$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9f32aedc-a073-4f9f-a362-fb6ab646d6dc.roa File: 9f32aedc-a073-4f9f-a362-fb6ab646d6dc.roa (raw, json) Hash identifier: rcZayagzEpsGz27I/ZsKRYDmYT/t5H1J6dbN8otpidA= Subject key identifier: A2:07:F2:B6:F9:55:1F:F5:79:DF:A2:F7:35:E7:3E:5B:A5:3C:B4:20 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1AC146D63CB8357B248004EE47E851E7C4CFBF72 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9f32aedc-a073-4f9f-a362-fb6ab646d6dc.roa Signing time: Sun 22 Feb 2026 00:00:41 +0000 ROA not before: Sun 22 Feb 2026 00:00:41 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:c1:46:d6:3c:b8:35:7b:24:80:04:ee:47:e8:51:e7:c4:cf:bf:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:00:41 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=eaef6d976da55855dcccbbc8f9c5a0166519efbaa6179e770443beeed0c2d347, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:df:4c:3d:db:ca:fc:80:c9:41:84:4a:f4:14: 23:85:6b:f4:ab:0d:6b:e4:e1:07:0a:9c:37:98:97: d2:7e:39:67:ad:f1:c2:15:a8:ce:22:dc:ff:b5:4f: 67:e9:5b:e9:07:e9:cb:67:90:39:b5:5c:9f:12:58: 3a:44:7a:7c:a3:ae:ad:2e:45:58:84:2b:64:e3:7e: ee:15:53:1d:60:3a:1d:a5:28:66:e1:8c:a6:8d:37: 87:1f:63:69:21:89:d0:b6:4b:dc:30:b9:8f:d9:69: 04:a2:e0:d2:43:31:01:30:4a:3f:8a:9b:ed:0a:aa: 13:8b:50:61:ad:38:f4:9c:ca:3e:10:b2:b4:67:fe: 89:fc:1a:5f:9f:60:2d:8d:21:f4:f1:59:8e:a9:07: a4:cf:0e:fc:0f:36:e6:68:9e:25:60:af:58:0e:94: 0a:c0:84:1d:b5:fa:3e:52:54:7d:0b:a9:55:46:80: 76:65:fe:ba:50:bf:04:bb:db:d3:23:49:b8:cf:f9: 5f:4e:57:11:90:ea:db:f6:83:1a:a7:8e:ec:3b:36: d2:68:de:c5:0c:fa:18:08:36:3c:51:ab:9d:e4:00: 31:4c:20:f4:fd:e1:e9:2f:f6:b9:28:84:58:82:20: e1:30:fa:2d:3d:b2:2d:c2:62:a3:fe:42:09:d8:1d: de:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:07:F2:B6:F9:55:1F:F5:79:DF:A2:F7:35:E7:3E:5B:A5:3C:B4:20 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9f32aedc-a073-4f9f-a362-fb6ab646d6dc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:6000::/40 Signature Algorithm: sha256WithRSAEncryption 43:c9:8b:55:e7:06:52:df:96:8b:cf:0e:36:00:3e:47:9a:9f: 23:fd:c4:91:60:27:85:bf:45:bf:16:42:1c:03:02:aa:db:24: 57:5d:d5:1f:00:5a:66:47:b9:b6:e5:bd:d9:47:47:3f:7f:3f: 09:ba:02:75:c7:75:aa:5b:a4:6b:a9:07:53:a2:35:aa:a2:e8: 7b:45:df:99:4c:a1:46:56:1d:aa:0a:f0:ff:0d:7a:6f:cf:ac: aa:4a:cf:e3:97:fe:78:37:bd:bb:0d:06:88:04:14:5e:5f:47: a1:d3:36:3e:ba:95:9c:ea:d3:33:b0:ce:1f:25:70:5c:3b:10: 0a:95:7e:5e:cb:e3:e9:5b:07:12:c8:59:08:77:b6:ac:b7:cf: 6d:3e:f1:75:82:6d:4c:52:42:23:15:40:d0:ab:b9:c7:3f:79: 2b:65:ec:d6:ae:c2:d8:68:02:fa:64:7b:80:e9:ba:aa:ee:c0: 27:70:8b:5f:28:a3:e2:62:78:2b:14:e0:0f:e9:dc:3e:41:68: f4:94:fd:ed:68:45:3c:cd:23:d3:dc:54:71:37:f2:d9:4f:0a: 06:13:d9:64:13:0b:cf:a6:77:5a:d3:f4:c6:20:8d:73:64:e5: 26:4e:2f:8a:7a:20:65:e0:70:1f:19:5d:d5:cf:e6:37:30:93: be:f6:9a:aa -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGsFG1jy4NXskgATuR+hR58TPv3IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMDA0MVoX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAZWFlZjZkOTc2ZGE1NTg1NWRjY2Ni YmM4ZjljNWEwMTY2NTE5ZWZiYWE2MTc5ZTc3MDQ0M2JlZWVkMGMyZDM0NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAut9MPdvK/IDJQYRK9BQjhWv0qw1r 5OEHCpw3mJfSfjlnrfHCFajOItz/tU9n6VvpB+nLZ5A5tVyfElg6RHp8o66tLkVY hCtk437uFVMdYDodpShm4YymjTeHH2NpIYnQtkvcMLmP2WkEouDSQzEBMEo/ipvt CqoTi1BhrTj0nMo+ELK0Z/6J/Bpfn2AtjSH08VmOqQekzw78DzbmaJ4lYK9YDpQK wIQdtfo+UlR9C6lVRoB2Zf66UL8Eu9vTI0m4z/lfTlcRkOrb9oMap47sOzbSaN7F DPoYCDY8Uaud5AAxTCD0/eHpL/a5KIRYgiDhMPotPbItwmKj/kIJ2B3eJQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKIH8rb5VR/1ed+i9zXnPlulPLQgMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlmMzJhZWRjLWEwNzMtNGY5Zi1hMzYyLWZiNmFiNjQ2ZDZkYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoGAwDQYJKoZIhvcNAQELBQADggEBAEPJi1XnBlLflovPDjYA PkeanyP9xJFgJ4W/Rb8WQhwDAqrbJFdd1R8AWmZHubblvdlHRz9/Pwm6AnXHdapb pGupB1OiNaqi6HtF35lMoUZWHaoK8P8Nem/PrKpKz+OX/ng3vbsNBogEFF5fR6HT Nj66lZzq0zOwzh8lcFw7EAqVfl7L4+lbBxLIWQh3tqy3z20+8XWCbUxSQiMVQNCr ucc/eStl7NauwthoAvpke4DpuqruwCdwi18oo+JieCsU4A/p3D5BaPSU/e1oRTzN I9PcVHE38tlPCgYT2WQTC8+md1rT9MYgjXNk5SZOL4p6IGXgcB8ZXdXP5jcwk772 mqo= -----END CERTIFICATE-----Generated at Sun Mar 1 21:56:37 2026 by rpki-client