$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a0d0474f-3a63-4312-ba91-4caeffc8b819.roa File: a0d0474f-3a63-4312-ba91-4caeffc8b819.roa (raw, json) Hash identifier: IGmkPk0gBfJciV1WH08Ct2sFopuj2xYbAwoqEe9pEIg= Subject key identifier: 78:2D:64:A7:34:78:D2:3D:14:56:7A:0B:0F:E1:D8:AD:A5:97:8F:47 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 34B6C28422F197CEA788B48FB7832C816B117F76 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a0d0474f-3a63-4312-ba91-4caeffc8b819.roa Signing time: Sun 22 Feb 2026 00:10:41 +0000 ROA not before: Sun 22 Feb 2026 00:10:41 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da70:4800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:b6:c2:84:22:f1:97:ce:a7:88:b4:8f:b7:83:2c:81:6b:11:7f:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:10:41 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=67d57f0f6952cb767a464e8da1bfcc613af5888c8886b0ed8070bd9a13285368, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:29:9f:30:6c:ed:ff:96:b3:0e:59:c5:49:8e: ab:cf:73:24:ea:1e:21:92:9b:53:16:df:2f:ab:66: 1b:fa:44:92:c4:bf:3c:0d:88:dd:83:c4:7a:30:cf: d6:40:e7:2d:e8:a7:c0:1f:fa:be:a9:f6:39:08:9d: 6b:41:aa:15:c3:cb:db:0a:21:c9:d1:f6:e7:18:66: 14:33:16:d6:d3:d7:3d:5c:fa:13:c1:db:e4:02:4a: 2e:61:a6:fb:a2:99:23:31:e6:a7:56:35:85:19:f5: 49:6f:ef:a5:db:85:5e:6a:fd:eb:ff:43:a5:2c:cb: 18:c8:4d:4f:5c:6f:ab:ab:5f:0b:fd:4f:81:3b:ad: df:af:fe:c3:a4:1d:f5:d1:24:f7:ce:8b:47:5c:80: 05:57:24:20:3e:ba:8c:00:bc:3c:9a:29:c8:96:21: 82:34:f0:76:53:0b:eb:b2:04:d8:e0:4a:67:44:d1: db:f4:1c:14:ca:de:fb:da:71:49:9d:42:d3:18:08: 80:7a:49:c4:fc:6c:25:64:77:b5:ca:10:ac:3e:01: 37:92:f6:bd:ab:ae:9c:2a:f1:be:45:2f:6c:f9:d0: 2d:ef:97:4a:f3:9f:f9:5e:c1:95:1a:62:9d:c7:fa: b2:2b:80:1e:8e:89:60:82:51:98:e3:1c:76:16:bd: 5f:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:2D:64:A7:34:78:D2:3D:14:56:7A:0B:0F:E1:D8:AD:A5:97:8F:47 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a0d0474f-3a63-4312-ba91-4caeffc8b819.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da70:4800::/40 Signature Algorithm: sha256WithRSAEncryption 11:60:8e:a5:fe:94:12:c2:5d:fd:78:ff:94:09:35:20:93:0a: 40:0d:4a:8d:71:2a:e3:a5:21:cf:09:ba:3f:8a:cb:04:e5:62: 9c:d3:39:8b:d5:d4:c7:bf:df:5a:45:a3:b0:66:2a:29:0c:59: 8b:ac:e4:07:37:a6:c2:15:6f:54:a5:df:fc:e2:50:0c:15:61: 33:88:25:f7:45:f5:8a:11:e9:16:fb:30:bd:39:1b:38:5a:85: 11:44:98:f2:30:af:f0:39:f5:6a:46:0f:17:ba:f0:f5:3c:c0: bd:24:5b:ac:56:aa:9d:d4:9e:13:12:19:32:37:e7:80:9e:cd: f7:67:be:d9:10:e1:61:18:ac:45:cd:dc:3c:34:71:02:2a:96: 3c:79:ac:03:e2:10:1d:3b:c5:ed:60:21:83:e2:36:2f:52:06: 46:55:e5:9c:1e:af:85:2d:e0:5c:2a:51:f6:13:9b:5d:08:ef: 6d:9a:37:e8:f1:88:85:ed:0a:ca:20:8a:b8:59:9d:5e:83:80: 6a:99:33:45:b3:04:cb:23:ef:34:cf:05:27:e9:95:d7:b0:3b: 30:be:ce:e6:ac:4a:5e:3f:aa:fe:64:56:1c:7d:1d:bf:40:ff: cd:9f:d0:fb:c6:2a:51:bb:c5:83:66:ea:94:10:f9:3e:b5:6c: bb:e7:85:d3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNLbChCLxl86niLSPt4MsgWsRf3YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMTA0MVoX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNANjdkNTdmMGY2OTUyY2I3NjdhNDY0 ZThkYTFiZmNjNjEzYWY1ODg4Yzg4ODZiMGVkODA3MGJkOWExMzI4NTM2ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ymfMGzt/5azDlnFSY6rz3Mk6h4h kptTFt8vq2Yb+kSSxL88DYjdg8R6MM/WQOct6KfAH/q+qfY5CJ1rQaoVw8vbCiHJ 0fbnGGYUMxbW09c9XPoTwdvkAkouYab7opkjMeanVjWFGfVJb++l24Veav3r/0Ol LMsYyE1PXG+rq18L/U+BO63fr/7DpB310ST3zotHXIAFVyQgPrqMALw8minIliGC NPB2UwvrsgTY4EpnRNHb9BwUyt772nFJnULTGAiAeknE/GwlZHe1yhCsPgE3kva9 q66cKvG+RS9s+dAt75dK85/5XsGVGmKdx/qyK4AejolgglGY4xx2Fr1f/QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHgtZKc0eNI9FFZ6Cw/h2K2ll49HMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2EwZDA0NzRmLTNhNjMtNDMxMi1iYTkxLTRjYWVmZmM4YjgxOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbacEgwDQYJKoZIhvcNAQELBQADggEBABFgjqX+lBLCXf14/5QJ NSCTCkANSo1xKuOlIc8Juj+KywTlYpzTOYvV1Me/31pFo7BmKikMWYus5Ac3psIV b1Sl3/ziUAwVYTOIJfdF9YoR6Rb7ML05GzhahRFEmPIwr/A59WpGDxe68PU8wL0k W6xWqp3UnhMSGTI354CezfdnvtkQ4WEYrEXN3Dw0cQIqljx5rAPiEB07xe1gIYPi Ni9SBkZV5Zwer4Ut4FwqUfYTm10I722aN+jxiIXtCsogirhZnV6DgGqZM0WzBMsj 7zTPBSfpldewOzC+zuasSl4/qv5kVhx9Hb9A/82f0PvGKlG7xYNm6pQQ+T61bLvn hdM= -----END CERTIFICATE-----Generated at Sun Mar 1 22:03:56 2026 by rpki-client