$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9bc90260-d4dc-4b54-951c-aa9167f8f99b.roa File: 9bc90260-d4dc-4b54-951c-aa9167f8f99b.roa (raw, json) Hash identifier: sFDjDcpYo0t3Q+dMCEvd5D/WnffPIMBzMDdROzCgYvY= Subject key identifier: 55:7E:F2:28:86:0B:75:44:D9:EB:6D:2F:AA:86:F4:68:CB:F4:0F:96 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 17F03780D418376E2C1BF9B6432A2F5ECC8887E3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9bc90260-d4dc-4b54-951c-aa9167f8f99b.roa Signing time: Sat 28 Feb 2026 00:01:01 +0000 ROA not before: Sat 28 Feb 2026 00:01:01 +0000 ROA not after: Fri 29 May 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:f0:37:80:d4:18:37:6e:2c:1b:f9:b6:43:2a:2f:5e:cc:88:87:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 28 00:01:01 2026 GMT Not After : May 29 23:59:59 2026 GMT Subject: serialNumber=d35745701297242361f2b7b719e83204e59e64963700accc39cac533bf2cc8d0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:6d:13:ca:fc:33:2c:2a:f6:e3:e6:1a:96:4f: 8f:11:00:6b:f0:a5:78:56:bb:cf:01:0b:08:4d:cb: 32:b6:81:fe:aa:0f:dc:ea:5c:aa:ba:1c:95:38:26: ea:f8:97:e9:96:8e:12:41:7c:83:1f:18:17:bf:1b: 2d:8d:8e:33:e1:1c:0d:1b:1d:62:44:a9:f3:c7:12: ca:77:ff:e5:4d:4b:64:36:48:ca:0f:84:82:85:54: 2f:a3:96:e4:4f:58:93:ca:c3:84:4c:8e:49:12:71: a4:b7:f2:82:57:98:22:c5:53:a7:83:93:71:a9:85: 77:df:60:62:6d:3d:88:40:01:3a:77:84:27:75:80: ce:a3:b8:27:6f:b7:9c:e0:ef:fa:d9:d7:85:98:0c: fb:3d:67:4e:d0:6f:2c:4b:79:b9:05:5a:23:70:1a: 6b:88:9e:97:17:be:ba:d4:4f:37:a3:27:04:78:9c: c4:58:33:51:68:54:a3:3f:f9:d2:b0:ab:e0:c2:ef: 77:ad:24:74:55:9a:2b:1e:a4:08:db:5e:e7:14:eb: 7f:8b:47:1a:f6:cb:cc:88:df:1d:f2:40:8f:f0:2e: 92:2e:90:82:b8:6c:32:f2:e0:ea:03:de:fa:40:dc: da:91:86:cf:32:3d:0e:bc:ed:94:4c:5b:e1:35:9c: 72:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:7E:F2:28:86:0B:75:44:D9:EB:6D:2F:AA:86:F4:68:CB:F4:0F:96 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9bc90260-d4dc-4b54-951c-aa9167f8f99b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:c000::/40 Signature Algorithm: sha256WithRSAEncryption 2c:63:cf:58:9c:b5:b9:0b:09:89:af:52:ee:75:0f:c2:a0:74: fe:3e:79:af:b8:3f:aa:ec:99:52:53:7f:a6:2c:ee:4a:80:50: 3a:93:fa:1e:3c:1f:9b:bc:51:11:f3:23:d1:45:9a:5b:4f:65: ed:18:d0:8d:b2:07:21:a8:e7:ce:93:fc:f7:85:21:cc:28:bc: 0f:95:c1:b8:5f:db:ae:aa:f0:06:56:66:df:c8:cd:e9:b1:60: 47:0d:ca:e6:3e:30:a1:0d:0d:88:31:99:de:1d:00:b4:11:91: b4:d7:45:ac:66:26:a9:e9:67:69:ef:a3:e3:3c:e4:58:1e:c5: 82:03:9c:ec:e2:83:2f:02:34:ea:e2:7e:e9:79:08:58:43:b7: 47:57:da:44:ab:1e:f9:2a:63:ca:ad:9a:9a:17:3d:bc:ee:74: 0d:f0:29:2f:f4:4a:e6:5c:55:b2:0e:6b:43:e6:37:2a:88:fa: 9d:5c:28:84:f8:a3:b5:d1:74:b3:af:1b:80:58:b8:95:31:4f: 18:ca:56:a9:b2:6b:a8:1a:4e:77:02:a5:54:f7:3d:13:f8:be: d2:d5:03:c7:80:a0:52:40:e0:87:7c:88:4f:30:8e:cb:72:5f: e7:8e:b2:75:22:f4:2b:f1:bc:20:ac:34:c8:f4:a2:ca:28:8a: 4b:f3:e0:c9 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUF/A3gNQYN24sG/m2QyovXsyIh+MwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyODAwMDEwMVoX DTI2MDUyOTIzNTk1OVowejFJMEcGA1UEBRNAZDM1NzQ1NzAxMjk3MjQyMzYxZjJi N2I3MTllODMyMDRlNTllNjQ5NjM3MDBhY2NjMzljYWM1MzNiZjJjYzhkMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxG0TyvwzLCr24+Yalk+PEQBr8KV4 VrvPAQsITcsytoH+qg/c6lyquhyVOCbq+Jfplo4SQXyDHxgXvxstjY4z4RwNGx1i RKnzxxLKd//lTUtkNkjKD4SChVQvo5bkT1iTysOETI5JEnGkt/KCV5gixVOng5Nx qYV332BibT2IQAE6d4QndYDOo7gnb7ec4O/62deFmAz7PWdO0G8sS3m5BVojcBpr iJ6XF7661E83oycEeJzEWDNRaFSjP/nSsKvgwu93rSR0VZorHqQI217nFOt/i0ca 9svMiN8d8kCP8C6SLpCCuGwy8uDqA976QNzakYbPMj0OvO2UTFvhNZxy4wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFV+8iiGC3VE2ettL6qG9GjL9A+WMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzliYzkwMjYwLWQ0ZGMtNGI1NC05NTFjLWFhOTE2N2Y4Zjk5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba78AwDQYJKoZIhvcNAQELBQADggEBACxjz1ictbkLCYmvUu51 D8KgdP4+ea+4P6rsmVJTf6Ys7kqAUDqT+h48H5u8URHzI9FFmltPZe0Y0I2yByGo 586T/PeFIcwovA+Vwbhf266q8AZWZt/IzemxYEcNyuY+MKENDYgxmd4dALQRkbTX RaxmJqnpZ2nvo+M85FgexYIDnOzigy8CNOriful5CFhDt0dX2kSrHvkqY8qtmpoX PbzudA3wKS/0SuZcVbIOa0PmNyqI+p1cKIT4o7XRdLOvG4BYuJUxTxjKVqmya6ga TncCpVT3PRP4vtLVA8eAoFJA4Id8iE8wjstyX+eOsnUi9CvxvCCsNMj0osooikvz 4Mk= -----END CERTIFICATE-----Generated at Mon Mar 2 05:16:28 2026 by rpki-client