$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/90d3a0e7-4708-4742-80f0-23bb48bd8f35.roa File: 90d3a0e7-4708-4742-80f0-23bb48bd8f35.roa (raw, json) Hash identifier: yQPkhKnBZVFZ6ud5fRm4p12llTb6MnlQaLhLQepg4V4= Subject key identifier: E1:54:79:ED:1B:EB:57:AC:AE:EC:FC:D8:52:41:D4:B4:CE:C6:25:3C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4993A615911B8E297891F0BF1F7D5FE2E32A7CB3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/90d3a0e7-4708-4742-80f0-23bb48bd8f35.roa Signing time: Tue 24 Feb 2026 00:00:11 +0000 ROA not before: Tue 24 Feb 2026 00:00:11 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:93:a6:15:91:1b:8e:29:78:91:f0:bf:1f:7d:5f:e2:e3:2a:7c:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 24 00:00:11 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=25fc6971df62ddc2197adc9cb1ccc0c2cc28391843eebe39e0e4ce241c00751b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:03:58:05:33:bb:9d:f8:d1:8c:e2:1a:0d:c8: fb:17:38:29:b9:6e:e9:45:23:3d:72:1f:fd:87:4c: ef:c2:cb:5e:65:21:b8:16:84:66:76:41:d9:d5:56: 6a:05:cb:24:a5:3a:70:03:9c:b5:e6:9a:3f:b3:83: 75:1b:68:32:9c:9d:fd:57:33:50:6a:12:6b:ef:6c: db:54:3d:2f:8e:0d:ef:3d:be:ed:65:f7:c1:76:5b: f5:b6:c5:8c:60:0c:7d:d4:0d:07:a3:35:77:a5:a9: 55:a3:4f:c8:b8:84:44:bf:2e:ef:63:3d:69:3a:e3: 78:8d:c2:f0:e5:59:43:76:39:07:b4:a3:3c:3f:91: 2e:19:56:18:52:9e:02:f5:29:2c:67:ed:cc:41:c7: 1a:2c:ee:1b:23:8c:7f:68:41:84:7d:95:e3:4b:90: 27:e3:c7:14:b9:64:57:04:88:7c:45:61:85:f4:fe: b3:fa:fd:9a:80:07:ed:16:a9:90:02:32:b4:fa:8a: 10:46:c9:a4:aa:ca:54:c1:c8:87:ab:66:26:19:64: 57:77:c4:34:80:fc:9b:2f:6b:c6:47:d8:75:52:de: 6d:09:ff:33:cb:90:bd:6f:71:01:b1:e6:99:f2:a3: ae:1d:0a:8a:94:8f:aa:6b:b5:41:b1:4f:93:a5:50: 71:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:54:79:ED:1B:EB:57:AC:AE:EC:FC:D8:52:41:D4:B4:CE:C6:25:3C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/90d3a0e7-4708-4742-80f0-23bb48bd8f35.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:7000::/40 Signature Algorithm: sha256WithRSAEncryption 44:69:34:8e:fb:f3:1b:85:b9:22:7e:eb:12:31:19:68:08:45: 95:35:d9:d9:cf:e8:26:4c:2d:f5:73:28:ac:3a:25:32:c5:5d: b9:c7:ab:fc:e4:03:2f:9e:ae:07:a6:27:ae:c2:bd:17:2a:18: 04:71:7d:d9:16:21:40:b0:15:7b:3c:88:d7:44:b0:9a:e7:2e: 18:99:ab:ef:e0:0b:fe:0c:e3:a1:39:d9:f9:34:51:a0:c2:eb: a0:a1:11:ef:53:3d:55:4a:83:8a:25:0a:bf:26:9f:62:94:1d: 6c:8b:c7:3a:d5:32:8c:dd:bf:57:e8:0b:fb:88:a9:55:8b:d5: e5:b7:ba:bc:31:99:e7:6f:77:68:54:3e:a0:17:5f:40:eb:9d: 9a:0d:85:84:5d:1f:fe:92:b4:9b:77:aa:1b:76:d7:32:0b:f9: ae:b9:07:9a:db:38:16:3a:37:05:c0:ad:4c:38:2a:26:a9:54: 0f:c8:d1:e2:22:14:05:b3:50:29:3c:a1:df:2e:e9:43:e4:8a: f0:6b:3f:c4:0c:2f:3c:87:a2:13:fe:bc:00:6f:34:a1:03:15: 9e:c6:f1:7b:a4:53:7a:a7:06:57:4f:c6:2e:44:e1:aa:77:27: 58:d7:5d:5d:6c:b0:bd:27:ca:75:45:d8:03:cc:f8:6e:c7:c4: f5:e0:fe:76 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSZOmFZEbjil4kfC/H31f4uMqfLMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyNDAwMDAxMVoX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAMjVmYzY5NzFkZjYyZGRjMjE5N2Fk YzljYjFjY2MwYzJjYzI4MzkxODQzZWViZTM5ZTBlNGNlMjQxYzAwNzUxYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ANYBTO7nfjRjOIaDcj7FzgpuW7p RSM9ch/9h0zvwsteZSG4FoRmdkHZ1VZqBcskpTpwA5y15po/s4N1G2gynJ39VzNQ ahJr72zbVD0vjg3vPb7tZffBdlv1tsWMYAx91A0HozV3palVo0/IuIREvy7vYz1p OuN4jcLw5VlDdjkHtKM8P5EuGVYYUp4C9SksZ+3MQccaLO4bI4x/aEGEfZXjS5An 48cUuWRXBIh8RWGF9P6z+v2agAftFqmQAjK0+ooQRsmkqspUwciHq2YmGWRXd8Q0 gPybL2vGR9h1Ut5tCf8zy5C9b3EBseaZ8qOuHQqKlI+qa7VBsU+TpVBxJwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOFUee0b61esruz82FJB1LTOxiU8MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzkwZDNhMGU3LTQ3MDgtNDc0Mi04MGYwLTIzYmI0OGJkOGYzNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/nAwDQYJKoZIhvcNAQELBQADggEBAERpNI778xuFuSJ+6xIx GWgIRZU12dnP6CZMLfVzKKw6JTLFXbnHq/zkAy+ergemJ67CvRcqGARxfdkWIUCw FXs8iNdEsJrnLhiZq+/gC/4M46E52fk0UaDC66ChEe9TPVVKg4olCr8mn2KUHWyL xzrVMozdv1foC/uIqVWL1eW3urwxmedvd2hUPqAXX0DrnZoNhYRdH/6StJt3qht2 1zIL+a65B5rbOBY6NwXArUw4KiapVA/I0eIiFAWzUCk8od8u6UPkivBrP8QMLzyH ohP+vABvNKEDFZ7G8XukU3qnBldPxi5E4ap3J1jXXV1ssL0nynVF2APM+G7HxPXg /nY= -----END CERTIFICATE-----Generated at Sun Mar 1 23:52:55 2026 by rpki-client