$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a41ae715-9e63-4e83-af61-a9364bcaac32.roa File: a41ae715-9e63-4e83-af61-a9364bcaac32.roa (raw, json) Hash identifier: 1CMPydiBcigY62C4fM2J1rONmH6VyPbu5jqh9ePvVXg= Subject key identifier: 66:51:20:5A:F5:14:14:88:BA:B2:AB:29:DF:F6:9C:55:53:1D:88:4E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 26DFBEE5A0F37919870BBCFD59596A2C45E2C950 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a41ae715-9e63-4e83-af61-a9364bcaac32.roa Signing time: Sun 15 Feb 2026 00:00:46 +0000 ROA not before: Sun 15 Feb 2026 00:00:46 +0000 ROA not after: Sat 16 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:df:be:e5:a0:f3:79:19:87:0b:bc:fd:59:59:6a:2c:45:e2:c9:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 15 00:00:46 2026 GMT Not After : May 16 23:59:59 2026 GMT Subject: serialNumber=989ea196e007f50d1d7e0da51c40cbe51c14b46aac048fbe3b965d7ec60a15cf, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:17:47:cb:64:eb:26:cd:b9:5d:2a:d9:4e:20: 5e:77:4d:e5:01:69:e2:f6:00:0f:a9:d4:5d:a4:6c: 2f:2b:cb:9b:74:7d:51:e8:ac:14:58:cf:07:12:31: 7f:61:0e:f9:f3:39:bf:72:4d:e1:78:f3:0a:e9:ce: 6c:ae:1b:a0:c5:7d:5e:38:2c:b6:bb:63:56:77:12: 4d:51:4c:a9:76:6f:4f:81:52:0e:2e:c3:41:19:0d: 22:a5:75:ba:01:9e:a3:a4:fe:d0:a4:75:a1:ca:d7: a4:4f:0c:4d:4c:15:57:08:49:25:f2:ce:31:60:a3: 70:94:d6:7b:8b:c1:af:ee:18:a4:50:26:d6:70:11: 2b:40:bf:8d:ba:02:90:70:a2:bd:aa:08:6d:bd:13: 00:70:9f:fa:e5:bf:9c:b0:8f:8f:11:87:43:77:7c: 51:cf:d6:48:d1:34:62:81:93:2d:36:26:a6:c2:89: ef:d7:e8:3f:39:9c:4e:56:99:81:d7:fe:b4:5d:19: fe:33:7e:bd:63:a9:a0:a8:27:19:1d:83:8f:4e:cf: 22:f7:1c:e1:4f:35:a7:00:4f:62:65:52:ae:77:15: 84:dd:66:d0:41:e3:30:48:7f:0e:56:17:15:eb:29: 5e:c8:8f:e3:a2:f3:9a:13:5a:1a:3d:e5:5b:04:30: eb:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:51:20:5A:F5:14:14:88:BA:B2:AB:29:DF:F6:9C:55:53:1D:88:4E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a41ae715-9e63-4e83-af61-a9364bcaac32.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60::/32 Signature Algorithm: sha256WithRSAEncryption 1f:68:40:9c:0e:d0:f3:7c:3e:d4:8c:cd:e3:15:a8:f2:bb:95: 3d:2d:f1:1e:24:b5:60:e8:ad:37:d5:ae:d1:5e:a7:31:e3:7e: 4e:46:42:89:2c:9e:07:95:65:68:ba:6c:fd:8b:e0:b2:2e:6c: ac:14:9d:9f:f5:71:55:cf:3e:1f:06:ce:57:d1:96:64:10:34: 0d:27:c0:e1:8d:99:62:72:22:b2:3a:1d:94:63:73:d1:36:1e: 4a:92:28:db:a0:47:ab:95:ab:b8:87:0e:2a:f1:18:aa:cb:f6: 4e:47:15:d1:b9:fe:39:c9:38:9a:1f:d8:b5:cf:92:95:1e:3b: 1f:eb:1f:7e:38:11:ba:e7:3c:04:f9:b0:98:63:73:b4:89:56: 6b:fd:b8:6e:24:4b:1f:c2:9b:30:54:b1:ba:a7:5b:3d:91:8d: 35:fc:76:74:7a:ff:51:46:5d:01:1a:d4:c6:bd:62:ba:97:a9: d7:b9:d3:e1:1a:b4:07:a6:ec:25:d8:71:03:bb:37:f7:5f:6f: b9:3f:1a:31:64:4c:7c:ca:2f:f9:43:de:4d:9a:16:94:89:03: 5d:6e:4e:c2:2c:ba:3c:24:77:88:31:e5:f3:64:47:a1:2e:9f: 4a:e6:69:bc:0d:40:f7:3e:69:3c:25:69:ec:90:c7:7e:c4:08: 0c:64:49:fd -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUJt++5aDzeRmHC7z9WVlqLEXiyVAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxNTAwMDA0NloX DTI2MDUxNjIzNTk1OVowejFJMEcGA1UEBRNAOTg5ZWExOTZlMDA3ZjUwZDFkN2Uw ZGE1MWM0MGNiZTUxYzE0YjQ2YWFjMDQ4ZmJlM2I5NjVkN2VjNjBhMTVjZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxdHy2TrJs25XSrZTiBed03lAWni 9gAPqdRdpGwvK8ubdH1R6KwUWM8HEjF/YQ758zm/ck3hePMK6c5srhugxX1eOCy2 u2NWdxJNUUypdm9PgVIOLsNBGQ0ipXW6AZ6jpP7QpHWhytekTwxNTBVXCEkl8s4x YKNwlNZ7i8Gv7hikUCbWcBErQL+NugKQcKK9qghtvRMAcJ/65b+csI+PEYdDd3xR z9ZI0TRigZMtNiamwonv1+g/OZxOVpmB1/60XRn+M369Y6mgqCcZHYOPTs8i9xzh TzWnAE9iZVKudxWE3WbQQeMwSH8OVhcV6yleyI/jovOaE1oaPeVbBDDrtQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFGZRIFr1FBSIurKrKd/2nFVTHYhOMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E0MWFlNzE1LTllNjMtNGU4My1hZjYxLWE5MzY0YmNhYWMzMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAbaYDANBgkqhkiG9w0BAQsFAAOCAQEAH2hAnA7Q83w+1IzN4xWo 8ruVPS3xHiS1YOitN9Wu0V6nMeN+TkZCiSyeB5VlaLps/Yvgsi5srBSdn/VxVc8+ HwbOV9GWZBA0DSfA4Y2ZYnIisjodlGNz0TYeSpIo26BHq5WruIcOKvEYqsv2TkcV 0bn+Ock4mh/Ytc+SlR47H+sffjgRuuc8BPmwmGNztIlWa/24biRLH8KbMFSxuqdb PZGNNfx2dHr/UUZdARrUxr1iupep17nT4Rq0B6bsJdhxA7s3919vuT8aMWRMfMov +UPeTZoWlIkDXW5Owiy6PCR3iDHl82RHoS6fSuZpvA1A9z5pPCVp7JDHfsQIDGRJ /Q== -----END CERTIFICATE-----Generated at Sun Mar 1 21:52:54 2026 by rpki-client