$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bc7f9b2-dbc3-4b20-a592-a46685e789c7.roa File: 8bc7f9b2-dbc3-4b20-a592-a46685e789c7.roa (raw, json) Hash identifier: 6YIDkwOt4I5gq1GxAnJEMG6P6mwHQTVj+8P9Tg7JS9A= Subject key identifier: 92:08:49:D4:40:BF:16:FD:C4:14:74:DD:40:DD:15:AC:E9:37:46:02 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 506A3511DF8AFA519787E45474A6D0099330EF69 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bc7f9b2-dbc3-4b20-a592-a46685e789c7.roa Signing time: Sat 21 Feb 2026 00:01:08 +0000 ROA not before: Sat 21 Feb 2026 00:01:08 +0000 ROA not after: Fri 22 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:6a:35:11:df:8a:fa:51:97:87:e4:54:74:a6:d0:09:93:30:ef:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 21 00:01:08 2026 GMT Not After : May 22 23:59:59 2026 GMT Subject: serialNumber=a13175588dc57a1c7165ff5258813f871b9d78496f75269b14450777310468b0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:53:90:1b:a4:49:87:58:db:45:64:3f:60:27: f5:2d:a0:7f:c4:fa:d8:48:0b:73:fb:f7:a8:32:16: 08:48:24:0e:1e:a5:40:93:45:96:47:b0:77:c9:2c: f1:a6:e6:8a:e2:f3:09:ad:e3:9e:48:dc:40:3d:a8: 8f:f0:fd:fb:58:8a:ae:c0:a8:53:a7:ba:0d:e0:2c: f1:9b:d2:f9:ac:92:23:9a:6a:57:6d:b2:08:39:19: 3d:07:7b:3d:f5:d2:44:74:a3:f0:19:04:74:a7:51: 82:57:89:4f:b1:3d:10:ae:2e:a9:d9:87:f2:65:ab: 07:9f:08:39:60:d3:ea:5b:f4:9b:00:db:e9:9e:26: 09:e3:21:ac:0b:89:3f:e0:8e:de:04:a8:7b:e5:eb: 0b:2a:00:60:e2:b1:55:10:10:2a:0f:bd:ad:86:1e: 4c:69:25:8f:f9:cb:fe:c2:ec:d0:87:fa:da:4b:d0: 8a:50:53:55:d9:89:3f:be:28:73:a4:a8:9b:eb:c9: f5:a3:b7:30:6d:bc:e6:68:80:a8:4e:58:b1:4a:fa: fa:29:45:53:73:05:ee:d1:36:c0:76:81:7d:62:64: 5c:47:79:53:92:93:db:23:98:ed:df:8b:60:42:e4: 96:e7:60:5d:dc:ea:8f:bf:a1:88:6b:42:bc:42:75: b4:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:08:49:D4:40:BF:16:FD:C4:14:74:DD:40:DD:15:AC:E9:37:46:02 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8bc7f9b2-dbc3-4b20-a592-a46685e789c7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:c000::/40 Signature Algorithm: sha256WithRSAEncryption 53:53:8a:de:33:88:c8:26:a5:92:16:bc:12:08:db:fb:b7:74: fb:fe:cc:6f:5d:06:c3:6e:d8:83:10:e7:83:b9:68:11:2b:a8: 54:0d:9e:91:0a:37:d7:73:ee:f0:66:9f:5a:1a:64:5f:5c:42: a9:66:6a:c9:ee:dc:7c:60:24:d0:64:72:05:76:2e:13:92:cb: f9:e5:f7:ef:3d:50:1b:be:df:12:fe:f5:73:bd:fd:dc:2f:24: 51:5e:0d:ed:d8:bf:6c:15:e5:9e:f4:b9:a6:4a:ca:1b:46:b9: 2f:51:d0:d7:4e:f8:e9:d3:bb:02:79:bf:26:85:97:59:a1:42: 6c:98:db:6f:db:93:d1:db:37:64:fb:e8:57:13:47:85:74:b8: 94:e1:ee:2b:8f:43:c8:8a:56:4c:bb:47:8c:6f:c5:49:fd:5a: 33:9a:ce:f5:1c:9b:86:cd:19:13:b5:2e:75:4c:82:80:6d:e3: 69:ca:75:75:50:a1:e8:b0:85:2e:3a:29:b3:32:01:bd:fa:0c: 54:72:ad:33:0d:0d:c5:a3:ce:2c:38:de:93:17:d5:e6:d6:e9: 13:a2:9f:4c:50:be:7b:36:62:41:70:41:9a:47:ec:48:4c:62: 60:51:dd:c8:39:af:f3:91:a6:21:49:21:7f:90:ed:1c:51:0c: e6:3b:1e:36 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUUGo1Ed+K+lGXh+RUdKbQCZMw72kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMTAwMDEwOFoX DTI2MDUyMjIzNTk1OVowejFJMEcGA1UEBRNAYTEzMTc1NTg4ZGM1N2ExYzcxNjVm ZjUyNTg4MTNmODcxYjlkNzg0OTZmNzUyNjliMTQ0NTA3NzczMTA0NjhiMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9lOQG6RJh1jbRWQ/YCf1LaB/xPrY SAtz+/eoMhYISCQOHqVAk0WWR7B3ySzxpuaK4vMJreOeSNxAPaiP8P37WIquwKhT p7oN4Czxm9L5rJIjmmpXbbIIORk9B3s99dJEdKPwGQR0p1GCV4lPsT0Qri6p2Yfy ZasHnwg5YNPqW/SbANvpniYJ4yGsC4k/4I7eBKh75esLKgBg4rFVEBAqD72thh5M aSWP+cv+wuzQh/raS9CKUFNV2Yk/vihzpKib68n1o7cwbbzmaICoTlixSvr6KUVT cwXu0TbAdoF9YmRcR3lTkpPbI5jt34tgQuSW52Bd3OqPv6GIa0K8QnW0OQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJIISdRAvxb9xBR03UDdFazpN0YCMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhiYzdmOWIyLWRiYzMtNGIyMC1hNTkyLWE0NjY4NWU3ODljNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+8AwDQYJKoZIhvcNAQELBQADggEBAFNTit4ziMgmpZIWvBII 2/u3dPv+zG9dBsNu2IMQ54O5aBErqFQNnpEKN9dz7vBmn1oaZF9cQqlmasnu3Hxg JNBkcgV2LhOSy/nl9+89UBu+3xL+9XO9/dwvJFFeDe3Yv2wV5Z70uaZKyhtGuS9R 0NdO+OnTuwJ5vyaFl1mhQmyY22/bk9HbN2T76FcTR4V0uJTh7iuPQ8iKVky7R4xv xUn9WjOazvUcm4bNGRO1LnVMgoBt42nKdXVQoeiwhS46KbMyAb36DFRyrTMNDcWj ziw43pMX1ebW6ROin0xQvns2YkFwQZpH7EhMYmBR3cg5r/ORpiFJIX+Q7RxRDOY7 HjY= -----END CERTIFICATE-----Generated at Sun Mar 1 22:03:50 2026 by rpki-client