$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/964875b1-60c6-4631-a709-ba5faa0c06e7.roa File: 964875b1-60c6-4631-a709-ba5faa0c06e7.roa (raw, json) Hash identifier: PpcjdsFnV5SxGCMox6C8pSf1KwbjmN9dVkGGNDBLnbQ= Subject key identifier: EE:21:0D:0C:E1:74:09:79:8B:BB:61:BC:6E:36:76:47:98:F8:9F:94 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 565E3EF9259EE91EAFD42468C522BF9ACF4FADD8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/964875b1-60c6-4631-a709-ba5faa0c06e7.roa Signing time: Sat 21 Feb 2026 00:00:49 +0000 ROA not before: Sat 21 Feb 2026 00:00:49 +0000 ROA not after: Fri 22 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:5e:3e:f9:25:9e:e9:1e:af:d4:24:68:c5:22:bf:9a:cf:4f:ad:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 21 00:00:49 2026 GMT Not After : May 22 23:59:59 2026 GMT Subject: serialNumber=e86a3bcbdaaed0147751f67b74ae0c0f34a321307d4f6074aebd26a22c41874e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:31:9c:84:48:ad:f8:ff:bc:7d:14:79:66:37: 20:ab:48:bf:9a:a3:46:ea:eb:c2:85:06:30:21:a7: b3:3e:66:94:7e:9b:97:e3:99:7d:7b:61:71:8c:14: 8f:d8:52:17:d2:3c:71:d2:d2:ea:36:d9:03:14:ba: 89:40:f3:bb:98:bd:ef:bd:2d:2f:6c:b6:da:88:7d: 60:69:4f:f3:45:50:1a:f5:de:11:3e:90:a1:b1:1f: 51:b1:2e:44:5b:4a:53:8b:da:27:d9:38:0f:79:1b: 5d:43:b4:96:ee:ad:f1:15:70:11:dc:a9:2c:fd:74: be:3e:6e:b7:11:54:42:02:7a:95:32:e1:98:2f:86: 04:2b:af:e2:89:1c:97:fc:27:ee:8a:b4:95:8d:f5: 71:26:62:ba:36:30:7b:f0:ec:5c:a0:f6:e3:b3:4d: fb:5b:10:60:b7:ec:6b:89:94:4f:6c:4f:c1:13:e2: b9:4f:e3:c4:83:d5:6d:60:b5:11:79:82:8d:7e:62: 74:89:ef:9e:2b:e0:ce:1d:8b:09:46:9c:e1:21:80: 7e:13:27:09:77:fc:39:45:a0:74:63:a4:4c:80:55: 5f:11:d9:8f:5d:5a:2d:50:4f:e6:f8:df:76:f4:7f: e0:3e:99:f9:64:fc:41:95:47:77:86:f3:2b:66:2c: 52:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:21:0D:0C:E1:74:09:79:8B:BB:61:BC:6E:36:76:47:98:F8:9F:94 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/964875b1-60c6-4631-a709-ba5faa0c06e7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:2000::/40 Signature Algorithm: sha256WithRSAEncryption aa:6f:81:9c:0f:6b:03:b0:dc:bf:e4:81:34:3d:07:de:b6:27: c6:6c:19:ac:7c:45:c3:75:1f:a4:4a:5c:58:2e:4a:6d:e2:4e: 7f:c4:a7:e4:26:65:d0:c7:bb:66:5e:a5:81:5c:32:1a:b9:e7: 93:7e:72:15:1e:31:d0:6c:ba:a8:9c:55:90:11:ed:8d:64:6c: 14:1f:e6:6a:7d:0f:86:76:53:78:4a:18:eb:49:8c:8a:d4:47: 01:c7:11:19:1c:8e:2e:53:29:3a:ca:84:c4:2c:81:5e:49:38: 1a:cf:e2:19:da:4d:64:ec:82:0b:fe:f1:9c:01:ba:39:8c:dc: 85:1a:41:1d:f5:56:7e:7d:ab:08:68:a7:c5:d5:5b:ce:f8:b4: 99:d5:d2:42:54:c7:70:94:41:3d:2f:00:8d:9c:46:75:02:b7: 97:bf:ff:96:dc:23:d9:ac:59:79:a3:ea:ed:b4:21:4b:bb:28: 89:34:90:fb:ce:5f:bd:81:96:4f:a1:df:cb:da:3a:60:02:fd: b7:6a:1e:b8:8e:30:75:17:05:5b:bf:63:45:b2:ca:d7:e0:77: 23:76:52:be:bd:2d:a3:b0:8c:8c:c1:f4:5f:89:03:ec:fc:1e: 83:a8:d2:96:5f:18:e5:c4:a6:1c:17:e4:e8:06:83:28:1f:b7: 18:4d:b1:56 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVl4++SWe6R6v1CRoxSK/ms9PrdgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMTAwMDA0OVoX DTI2MDUyMjIzNTk1OVowejFJMEcGA1UEBRNAZTg2YTNiY2JkYWFlZDAxNDc3NTFm NjdiNzRhZTBjMGYzNGEzMjEzMDdkNGY2MDc0YWViZDI2YTIyYzQxODc0ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDGchEit+P+8fRR5Zjcgq0i/mqNG 6uvChQYwIaezPmaUfpuX45l9e2FxjBSP2FIX0jxx0tLqNtkDFLqJQPO7mL3vvS0v bLbaiH1gaU/zRVAa9d4RPpChsR9RsS5EW0pTi9on2TgPeRtdQ7SW7q3xFXAR3Kks /XS+Pm63EVRCAnqVMuGYL4YEK6/iiRyX/CfuirSVjfVxJmK6NjB78OxcoPbjs037 WxBgt+xriZRPbE/BE+K5T+PEg9VtYLUReYKNfmJ0ie+eK+DOHYsJRpzhIYB+EycJ d/w5RaB0Y6RMgFVfEdmPXVotUE/m+N929H/gPpn5ZPxBlUd3hvMrZixShwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFO4hDQzhdAl5i7thvG42dkeY+J+UMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzk2NDg3NWIxLTYwYzYtNDYzMS1hNzA5LWJhNWZhYTBjMDZlNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+yAwDQYJKoZIhvcNAQELBQADggEBAKpvgZwPawOw3L/kgTQ9 B962J8ZsGax8RcN1H6RKXFguSm3iTn/Ep+QmZdDHu2ZepYFcMhq555N+chUeMdBs uqicVZAR7Y1kbBQf5mp9D4Z2U3hKGOtJjIrURwHHERkcji5TKTrKhMQsgV5JOBrP 4hnaTWTsggv+8ZwBujmM3IUaQR31Vn59qwhop8XVW874tJnV0kJUx3CUQT0vAI2c RnUCt5e//5bcI9msWXmj6u20IUu7KIk0kPvOX72Blk+h38vaOmAC/bdqHriOMHUX BVu/Y0WyytfgdyN2Ur69LaOwjIzB9F+JA+z8HoOo0pZfGOXEphwX5OgGgygftxhN sVY= -----END CERTIFICATE-----Generated at Sun Mar 1 22:12:31 2026 by rpki-client