$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a894812d-493e-43f7-8c3a-76a64ad96de7.roa File: a894812d-493e-43f7-8c3a-76a64ad96de7.roa (raw, json) Hash identifier: pKgpgLb/N2O1KN2s4a1zBtbghd0gvxLVtp54cWusgZw= Subject key identifier: 6B:CF:48:17:18:61:89:E4:D0:6F:88:CC:43:9B:DA:C4:AF:45:A2:83 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 100BD50EF9C49FC8F22AFCAEE3DD6A5ECC21957E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a894812d-493e-43f7-8c3a-76a64ad96de7.roa Signing time: Wed 18 Feb 2026 00:00:08 +0000 ROA not before: Wed 18 Feb 2026 00:00:08 +0000 ROA not after: Tue 19 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:4040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:0b:d5:0e:f9:c4:9f:c8:f2:2a:fc:ae:e3:dd:6a:5e:cc:21:95:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 18 00:00:08 2026 GMT Not After : May 19 23:59:59 2026 GMT Subject: serialNumber=95499bb9c66a6dfcaea94f54e8af0aef6ed64994d04fedec85bfdf0e15215422, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:75:7f:39:f2:3f:f6:aa:3e:9f:9a:fe:01:4d: 5e:9f:eb:df:8c:45:46:fe:cf:2f:a3:6a:1e:88:df: e8:17:5f:df:30:2d:4d:48:d8:ac:24:19:89:ae:bf: 2d:11:1e:6b:19:4f:28:90:7a:0f:c9:f3:97:a8:f4: 2b:eb:0b:b1:3f:44:e7:fd:97:b5:fa:50:57:67:9e: 9c:8f:e6:e6:8c:6a:c1:6c:32:e3:be:92:81:07:b9: 3f:9e:21:e8:37:9a:c9:c9:5f:14:22:35:0e:40:97: 57:eb:4f:91:02:e5:0c:70:5a:9d:f9:53:49:ee:d6: 59:6b:51:7c:52:ce:8b:c0:db:c8:3d:5b:5a:76:f6: 57:4f:04:ed:5d:c5:a1:93:ac:1d:16:42:26:72:32: b1:0d:f7:b8:2a:c1:fb:ba:d6:7f:23:ef:f7:2d:a2: 11:39:ae:3b:63:d2:56:a7:e9:45:17:cf:34:80:c1: ed:f1:b8:0b:11:02:c7:73:35:23:3c:e5:3f:ff:17: d0:c8:0f:18:50:65:6c:99:8c:00:49:ec:1e:ca:08: 6e:4a:6e:d4:fa:bf:72:89:7b:3c:6c:22:fd:3e:3c: a7:bf:18:ee:22:02:58:34:75:8e:3e:12:fd:4f:0d: 7d:52:0c:e2:3d:9a:ab:bd:21:5c:1e:a7:6e:1f:d0: 33:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:CF:48:17:18:61:89:E4:D0:6F:88:CC:43:9B:DA:C4:AF:45:A2:83 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a894812d-493e-43f7-8c3a-76a64ad96de7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:4040::/48 Signature Algorithm: sha256WithRSAEncryption 71:23:f0:0d:89:d1:0e:da:3e:c8:ae:e7:b5:e1:48:81:b0:a2: a3:d8:5d:08:f0:cc:1d:c2:b3:de:4a:7c:e5:c7:16:3a:2f:e7: c6:2a:7f:2b:48:c1:c7:cd:45:fd:35:10:61:67:c3:90:86:d3: 95:31:6b:94:b9:6d:fc:a9:d6:53:8c:1a:0c:a6:4a:a4:b1:4d: a9:8e:8b:ee:0c:8c:fe:7c:f9:4c:b3:cd:a8:38:3f:00:d2:d1: c9:a3:65:64:88:6a:8f:92:e8:d3:47:40:a5:53:d9:c3:6e:b4: 2b:df:7b:8c:51:a1:2b:1e:b7:3d:e0:42:d0:87:8d:ba:9a:f3: b4:de:32:9f:ed:d7:7c:ac:3b:81:24:70:ae:95:1d:33:27:dc: 1c:57:aa:a0:7f:30:e0:a2:9d:cd:2e:db:bf:6a:3a:11:93:91: 62:2b:04:3c:55:1a:c5:9e:b3:3a:33:d7:fb:e7:83:20:78:e0: ab:d5:27:cd:d3:11:08:1f:c8:02:2d:47:e1:42:a7:6d:5f:31: d3:e6:bc:bd:94:02:49:24:b2:8b:ec:84:0e:75:c9:5a:11:73: 9b:dc:31:9d:8d:0e:26:cc:cf:a5:92:db:a8:cc:fd:f2:ad:bd: 4f:f8:3b:9e:ca:28:0a:5f:3e:b0:6e:1f:c3:eb:3a:b9:68:26: 1e:95:1a:c8 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUEAvVDvnEn8jyKvyu491qXswhlX4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxODAwMDAwOFoX DTI2MDUxOTIzNTk1OVowejFJMEcGA1UEBRNAOTU0OTliYjljNjZhNmRmY2FlYTk0 ZjU0ZThhZjBhZWY2ZWQ2NDk5NGQwNGZlZGVjODViZmRmMGUxNTIxNTQyMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonV/OfI/9qo+n5r+AU1en+vfjEVG /s8vo2oeiN/oF1/fMC1NSNisJBmJrr8tER5rGU8okHoPyfOXqPQr6wuxP0Tn/Ze1 +lBXZ56cj+bmjGrBbDLjvpKBB7k/niHoN5rJyV8UIjUOQJdX60+RAuUMcFqd+VNJ 7tZZa1F8Us6LwNvIPVtadvZXTwTtXcWhk6wdFkImcjKxDfe4KsH7utZ/I+/3LaIR Oa47Y9JWp+lFF880gMHt8bgLEQLHczUjPOU//xfQyA8YUGVsmYwASeweyghuSm7U +r9yiXs8bCL9PjynvxjuIgJYNHWOPhL9Tw19UgziPZqrvSFcHqduH9AzRwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGvPSBcYYYnk0G+IzEOb2sSvRaKDMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E4OTQ4MTJkLTQ5M2UtNDNmNy04YzNhLTc2YTY0YWQ5NmRlNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYUBAMA0GCSqGSIb3DQEBCwUAA4IBAQBxI/ANidEO2j7Irue1 4UiBsKKj2F0I8MwdwrPeSnzlxxY6L+fGKn8rSMHHzUX9NRBhZ8OQhtOVMWuUuW38 qdZTjBoMpkqksU2pjovuDIz+fPlMs82oOD8A0tHJo2VkiGqPkujTR0ClU9nDbrQr 33uMUaErHrc94ELQh426mvO03jKf7dd8rDuBJHCulR0zJ9wcV6qgfzDgop3NLtu/ ajoRk5FiKwQ8VRrFnrM6M9f754MgeOCr1SfN0xEIH8gCLUfhQqdtXzHT5ry9lAJJ JLKL7IQOdclaEXOb3DGdjQ4mzM+lktuozP3yrb1P+DueyigKXz6wbh/D6zq5aCYe lRrI -----END CERTIFICATE-----Generated at Mon Mar 2 03:24:47 2026 by rpki-client