$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d18bad7-c208-4d5e-bb74-4babc2efa60b.roa File: 9d18bad7-c208-4d5e-bb74-4babc2efa60b.roa (raw, json) Hash identifier: 3/CP6bwawZj4rO9Say9nCONNcBDfIHUpACyXnxm3I/0= Subject key identifier: E2:78:0B:54:A0:C4:D1:71:B5:D1:53:DB:95:00:C5:C9:1E:44:4F:1C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5D2D265BC0AB2542B3F0C9FEFF1A58DC866CF63E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d18bad7-c208-4d5e-bb74-4babc2efa60b.roa Signing time: Sat 21 Feb 2026 00:00:51 +0000 ROA not before: Sat 21 Feb 2026 00:00:51 +0000 ROA not after: Fri 22 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:2d:26:5b:c0:ab:25:42:b3:f0:c9:fe:ff:1a:58:dc:86:6c:f6:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 21 00:00:51 2026 GMT Not After : May 22 23:59:59 2026 GMT Subject: serialNumber=880402f82b844c98ce86fbdcfb4368eb4ea2daf352ce47402f8807d6e12a378e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:d3:1b:f7:4f:06:a3:d1:ca:fe:ab:38:13:45: c2:a4:40:5b:a9:9b:91:ef:94:b4:44:01:21:16:9a: 9d:69:ce:ea:e2:52:3d:b6:f3:d7:45:d6:6f:67:ab: 88:e1:78:be:17:fa:66:f4:cf:1e:6f:b6:c5:ad:44: c1:94:13:7e:e2:3b:3f:86:52:78:2b:9f:e9:be:ca: 62:9e:cf:ba:4a:3d:3e:21:70:81:78:6e:a1:9f:8c: 83:5b:f4:62:f0:59:78:88:de:53:c9:f0:bd:08:a3: f5:1f:18:fd:90:fe:09:ea:c4:58:37:8c:ca:11:6e: cb:3b:c0:b8:94:0f:8f:a2:c0:95:a5:87:da:44:98: 01:69:09:33:ce:86:56:69:ab:32:11:4f:dd:bb:a7: 07:23:d3:be:f1:7e:5d:5d:75:b4:8f:2e:14:39:20: 9a:bf:8b:72:a4:8b:68:11:8e:f7:5f:24:19:ca:5b: 79:a2:70:60:be:b6:2a:57:9b:89:78:17:e1:68:e5: ee:d8:2c:46:f7:ba:89:37:93:b0:ca:de:a2:fc:a9: 97:24:aa:ce:df:69:00:e2:3c:45:00:03:78:2e:09: 12:85:36:f8:fd:fd:ca:31:1c:fa:31:f6:90:39:7b: 1b:58:8b:46:bb:bd:e6:8d:bd:45:5e:83:b6:15:50: 24:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:78:0B:54:A0:C4:D1:71:B5:D1:53:DB:95:00:C5:C9:1E:44:4F:1C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d18bad7-c208-4d5e-bb74-4babc2efa60b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:a000::/40 Signature Algorithm: sha256WithRSAEncryption 19:cb:1c:42:38:06:6b:ca:5b:6e:b9:7f:fd:4b:f7:1f:18:c6: 7d:d6:ee:b4:60:bb:73:d7:e3:b7:75:61:21:42:8b:b8:a6:d5: 8f:98:bf:22:fd:d8:ab:58:f1:3f:ff:5d:f5:25:a7:c2:86:9b: 59:1a:a5:75:92:2c:45:2e:aa:9b:5a:d5:42:96:01:fe:f7:fc: fe:98:0f:82:0a:3a:21:8c:81:83:1d:f9:56:80:a8:65:a0:66: c2:f3:0f:31:a6:c5:e1:b4:6e:18:a3:ab:49:10:e6:a6:bb:08: a6:7a:7d:61:7a:dc:c3:18:1e:f1:4f:0e:2c:f1:10:5c:18:a6: 33:dd:d8:cf:96:5a:31:bf:ec:fc:5d:de:c7:f5:09:d7:4b:02: b5:90:21:2b:f3:56:55:ec:7a:b9:2d:e5:ef:01:18:f9:37:46: 35:f0:67:32:d7:64:99:a4:2a:89:69:e5:b7:0c:07:88:11:18: ec:2d:81:29:8a:03:c4:f7:1a:ed:fa:02:ae:ed:fa:83:7a:c9: bc:42:14:a7:3f:60:b4:8e:33:8a:e3:d9:d0:ee:13:cc:b3:34: ff:4a:6f:29:15:36:de:d2:08:57:1e:be:60:68:ce:e0:01:9c: a8:c3:b9:b1:79:72:30:88:eb:96:5f:ce:55:94:22:64:93:ce: 49:8b:d2:26 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUXS0mW8CrJUKz8Mn+/xpY3IZs9j4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMTAwMDA1MVoX DTI2MDUyMjIzNTk1OVowejFJMEcGA1UEBRNAODgwNDAyZjgyYjg0NGM5OGNlODZm YmRjZmI0MzY4ZWI0ZWEyZGFmMzUyY2U0NzQwMmY4ODA3ZDZlMTJhMzc4ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9Mb908Go9HK/qs4E0XCpEBbqZuR 75S0RAEhFpqdac7q4lI9tvPXRdZvZ6uI4Xi+F/pm9M8eb7bFrUTBlBN+4js/hlJ4 K5/pvspins+6Sj0+IXCBeG6hn4yDW/Ri8Fl4iN5TyfC9CKP1Hxj9kP4J6sRYN4zK EW7LO8C4lA+PosCVpYfaRJgBaQkzzoZWaasyEU/du6cHI9O+8X5dXXW0jy4UOSCa v4typItoEY73XyQZylt5onBgvrYqV5uJeBfhaOXu2CxG97qJN5Owyt6i/KmXJKrO 32kA4jxFAAN4LgkShTb4/f3KMRz6MfaQOXsbWItGu73mjb1FXoO2FVAkDwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOJ4C1SgxNFxtdFT25UAxckeRE8cMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlkMThiYWQ3LWMyMDgtNGQ1ZS1iYjc0LTRiYWJjMmVmYTYwYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+6AwDQYJKoZIhvcNAQELBQADggEBABnLHEI4BmvKW265f/1L 9x8Yxn3W7rRgu3PX47d1YSFCi7im1Y+YvyL92KtY8T//XfUlp8KGm1kapXWSLEUu qpta1UKWAf73/P6YD4IKOiGMgYMd+VaAqGWgZsLzDzGmxeG0bhijq0kQ5qa7CKZ6 fWF63MMYHvFPDizxEFwYpjPd2M+WWjG/7Pxd3sf1CddLArWQISvzVlXserkt5e8B GPk3RjXwZzLXZJmkKolp5bcMB4gRGOwtgSmKA8T3Gu36Aq7t+oN6ybxCFKc/YLSO M4rj2dDuE8yzNP9KbykVNt7SCFcevmBozuABnKjDubF5cjCI65ZfzlWUImSTzkmL 0iY= -----END CERTIFICATE-----Generated at Sun Mar 1 21:52:48 2026 by rpki-client