$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/909bb5d0-1a4f-4343-bc4a-c23a6a885c1e.roa File: 909bb5d0-1a4f-4343-bc4a-c23a6a885c1e.roa (raw, json) Hash identifier: aA08dGGA7OS8BZUK6BMCG6ASo9ib4FNyeYD/c8ziw6g= Subject key identifier: BC:BB:77:DF:44:39:B2:C4:DE:1D:07:AF:EA:1E:44:1E:F9:B8:28:0F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5ED0B0DF63CDEF5AF78995BF7FE2319BB7A11F6A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/909bb5d0-1a4f-4343-bc4a-c23a6a885c1e.roa Signing time: Fri 20 Feb 2026 00:21:22 +0000 ROA not before: Fri 20 Feb 2026 00:21:22 +0000 ROA not after: Thu 21 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:90c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:d0:b0:df:63:cd:ef:5a:f7:89:95:bf:7f:e2:31:9b:b7:a1:1f:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 20 00:21:22 2026 GMT Not After : May 21 23:59:59 2026 GMT Subject: serialNumber=809533681828c2f0eb9e8026f7882cc4a6ed9d25505845377fccb0cd757b89fa, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:4f:2b:63:b5:67:c1:64:1a:78:c9:d0:71:34: 06:30:22:ab:dc:81:19:5a:e6:39:fa:85:90:d4:25: ca:13:70:16:3e:38:4a:4b:d7:8b:02:d7:54:10:37: c4:3d:e5:b2:9e:1c:71:6e:d0:cc:8d:d2:69:f7:d2: 03:5f:b3:08:5d:f3:f9:69:c3:fc:fd:5c:58:a9:c0: d4:3e:7f:66:0b:34:5b:26:9c:96:fe:60:dd:20:83: 54:15:7d:35:33:64:b6:93:13:57:be:47:6c:f4:5c: 9e:18:fa:77:81:c8:80:02:cd:2b:24:7b:fb:9d:d8: 5f:94:36:b0:b7:db:71:36:75:e7:3f:02:d1:19:29: 5e:ae:c4:e7:ff:11:a1:b3:9e:ab:88:af:e7:cc:a9: 5b:53:3a:fd:75:e7:bb:d1:b0:1a:11:93:1a:b4:6d: fb:90:bc:84:60:64:9f:a6:19:a6:f0:67:fb:84:d3: c0:c9:5e:68:bb:00:31:61:c2:72:1e:6c:a5:15:64: 44:61:bd:3f:63:59:7b:d3:20:22:91:43:ac:d6:86: 9e:b6:2d:75:98:9c:ab:19:a9:76:50:6e:37:40:2a: 99:f3:ad:e5:35:07:97:be:c0:4e:5d:ae:5d:8b:d3: ad:6d:20:64:24:84:53:50:e6:62:2c:10:e5:eb:39: 4b:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:BB:77:DF:44:39:B2:C4:DE:1D:07:AF:EA:1E:44:1E:F9:B8:28:0F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/909bb5d0-1a4f-4343-bc4a-c23a6a885c1e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:90c0::/48 Signature Algorithm: sha256WithRSAEncryption 04:a1:e0:a8:71:37:e7:9a:5f:c7:7a:82:ab:5e:ca:9c:9b:ae: ad:39:aa:7f:b4:55:5a:d2:b6:cb:ba:1e:eb:80:60:d0:11:61: 55:60:1f:53:22:bc:38:4e:1d:c1:51:b2:7e:98:03:c3:78:bc: bb:20:24:99:b4:44:59:32:f6:a3:27:cd:41:2c:2a:62:94:ab: ae:89:ec:22:63:40:c0:23:ad:3d:ec:f2:bb:7f:d6:0a:8f:e3: 00:57:8b:0b:7b:82:51:0b:17:3f:70:bb:21:e5:1d:b9:0a:00: b6:75:d7:c6:2c:95:d2:59:2a:8d:e5:e6:a2:9c:c1:cb:73:7c: 09:0b:e3:6b:2d:66:9f:fc:f6:de:05:87:b8:65:74:1c:ec:04: 8f:81:b6:a3:d4:8d:c1:74:67:11:87:29:b8:ff:f1:f6:64:97: af:d2:39:d2:bd:c2:fa:17:50:6b:78:1b:91:c7:e6:b0:7e:18: 86:ff:ff:35:bd:94:f8:2b:86:c2:33:bc:7c:d2:ef:2f:01:82: d5:df:bf:29:04:9a:8b:8a:50:3a:05:74:3a:51:b8:57:60:8d: db:9f:59:32:7b:e6:47:77:b4:da:07:45:42:d3:2c:1f:ca:4c: 63:be:a9:ea:55:30:90:b9:6a:38:6b:c3:82:db:bc:f0:e4:5b: 5e:cf:af:00 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUXtCw32PN71r3iZW/f+Ixm7ehH2owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMDAwMjEyMloX DTI2MDUyMTIzNTk1OVowejFJMEcGA1UEBRNAODA5NTMzNjgxODI4YzJmMGViOWU4 MDI2Zjc4ODJjYzRhNmVkOWQyNTUwNTg0NTM3N2ZjY2IwY2Q3NTdiODlmYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz08rY7VnwWQaeMnQcTQGMCKr3IEZ WuY5+oWQ1CXKE3AWPjhKS9eLAtdUEDfEPeWynhxxbtDMjdJp99IDX7MIXfP5acP8 /VxYqcDUPn9mCzRbJpyW/mDdIINUFX01M2S2kxNXvkds9FyeGPp3gciAAs0rJHv7 ndhflDawt9txNnXnPwLRGSlersTn/xGhs56riK/nzKlbUzr9dee70bAaEZMatG37 kLyEYGSfphmm8Gf7hNPAyV5ouwAxYcJyHmylFWREYb0/Y1l70yAikUOs1oaeti11 mJyrGal2UG43QCqZ863lNQeXvsBOXa5di9OtbSBkJIRTUOZiLBDl6zlLbQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLy7d99EObLE3h0Hr+oeRB75uCgPMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkwOWJiNWQwLTFhNGYtNDM0My1iYzRhLWMyM2E2YTg4NWMxZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8pDAMA0GCSqGSIb3DQEBCwUAA4IBAQAEoeCocTfnml/HeoKr Xsqcm66tOap/tFVa0rbLuh7rgGDQEWFVYB9TIrw4Th3BUbJ+mAPDeLy7ICSZtERZ MvajJ81BLCpilKuuiewiY0DAI6097PK7f9YKj+MAV4sLe4JRCxc/cLsh5R25CgC2 ddfGLJXSWSqN5eainMHLc3wJC+NrLWaf/PbeBYe4ZXQc7ASPgbaj1I3BdGcRhym4 //H2ZJev0jnSvcL6F1BreBuRx+awfhiG//81vZT4K4bCM7x80u8vAYLV378pBJqL ilA6BXQ6UbhXYI3bn1kye+ZHd7TaB0VC0ywfykxjvqnqVTCQuWo4a8OC27zw5Fte z68A -----END CERTIFICATE-----Generated at Sun Mar 1 22:10:33 2026 by rpki-client