$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9add10b6-9103-4c19-a99b-242367ce96bd.roa File: 9add10b6-9103-4c19-a99b-242367ce96bd.roa (raw, json) Hash identifier: y/URvMSxHitPU1Cc770B18+lDw+IM8jAdK8aUQCwcNE= Subject key identifier: D2:72:8E:AD:7C:66:4D:AD:99:DD:74:CF:D8:06:B3:B9:81:EC:8F:12 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6397FBA0CA9264779FFBFAF027499E5195462814 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9add10b6-9103-4c19-a99b-242367ce96bd.roa Signing time: Fri 20 Feb 2026 00:10:56 +0000 ROA not before: Fri 20 Feb 2026 00:10:56 +0000 ROA not after: Thu 21 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:4840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:97:fb:a0:ca:92:64:77:9f:fb:fa:f0:27:49:9e:51:95:46:28:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 20 00:10:56 2026 GMT Not After : May 21 23:59:59 2026 GMT Subject: serialNumber=e5876e2f3196646d5332bfad59e84571766ef54bb1c30e1bdbcb4a3d75b9aa6e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:21:67:2b:2e:7c:11:a7:cd:8e:30:83:1b:e8: 7f:03:e3:54:6b:ba:07:20:53:ca:76:d9:4f:5e:65: 54:f0:86:ee:7f:6d:59:6f:5c:e2:6f:ca:be:c7:c7: 55:0e:c4:61:09:6c:8d:ee:cd:26:fb:03:38:e8:f9: f1:96:62:00:bd:95:6d:f5:53:43:56:50:2c:ff:c7: 5a:40:54:49:66:9b:77:08:41:95:25:cd:6b:01:1e: 80:50:d1:08:bb:0b:52:d8:b2:c1:85:06:20:08:a7: 11:d7:5f:4c:e2:04:20:f3:dd:f2:1b:ca:0f:39:08: 8b:61:eb:38:fe:86:48:36:67:8f:cf:ee:6c:e9:f2: 8f:79:42:55:d2:c0:0b:27:a2:36:a5:53:1c:99:0f: 71:04:01:85:93:51:ee:5a:f2:c6:ce:a7:d5:8d:bc: 2e:86:6f:bd:3c:8e:cf:bc:fc:ba:bb:c7:e0:28:44: 8d:4f:9f:a7:27:d1:fe:6a:0c:91:78:40:84:66:c9: 29:5b:9f:7f:6c:bd:a3:e2:cd:5d:89:c0:7b:75:9e: ea:22:90:a9:da:d3:fd:f0:37:8b:32:d1:43:e7:e8: 7b:ef:a2:c4:25:6f:2c:27:d2:f4:dc:7b:98:b0:1d: eb:61:f3:4b:3a:7a:14:18:e8:da:f4:69:81:cc:d6: d9:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:72:8E:AD:7C:66:4D:AD:99:DD:74:CF:D8:06:B3:B9:81:EC:8F:12 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9add10b6-9103-4c19-a99b-242367ce96bd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:4840::/48 Signature Algorithm: sha256WithRSAEncryption 26:2c:82:52:88:83:8a:16:ba:3b:26:62:d2:7e:40:2e:98:6f: 48:c1:31:19:b4:4b:19:39:a9:0c:01:44:07:6d:62:22:26:c6: cd:a0:df:02:bc:4f:9a:7d:9f:8f:67:bd:ab:58:4f:e5:d1:5a: 83:5d:61:3f:b6:af:e8:32:98:df:5c:92:8a:93:c4:ba:29:f4: 2b:d7:e0:02:ef:34:c2:52:7b:b5:b1:70:2a:19:86:36:7b:b2: 65:93:9c:71:1c:10:e3:c1:54:a2:b4:79:88:22:c1:98:23:39: 33:e9:70:26:61:60:8c:8f:31:98:e6:9c:d3:fc:00:eb:a5:78: 04:20:bb:e3:08:c2:45:05:72:c2:ae:d5:46:39:c7:f5:ff:ee: a9:88:dd:f6:f8:4a:a3:62:65:56:87:61:1e:ce:43:f5:85:4c: 4f:73:41:c4:33:62:16:d3:79:d1:c9:ab:99:ae:d0:bd:8a:77: d3:f0:77:b1:d6:89:e1:62:58:cb:79:ad:c5:2f:a0:55:20:19: 3d:91:ae:98:11:16:6c:92:26:c0:64:8e:0e:e2:24:f9:d4:8b: 47:7f:a7:ab:f1:dd:31:98:52:60:c0:e1:88:6b:d9:da:28:89: 1e:ff:d9:16:5a:62:cb:6f:8a:3c:2d:41:c9:9a:a3:32:ad:c5: 78:31:05:da -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUY5f7oMqSZHef+/rwJ0meUZVGKBQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMDAwMTA1NloX DTI2MDUyMTIzNTk1OVowejFJMEcGA1UEBRNAZTU4NzZlMmYzMTk2NjQ2ZDUzMzJi ZmFkNTllODQ1NzE3NjZlZjU0YmIxYzMwZTFiZGJjYjRhM2Q3NWI5YWE2ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCFnKy58EafNjjCDG+h/A+NUa7oH IFPKdtlPXmVU8Ibuf21Zb1zib8q+x8dVDsRhCWyN7s0m+wM46PnxlmIAvZVt9VND VlAs/8daQFRJZpt3CEGVJc1rAR6AUNEIuwtS2LLBhQYgCKcR119M4gQg893yG8oP OQiLYes4/oZINmePz+5s6fKPeUJV0sALJ6I2pVMcmQ9xBAGFk1HuWvLGzqfVjbwu hm+9PI7PvPy6u8fgKESNT5+nJ9H+agyReECEZskpW59/bL2j4s1dicB7dZ7qIpCp 2tP98DeLMtFD5+h776LEJW8sJ9L03HuYsB3rYfNLOnoUGOja9GmBzNbZ1QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNJyjq18Zk2tmd10z9gGs7mB7I8SMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlhZGQxMGI2LTkxMDMtNGMxOS1hOTliLTI0MjM2N2NlOTZiZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/0hAMA0GCSqGSIb3DQEBCwUAA4IBAQAmLIJSiIOKFro7JmLS fkAumG9IwTEZtEsZOakMAUQHbWIiJsbNoN8CvE+afZ+PZ72rWE/l0VqDXWE/tq/o MpjfXJKKk8S6KfQr1+AC7zTCUnu1sXAqGYY2e7Jlk5xxHBDjwVSitHmIIsGYIzkz 6XAmYWCMjzGY5pzT/ADrpXgEILvjCMJFBXLCrtVGOcf1/+6piN32+EqjYmVWh2Ee zkP1hUxPc0HEM2IW03nRyauZrtC9infT8Hex1onhYljLea3FL6BVIBk9ka6YERZs kibAZI4O4iT51ItHf6er8d0xmFJgwOGIa9naKIke/9kWWmLLb4o8LUHJmqMyrcV4 MQXa -----END CERTIFICATE-----Generated at Sun Mar 1 21:58:32 2026 by rpki-client