$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5e20664-bb4b-418f-9be3-4d905265deec.roa File: a5e20664-bb4b-418f-9be3-4d905265deec.roa (raw, json) Hash identifier: K/ZdY9Dj6RU6q7Jd0UyeA2oRmofeenHhzhfbPOE4FTM= Subject key identifier: 68:65:54:36:C2:4F:6C:FB:CC:F9:C5:56:A6:E0:D1:93:8D:31:44:60 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 792B6DD678823BFAF8CE9C5EE7236EAC5C88A389 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5e20664-bb4b-418f-9be3-4d905265deec.roa Signing time: Sun 22 Feb 2026 00:20:51 +0000 ROA not before: Sun 22 Feb 2026 00:20:51 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79:2b:6d:d6:78:82:3b:fa:f8:ce:9c:5e:e7:23:6e:ac:5c:88:a3:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:20:51 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=0300272e2fadf31ccda3aab5b0facef27dd7d91c8183dc9be40a1c9ddbfb0983, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:2d:02:f6:3b:f8:55:70:d8:bc:81:f9:fd:f8: 6a:4d:aa:e7:b7:71:db:bb:8f:7f:e6:4b:14:a8:13: 15:e2:14:7d:16:06:47:1d:b1:ae:cb:6c:a8:85:df: bd:2f:04:4a:a5:64:2c:7a:cb:3f:11:7f:db:f8:dc: 51:c8:02:84:ff:1f:f3:f7:00:93:6e:03:76:18:d9: 81:82:f4:0d:74:33:01:e4:3a:36:2a:01:24:36:5d: 2c:5b:c5:b7:83:b7:f3:da:a2:28:b6:15:92:aa:fb: 1e:3a:bf:11:6f:6e:28:e6:99:86:ff:d5:24:66:f0: 3c:fc:05:d1:3a:47:1d:4a:97:ce:95:df:bf:f4:26: 26:91:38:1a:ed:69:72:39:9c:73:d0:94:c3:6c:b7: 88:7b:ff:9e:89:e4:49:96:f7:79:7b:73:fb:9b:66: 1a:57:8e:ea:c9:42:6e:51:f2:52:f2:69:6b:6d:90: c1:90:5a:93:1f:42:16:47:53:37:e4:cf:8a:0f:b3: 9c:aa:1b:ef:13:56:53:69:dd:7d:51:a0:2c:76:71: e0:b3:d1:af:c1:6e:f0:b5:0e:b2:a8:21:80:16:24: 1a:64:5d:d3:67:40:42:29:2f:26:6f:f0:4c:1e:58: 37:1f:81:06:31:6c:b9:33:2d:bb:59:45:16:69:90: f6:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:65:54:36:C2:4F:6C:FB:CC:F9:C5:56:A6:E0:D1:93:8D:31:44:60 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5e20664-bb4b-418f-9be3-4d905265deec.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:8000::/40 Signature Algorithm: sha256WithRSAEncryption 54:6d:91:c6:df:4c:39:cd:28:1b:c7:0d:ae:f5:fe:87:74:63: 9f:0b:42:8d:fa:41:ef:ca:78:ed:65:bf:99:f7:7b:69:fe:6c: 65:39:d6:6e:71:54:a6:f6:87:11:74:47:20:7b:32:e3:d5:3e: 73:be:24:c7:5d:14:31:ce:8f:f5:c4:3f:cd:99:7a:e7:19:84: 05:a1:9a:d9:bd:87:fa:de:86:e5:37:37:0a:40:ae:0c:5b:b1: de:fd:77:81:7e:b0:3c:cd:ad:28:62:e6:25:e3:1f:a1:2d:8b: 71:2b:57:7b:7f:40:af:82:75:db:4a:83:3d:cb:f7:62:40:07: 6a:a3:ae:a0:1f:40:8a:f7:2a:72:13:b2:4f:b4:cd:6c:20:35: 8c:9e:56:9b:f4:7c:9e:68:8b:da:7d:9d:77:21:72:cb:dd:bb: 28:9f:56:7c:b4:fe:95:77:b0:03:9f:0f:76:e6:12:02:bc:22: e6:3d:54:4c:12:d7:9d:8f:24:cd:33:07:07:6a:67:bb:24:18: b8:15:8a:6f:80:38:e4:cf:9f:e9:b7:0d:02:f2:5d:c4:36:ee: 04:2a:bb:02:07:82:e6:e6:e8:7c:7b:d9:e6:a0:cb:ff:83:4d: a2:1a:c2:68:f9:ad:ca:5c:c1:ed:16:f1:b3:d7:dd:df:51:0e: 16:0c:cb:5f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUeStt1niCO/r4zpxe5yNurFyIo4kwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMjA1MVoX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAMDMwMDI3MmUyZmFkZjMxY2NkYTNh YWI1YjBmYWNlZjI3ZGQ3ZDkxYzgxODNkYzliZTQwYTFjOWRkYmZiMDk4MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAli0C9jv4VXDYvIH5/fhqTarnt3Hb u49/5ksUqBMV4hR9FgZHHbGuy2yohd+9LwRKpWQsess/EX/b+NxRyAKE/x/z9wCT bgN2GNmBgvQNdDMB5Do2KgEkNl0sW8W3g7fz2qIothWSqvseOr8Rb24o5pmG/9Uk ZvA8/AXROkcdSpfOld+/9CYmkTga7WlyOZxz0JTDbLeIe/+eieRJlvd5e3P7m2Ya V47qyUJuUfJS8mlrbZDBkFqTH0IWR1M35M+KD7OcqhvvE1ZTad19UaAsdnHgs9Gv wW7wtQ6yqCGAFiQaZF3TZ0BCKS8mb/BMHlg3H4EGMWy5My27WUUWaZD2bwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGhlVDbCT2z7zPnFVqbg0ZONMURgMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E1ZTIwNjY0LWJiNGItNDE4Zi05YmUzLTRkOTA1MjY1ZGVlYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaIAwDQYJKoZIhvcNAQELBQADggEBAFRtkcbfTDnNKBvHDa71 /od0Y58LQo36Qe/KeO1lv5n3e2n+bGU51m5xVKb2hxF0RyB7MuPVPnO+JMddFDHO j/XEP82ZeucZhAWhmtm9h/rehuU3NwpArgxbsd79d4F+sDzNrShi5iXjH6Eti3Er V3t/QK+CddtKgz3L92JAB2qjrqAfQIr3KnITsk+0zWwgNYyeVpv0fJ5oi9p9nXch csvduyifVny0/pV3sAOfD3bmEgK8IuY9VEwS152PJM0zBwdqZ7skGLgVim+AOOTP n+m3DQLyXcQ27gQquwIHgubm6Hx72eagy/+DTaIawmj5rcpcwe0W8bPX3d9RDhYM y18= -----END CERTIFICATE-----Generated at Sun Mar 1 23:48:06 2026 by rpki-client