$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa File: aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa (raw, json) Hash identifier: cIovzb1vG00lXgIdshYKOKIKAnDjTLz4TEE1OzCmNaU= Subject key identifier: 6E:21:50:DF:1D:A3:93:3C:10:5E:39:07:CA:26:0E:79:9D:31:7B:FF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7EC42417AE15B9729B8EFC9AF973AA1DADE42939 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa Signing time: Tue 10 Feb 2026 00:00:12 +0000 ROA not before: Tue 10 Feb 2026 00:00:12 +0000 ROA not after: Mon 11 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:c4:24:17:ae:15:b9:72:9b:8e:fc:9a:f9:73:aa:1d:ad:e4:29:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 10 00:00:12 2026 GMT Not After : May 11 23:59:59 2026 GMT Subject: serialNumber=0eb2e4d2c71c7d661dcff4cf059ae54091f67d611e73ecdcef553550f1f0db91, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:fc:3f:a6:b2:13:ca:88:ca:82:f2:92:6b:af: 42:3a:d5:47:19:8c:c4:ca:fd:95:a9:da:b9:9c:8d: 9a:7b:0c:e1:d8:56:35:7f:0b:93:24:23:23:43:00: fe:c6:04:2e:88:46:d5:f9:34:d8:61:2d:35:b5:ca: d2:c4:7c:e3:89:73:0d:4c:67:52:9d:62:f3:28:7a: 66:7f:82:49:51:89:c9:84:80:f4:64:3c:a3:31:2d: 77:f2:b8:82:f7:c1:14:8b:9f:81:66:63:23:87:51: 09:df:28:1e:4d:da:85:78:74:20:6d:42:b1:b8:59: 12:72:31:2d:36:2c:a8:0f:cd:4e:c3:23:f7:53:22: 5d:de:d8:ce:e2:15:f1:c3:8d:35:48:9c:2e:be:5e: 2e:f1:c3:17:a8:38:2b:13:a0:ea:7e:0a:af:ee:5e: 2f:c7:5b:f2:1d:11:d1:c1:4b:20:ba:d0:95:c1:72: f4:a2:4f:a8:11:4c:4a:f7:2d:c3:e1:b4:3d:99:8d: f2:83:28:4c:99:24:16:9f:fc:67:cc:2f:37:5d:17: f4:4e:b7:aa:02:6a:70:5a:c2:6c:79:d2:ca:02:ab: 62:f0:bc:af:f4:31:8c:a4:55:34:65:83:71:c0:87: 51:9a:95:59:01:9e:b4:d8:eb:ec:8b:1f:6b:49:7e: 9a:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:21:50:DF:1D:A3:93:3C:10:5E:39:07:CA:26:0E:79:9D:31:7B:FF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:a000::/40 Signature Algorithm: sha256WithRSAEncryption 45:47:96:ce:85:46:e0:42:cd:cc:99:f7:39:af:8e:1f:d0:57: 83:00:34:9a:1f:3d:04:9c:c3:b2:f6:14:fa:b5:92:51:35:9c: df:ee:da:fc:e4:95:d4:e9:19:ee:60:d3:ed:96:82:c2:60:d2: 78:9a:05:d1:de:dd:45:cc:66:35:d9:d8:fd:0d:06:6e:a2:45: 73:6c:9b:b4:c8:98:cb:f5:ea:57:bb:25:0d:39:a0:f1:ef:af: 8c:25:8c:22:f5:ac:5c:26:2f:e0:a3:55:99:05:9f:4f:03:ff: 9c:5d:00:9c:7c:ad:b8:e0:ff:3e:21:8d:4a:d1:df:ef:e0:50: cd:89:70:6d:ad:c8:2e:40:61:13:cf:e0:1e:e5:ce:b1:75:a4: b2:8f:3b:a7:42:c8:e3:8f:5f:95:d9:a3:92:15:b7:0d:f1:c0: 73:4b:b9:aa:e6:bd:41:b8:77:10:04:53:a7:10:40:8c:53:e9: ee:97:16:38:66:d2:9a:3e:d5:1d:2b:e4:28:a9:3d:1f:72:bd: 84:79:78:a1:b2:bc:0d:23:3f:80:e0:2d:7c:42:65:f9:5f:69: 09:99:ff:0e:09:ca:b6:2c:b6:af:a5:90:2f:90:77:6d:d6:0e: b5:f5:24:51:14:75:b9:cc:d2:68:12:69:ec:b6:6a:be:ad:eb: 05:d1:bb:92 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfsQkF64VuXKbjvya+XOqHa3kKTkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxMDAwMDAxMloX DTI2MDUxMTIzNTk1OVowejFJMEcGA1UEBRNAMGViMmU0ZDJjNzFjN2Q2NjFkY2Zm NGNmMDU5YWU1NDA5MWY2N2Q2MTFlNzNlY2RjZWY1NTM1NTBmMWYwZGI5MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfw/prITyojKgvKSa69COtVHGYzE yv2Vqdq5nI2aewzh2FY1fwuTJCMjQwD+xgQuiEbV+TTYYS01tcrSxHzjiXMNTGdS nWLzKHpmf4JJUYnJhID0ZDyjMS138riC98EUi5+BZmMjh1EJ3ygeTdqFeHQgbUKx uFkScjEtNiyoD81OwyP3UyJd3tjO4hXxw401SJwuvl4u8cMXqDgrE6Dqfgqv7l4v x1vyHRHRwUsgutCVwXL0ok+oEUxK9y3D4bQ9mY3ygyhMmSQWn/xnzC83XRf0Treq AmpwWsJsedLKAqti8Lyv9DGMpFU0ZYNxwIdRmpVZAZ602Ovsix9rSX6aAwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFG4hUN8do5M8EF45B8omDnmdMXv/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FiYTIzMThjLWU5NmEtNDA1OC04ZTBjLTVhY2EyYjU2YWFkOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMqAwDQYJKoZIhvcNAQELBQADggEBAEVHls6FRuBCzcyZ9zmv jh/QV4MANJofPQScw7L2FPq1klE1nN/u2vzkldTpGe5g0+2WgsJg0niaBdHe3UXM ZjXZ2P0NBm6iRXNsm7TImMv16le7JQ05oPHvr4wljCL1rFwmL+CjVZkFn08D/5xd AJx8rbjg/z4hjUrR3+/gUM2JcG2tyC5AYRPP4B7lzrF1pLKPO6dCyOOPX5XZo5IV tw3xwHNLuarmvUG4dxAEU6cQQIxT6e6XFjhm0po+1R0r5CipPR9yvYR5eKGyvA0j P4DgLXxCZflfaQmZ/w4JyrYstq+lkC+Qd23WDrX1JFEUdbnM0mgSaey2ar6t6wXR u5I= -----END CERTIFICATE-----Generated at Sun Mar 1 21:54:51 2026 by rpki-client