:94:66:9e:d7:7d:d9:f6: 6c:5f:e3:4a:9d:d6:40:c7:e6:2c:ad:2e:71:8d:85: 5a:03:a3:39:4a:58:c7:4c:67:40:13:3a:af:98:e4: 9d:20:ea:6c:3f:c6:6f:0b:29:68:5f:15:82:81:26: 42:fd:43:8e:56:6c:ab:71:aa:49:76:36:ad:07:93: 7e:33:d4:5a:9e:e1:64:21:ad:b3:31:fa:32:ad:52: 19:28:7a:b7:6b:45:c1:d5:37:df:91:0a:27:3c:ab: 3c:32:45:fe:72:2d:da:a2:28:da:03:a0:94:58:5d: 1d:f1:43:43:d0:b0:ec:c8:a4:ac:82:ee:7f:cf:ef: ae:f5:6c:e7:e4:d3:ce:5d:36:c6:07:4d:42:97:9c: c5:c6:6f:cf:1e:15:83:3a:60:68:09:bc:91:c9:2b: f2:d6:70:c3:68:ad:fc:b0:92:9d:7a:4d:28:f1:89: fb:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:C3:BA:BF:1B:8F:DF:73:1E:CA:0B:D6:11:FE:F2:53:BA:45:A2:32 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/87e22441-1418-4229-88ee-c283b029cb95.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:9000::/40 Signature Algorithm: sha256WithRSAEncryption bb:00:7c:96:e8:56:a9:49:b4:a6:70:e0:2c:5e:1a:a0:48:0c: bb:48:c6:7a:e9:0a:ac:58:59:33:e5:5f:db:da:c6:8c:cb:2e: c2:27:f3:6c:c9:01:98:a0:3f:1b:f6:6f:e4:1c:37:4a:ce:e4: 32:55:f7:85:f3:75:65:d1:d5:8f:c7:d9:30:7b:c0:12:d9:3a: be:3b:4f:3d:8b:89:9a:ff:6a:97:80:fd:f4:38:0b:70:1a:80: 7f:a1:6a:7b:ef:4f:a2:5e:25:3f:23:b0:96:28:43:47:82:d7: 96:7e:8a:57:84:24:d9:ab:88:7e:8b:8f:0f:94:2c:34:4e:7d: d4:f4:f9:2b:a3:5a:a3:67:da:b2:0e:cd:9e:f0:dd:ba:29:e8: 99:e9:82:b1:82:9e:4b:f2:f8:ae:6d:fc:d1:14:55:20:a9:c5: b1:c6:3e:94:94:6d:a9:72:b4:84:8f:99:98:60:96:5e:15:61: 48:de:7e:f5:eb:55:55:f1:84:29:1c:63:c6:63:c4:ab:65:07: f1:a7:98:d1:93:58:31:7a:f1:42:a9:e9:60:98:98:6d:f6:db: 5e:fd:71:6c:f2:b7:42:7d:c8:92:6a:6e:90:9b:a1:68:7b:9b: 3f:8f:bf:39:19:e5:17:db:24:05:98:ef:e2:0b:c3:f9:a8:cb: 4d:1f:69:6a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUWCH0enzg5Y2D0O20r6lNC7RywlkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyODAwMDA0MFoX DTI2MDUyOTIzNTk1OVowejFJMEcGA1UEBRNANjMzZDYxZjA5YTQ3MTVhNWQxMTRh ZjljMzFmOTkxMWNjZTdmODYxNmI3NWI0ODIxYjU0ZjgzN2FlYjVlOTNjNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8kbFVJjmeEMSkbsdkaeC14oj7rt Qa3Pucj6yc/plvOdKdrFsrbCPMecF4bjlib3j7XMZOW86792cO+Z35xCrGmeb5o8 4lH5NNkGvvoE+MBxEZRmntd92fZsX+NKndZAx+YsrS5xjYVaA6M5SljHTGdAEzqv mOSdIOpsP8ZvCyloXxWCgSZC/UOOVmyrcapJdjatB5N+M9RanuFkIa2zMfoyrVIZ KHq3a0XB1TffkQonPKs8MkX+ci3aoijaA6CUWF0d8UND0LDsyKSsgu5/z++u9Wzn 5NPOXTbGB01Cl5zFxm/PHhWDOmBoCbyRySvy1nDDaK38sJKdek0o8Yn75wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFI3Dur8bj99zHsoL1hH+8lO6RaIyMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg3ZTIyNDQxLTE0MTgtNDIyOS04OGVlLWMyODNiMDI5Y2I5NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba75AwDQYJKoZIhvcNAQELBQADggEBALsAfJboVqlJtKZw4Cxe GqBIDLtIxnrpCqxYWTPlX9vaxozLLsIn82zJAZigPxv2b+QcN0rO5DJV94XzdWXR 1Y/H2TB7wBLZOr47Tz2LiZr/apeA/fQ4C3AagH+hanvvT6JeJT8jsJYoQ0eC15Z+ ileEJNmriH6Ljw+ULDROfdT0+SujWqNn2rIOzZ7w3bop6JnpgrGCnkvy+K5t/NEU VSCpxbHGPpSUbalytISPmZhgll4VYUjefvXrVVXxhCkcY8ZjxKtlB/GnmNGTWDF6 8UKp6WCYmG322179cWzyt0J9yJJqbpCboWh7mz+PvzkZ5RfbJAWY7+ILw/moy00f aWo= -----END CERTIFICATE-----Generated at Mon Mar 2 03:41:21 2026 by rpki-client