$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a9812ae5-6cb6-43be-82bc-429f2e7be616.roa File: a9812ae5-6cb6-43be-82bc-429f2e7be616.roa (raw, json) Hash identifier: 5igdSVBrINBhviP3hXEbe3nemRdBaVCrh0K46UYm/js= Subject key identifier: BC:71:51:F6:EA:B0:DC:1C:ED:C7:37:11:A2:62:14:26:2D:74:49:41 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 43F70D09280ED081C30789CD0600ED0F00335CAC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a9812ae5-6cb6-43be-82bc-429f2e7be616.roa Signing time: Sun 22 Feb 2026 00:40:06 +0000 ROA not before: Sun 22 Feb 2026 00:40:06 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da11:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:f7:0d:09:28:0e:d0:81:c3:07:89:cd:06:00:ed:0f:00:33:5c:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:40:06 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=8776e628fa32bdae484b97bd7012ced4702ccebbbb6fb2b476c1cb134155e935, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:f0:0b:c4:86:1a:ff:37:0c:c0:ac:7c:12:07: 98:11:9c:77:c5:2f:25:73:c5:fd:54:7e:a4:c4:56: 03:d9:e2:4e:5b:59:34:5a:29:11:f7:36:f1:66:3a: 2a:d4:e6:4f:6e:64:15:67:20:51:f5:d8:2b:e7:41: 66:af:3a:f4:ae:d5:df:78:52:73:4b:af:a1:9e:e2: 8b:ea:20:cd:ce:9c:7c:85:7d:b8:d1:14:25:35:44: c9:1d:74:d8:07:8e:8c:2b:45:f0:ef:4b:41:c0:c4: f9:ac:ee:48:5e:a5:f9:7b:39:9c:60:af:3e:76:49: 43:8e:0c:7c:c4:ca:78:59:8b:29:4e:79:de:7a:77: 47:4d:b0:47:fc:2f:c0:b2:64:af:f4:8e:bf:1e:b5: 70:ec:7f:56:91:f9:88:65:0c:c5:0b:7f:bd:f8:f6: 62:04:7f:4f:3c:e2:3c:ee:ef:6e:2e:a2:43:b0:ba: d5:1f:0b:3e:4d:46:b1:6b:0b:cc:8c:09:e4:57:a9: 10:5c:dc:e9:c0:70:2f:51:2c:29:46:d1:b6:b8:21: b3:b5:62:7d:a5:08:3d:23:18:4d:5e:91:82:a7:6b: 72:24:e9:a0:eb:21:0d:ff:8f:e5:41:a6:82:9b:7d: d8:9c:92:70:c5:0c:5f:4a:e7:99:32:3e:6d:58:29: a5:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:71:51:F6:EA:B0:DC:1C:ED:C7:37:11:A2:62:14:26:2D:74:49:41 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a9812ae5-6cb6-43be-82bc-429f2e7be616.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da11:c00::/38 Signature Algorithm: sha256WithRSAEncryption 16:6d:c1:2a:c4:fa:59:98:9d:49:21:06:0d:61:3f:d7:17:32: 90:f4:59:31:cf:e9:76:66:90:97:67:d9:1e:5f:57:3b:0b:ee: 0e:10:99:8c:17:b9:3f:4a:4e:1b:e0:a4:78:d1:e7:b8:48:c4: 9a:ff:3c:9c:47:c0:e6:0e:29:e2:a3:02:e9:2f:2e:6e:13:5d: 15:ff:f1:37:75:d1:53:a8:6b:88:f9:1b:e7:21:71:e0:6b:61: 7f:c7:8f:9d:6a:f0:ce:70:f8:2d:0f:c7:7f:4f:68:60:d7:de: 1b:8e:61:fa:ff:1d:fb:7e:33:ec:ad:c8:69:9f:90:cf:89:d1: 85:22:b1:9d:ee:44:74:28:31:db:8d:67:6f:d4:8e:da:9d:61: f7:db:8a:bd:12:eb:cb:7c:a4:12:87:a0:e6:fa:1f:fe:88:6a: 72:32:11:64:3b:5d:13:6a:6a:06:31:95:55:20:d1:81:cf:d2: 90:2e:3d:67:36:b4:24:1d:28:5c:ec:fd:e8:77:ad:6a:a8:95: 00:3a:bc:2d:08:b0:ae:f8:cd:fb:98:7a:eb:7b:05:dc:9f:0d: 8a:ec:0b:bb:62:9e:5b:88:67:9c:af:4a:c7:d2:0d:6a:49:7b: 7f:ef:d3:6c:e8:9c:e8:1d:23:88:52:50:b6:34:66:b2:ac:a2: 86:90:28:f6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQ/cNCSgO0IHDB4nNBgDtDwAzXKwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwNDAwNloX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAODc3NmU2MjhmYTMyYmRhZTQ4NGI5 N2JkNzAxMmNlZDQ3MDJjY2ViYmJiNmZiMmI0NzZjMWNiMTM0MTU1ZTkzNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/ALxIYa/zcMwKx8EgeYEZx3xS8l c8X9VH6kxFYD2eJOW1k0WikR9zbxZjoq1OZPbmQVZyBR9dgr50Fmrzr0rtXfeFJz S6+hnuKL6iDNzpx8hX240RQlNUTJHXTYB46MK0Xw70tBwMT5rO5IXqX5ezmcYK8+ dklDjgx8xMp4WYspTnneendHTbBH/C/AsmSv9I6/HrVw7H9WkfmIZQzFC3+9+PZi BH9PPOI87u9uLqJDsLrVHws+TUaxawvMjAnkV6kQXNzpwHAvUSwpRtG2uCGztWJ9 pQg9IxhNXpGCp2tyJOmg6yEN/4/lQaaCm33YnJJwxQxfSueZMj5tWCml9QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLxxUfbqsNwc7cc3EaJiFCYtdElBMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E5ODEyYWU1LTZjYjYtNDNiZS04MmJjLTQyOWYyZTdiZTYxNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaEQwwDQYJKoZIhvcNAQELBQADggEBABZtwSrE+lmYnUkhBg1h P9cXMpD0WTHP6XZmkJdn2R5fVzsL7g4QmYwXuT9KThvgpHjR57hIxJr/PJxHwOYO KeKjAukvLm4TXRX/8Td10VOoa4j5G+chceBrYX/Hj51q8M5w+C0Px39PaGDX3huO Yfr/Hft+M+ytyGmfkM+J0YUisZ3uRHQoMduNZ2/UjtqdYffbir0S68t8pBKHoOb6 H/6IanIyEWQ7XRNqagYxlVUg0YHP0pAuPWc2tCQdKFzs/eh3rWqolQA6vC0IsK74 zfuYeut7BdyfDYrsC7tinluIZ5yvSsfSDWpJe3/v02zonOgdI4hSULY0ZrKsooaQ KPY= -----END CERTIFICATE-----Generated at Sun Mar 1 22:08:51 2026 by rpki-client