$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a37838b8-524c-4ff8-b517-727be63ea330.roa File: a37838b8-524c-4ff8-b517-727be63ea330.roa (raw, json) Hash identifier: a3JZwNlGk0MGMYOhnkEfWblEL3l/RziUQRG4PAPMlGg= Subject key identifier: 0D:1A:96:4F:F5:86:1A:85:5D:45:0E:6D:19:30:64:91:57:EE:87:D1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 01D3C8A1CFC6EBD9EF30500432F9B80A138DFA56 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a37838b8-524c-4ff8-b517-727be63ea330.roa Signing time: Wed 11 Feb 2026 00:11:10 +0000 ROA not before: Wed 11 Feb 2026 00:11:10 +0000 ROA not after: Tue 12 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daea:a040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:d3:c8:a1:cf:c6:eb:d9:ef:30:50:04:32:f9:b8:0a:13:8d:fa:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 11 00:11:10 2026 GMT Not After : May 12 23:59:59 2026 GMT Subject: serialNumber=894021309481fb111d78bf3c965f1e61323d6c540ea96af538c21055f439ec39, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:aa:f0:8a:0f:3e:6f:36:77:cb:a5:a5:ce:aa: 2b:fd:0b:9e:0e:96:3a:88:cb:6d:a2:36:d5:45:b8: 1e:cb:ed:c8:93:b5:60:a4:a0:b9:94:bc:d5:c9:89: 15:af:c3:9c:60:65:82:a0:0b:79:9e:d5:00:88:11: 4d:52:08:44:8a:d6:c1:fe:6a:2e:91:f8:59:31:40: 1b:ed:ac:2a:c6:ae:b9:2e:54:cd:e4:0d:87:a7:86: 53:e4:87:c9:8e:72:f5:02:a6:a8:99:a1:8e:94:57: bc:c3:ee:24:4a:a5:b4:72:98:be:43:89:68:fe:bb: 0d:18:25:04:73:f8:2b:fe:b4:5f:2d:2b:b9:be:49: ef:3a:04:c3:bf:5b:22:1e:48:d3:59:56:c4:c6:fd: 7d:fa:76:52:09:95:f5:b7:b3:f3:79:0d:cf:86:d5: 61:06:cc:46:41:b9:f2:dd:33:94:45:86:88:94:02: 66:db:43:56:4a:1b:ac:a0:b0:08:00:0e:c5:a3:31: a0:0f:4d:00:e0:b8:83:c9:0f:f6:8e:b3:e6:af:c5: 67:82:fe:9c:35:a3:e4:08:41:59:b1:b2:74:53:38: 88:cb:83:5c:43:21:23:4d:8d:14:01:1a:3d:af:0b: f7:4b:21:7c:c0:fe:b3:64:3c:25:0d:68:95:a6:22: 77:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:1A:96:4F:F5:86:1A:85:5D:45:0E:6D:19:30:64:91:57:EE:87:D1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a37838b8-524c-4ff8-b517-727be63ea330.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daea:a040::/48 Signature Algorithm: sha256WithRSAEncryption 4e:1e:35:53:5c:b0:ee:6f:ed:0d:3a:af:19:95:6b:f4:10:02: 07:aa:be:22:d4:a1:a4:33:2e:b2:bf:3f:c0:25:51:5a:11:2c: a0:31:c4:fa:e8:b1:d0:da:de:18:0f:33:e9:8a:f5:35:ec:05: 35:5c:7e:bc:1d:21:65:2b:e7:69:25:95:48:ad:81:3f:b0:8f: 6d:2c:da:cc:3f:ec:e6:a3:34:60:d0:a4:4f:c1:74:6c:fb:b5: c8:80:f0:d5:48:e8:e9:78:0b:c8:41:df:6c:c9:72:13:59:0a: 3b:12:d5:71:1a:68:a0:6d:72:76:d3:50:a6:71:49:e9:77:d0: a7:bc:95:9b:08:4b:48:9c:4c:15:7c:bc:2d:ec:17:2d:27:b8: be:96:da:44:d0:68:c2:fa:50:a3:42:8d:34:32:ee:3b:3e:77: b7:72:1b:63:78:b3:b5:bb:14:f7:34:79:06:2e:5e:97:3b:8f: 07:12:24:21:26:b6:43:66:be:19:9e:dc:12:1c:9c:73:ec:5b: f1:6d:d9:33:19:29:1b:10:bf:93:5b:73:bc:92:d8:b3:4c:fa: 0d:77:be:1f:2e:1c:97:27:50:12:64:f9:f7:66:44:5a:52:10: 31:99:b6:14:b6:91:e5:1e:ee:70:54:b8:fe:37:a6:c1:a5:f3: c1:6f:d5:c3 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUAdPIoc/G69nvMFAEMvm4ChON+lYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxMTAwMTExMFoX DTI2MDUxMjIzNTk1OVowejFJMEcGA1UEBRNAODk0MDIxMzA5NDgxZmIxMTFkNzhi ZjNjOTY1ZjFlNjEzMjNkNmM1NDBlYTk2YWY1MzhjMjEwNTVmNDM5ZWMzOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Krwig8+bzZ3y6Wlzqor/QueDpY6 iMttojbVRbgey+3Ik7VgpKC5lLzVyYkVr8OcYGWCoAt5ntUAiBFNUghEitbB/mou kfhZMUAb7awqxq65LlTN5A2Hp4ZT5IfJjnL1AqaomaGOlFe8w+4kSqW0cpi+Q4lo /rsNGCUEc/gr/rRfLSu5vknvOgTDv1siHkjTWVbExv19+nZSCZX1t7PzeQ3PhtVh BsxGQbny3TOURYaIlAJm20NWShusoLAIAA7FozGgD00A4LiDyQ/2jrPmr8Vngv6c NaPkCEFZsbJ0UziIy4NcQyEjTY0UARo9rwv3SyF8wP6zZDwlDWiVpiJ37QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFA0alk/1hhqFXUUObRkwZJFX7ofRMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2EzNzgzOGI4LTUyNGMtNGZmOC1iNTE3LTcyN2JlNjNlYTMzMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6qBAMA0GCSqGSIb3DQEBCwUAA4IBAQBOHjVTXLDub+0NOq8Z lWv0EAIHqr4i1KGkMy6yvz/AJVFaESygMcT66LHQ2t4YDzPpivU17AU1XH68HSFl K+dpJZVIrYE/sI9tLNrMP+zmozRg0KRPwXRs+7XIgPDVSOjpeAvIQd9syXITWQo7 EtVxGmigbXJ201CmcUnpd9CnvJWbCEtInEwVfLwt7BctJ7i+ltpE0GjC+lCjQo00 Mu47Pne3chtjeLO1uxT3NHkGLl6XO48HEiQhJrZDZr4ZntwSHJxz7FvxbdkzGSkb EL+TW3O8ktizTPoNd74fLhyXJ1ASZPn3ZkRaUhAxmbYUtpHlHu5wVLj+N6bBpfPB b9XD -----END CERTIFICATE-----Generated at Sun Mar 1 22:12:04 2026 by rpki-client