$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/acf96eac-505d-42a3-ad3b-20402c0f43ed.roa File: acf96eac-505d-42a3-ad3b-20402c0f43ed.roa (raw, json) Hash identifier: P46L+dfAww+K9xKp60r347IF4ww+jkitIcaFrEqT9Yk= Subject key identifier: 72:0D:27:B8:71:FB:56:49:49:EB:B2:63:58:91:2E:2D:9C:5C:A1:A9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5FF28753A9BC81FADE639CB3D2B48220739E2AC9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/acf96eac-505d-42a3-ad3b-20402c0f43ed.roa Signing time: Sun 22 Feb 2026 00:20:51 +0000 ROA not before: Sun 22 Feb 2026 00:20:51 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1d::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:f2:87:53:a9:bc:81:fa:de:63:9c:b3:d2:b4:82:20:73:9e:2a:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:20:51 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=785030da2913f41e9d6ead0f8f8179da8fba29eea81d19b863166895c1db0799, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:bd:d8:b4:7f:2a:a2:35:dc:12:ca:55:4c:de: b0:45:70:d4:7b:bc:ee:3c:36:41:dd:6e:2a:ef:29: 11:8a:8a:a4:a6:b6:eb:99:1e:b1:a7:ab:26:0f:84: 25:9e:ac:21:5a:c8:23:d3:3c:34:73:6a:48:80:cf: c0:b3:5c:fe:c0:8f:25:1e:0d:ae:a5:21:e2:0c:55: 0b:dc:2e:88:63:f5:93:3a:74:b2:63:ed:5b:79:df: e3:73:04:16:ad:90:56:12:ff:3b:ca:d6:4d:bb:d8: c3:10:bf:55:23:a6:53:8c:e9:e5:70:74:12:46:fa: 47:2e:77:27:2b:d2:e4:e9:ee:b6:17:d5:13:bb:cc: c1:a4:96:98:76:f0:32:d3:53:c7:13:13:10:2a:7d: 28:6f:aa:3e:22:01:77:33:b7:e3:eb:17:a1:b3:3a: 3e:fc:35:61:73:55:8d:8d:f0:61:7c:43:2b:63:66: 74:49:b1:a5:04:4f:92:00:2a:0a:63:70:4c:5a:48: 0d:1d:d9:a3:58:5d:3c:3e:1c:aa:94:32:38:de:12: dd:e3:94:da:7e:24:dc:02:73:e2:75:4c:58:98:0f: c2:0b:75:ab:66:f5:fc:cb:23:c0:39:66:f8:22:f2: 5e:52:13:d9:37:88:ad:c0:c8:f6:db:43:8d:01:65: 67:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:0D:27:B8:71:FB:56:49:49:EB:B2:63:58:91:2E:2D:9C:5C:A1:A9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/acf96eac-505d-42a3-ad3b-20402c0f43ed.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1d::/36 Signature Algorithm: sha256WithRSAEncryption 42:8c:2e:36:07:c6:e6:95:09:63:3f:fe:c3:70:c5:6c:f2:22: f3:ce:26:83:ee:dd:8e:cf:1e:7a:29:bc:f2:f0:74:50:cd:00: a7:cb:a4:e5:2d:08:cf:03:e2:9b:8c:1e:98:fa:bb:a7:7b:58: 15:eb:36:6d:ef:b3:03:79:2c:46:b3:4f:b7:6c:fc:33:cd:66: c4:62:68:5b:8d:8b:1a:ac:a1:5a:18:66:16:31:c8:1a:96:34: 34:15:57:6d:ce:2c:4f:44:85:3f:be:fd:eb:cd:53:81:50:e3: 16:cc:1f:10:47:8e:85:1b:1b:bc:0c:e8:75:dd:66:03:78:45: e5:f5:a2:b4:d4:c7:e5:99:c9:7a:2c:63:77:5e:d0:b3:40:a4: c4:b6:39:92:74:fb:f6:d3:b3:ea:e5:2b:8b:ad:6c:81:dc:2f: f3:8a:f6:bb:2b:85:a9:44:b8:c6:f2:cc:98:8f:f7:b6:d9:03: 5d:08:87:12:f0:05:44:a7:bc:6c:39:1b:21:40:e5:ba:4a:9a: 0c:01:b1:00:ab:31:4e:d7:d4:d8:c3:bb:53:e5:d0:03:03:7d: 19:1e:2c:11:79:c8:eb:47:74:5f:8d:3c:83:e5:cb:05:7e:99: df:ea:48:91:1b:a0:68:88:8d:61:9f:dd:55:d0:19:c7:b6:82: e6:ec:37:cd -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUX/KHU6m8gfreY5yz0rSCIHOeKskwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMjA1MVoX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNANzg1MDMwZGEyOTEzZjQxZTlkNmVh ZDBmOGY4MTc5ZGE4ZmJhMjllZWE4MWQxOWI4NjMxNjY4OTVjMWRiMDc5OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqb3YtH8qojXcEspVTN6wRXDUe7zu PDZB3W4q7ykRioqkprbrmR6xp6smD4QlnqwhWsgj0zw0c2pIgM/As1z+wI8lHg2u pSHiDFUL3C6IY/WTOnSyY+1bed/jcwQWrZBWEv87ytZNu9jDEL9VI6ZTjOnlcHQS RvpHLncnK9Lk6e62F9UTu8zBpJaYdvAy01PHExMQKn0ob6o+IgF3M7fj6xehszo+ /DVhc1WNjfBhfEMrY2Z0SbGlBE+SACoKY3BMWkgNHdmjWF08PhyqlDI43hLd45Ta fiTcAnPidUxYmA/CC3WrZvX8yyPAOWb4IvJeUhPZN4itwMj220ONAWVnjQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHINJ7hx+1ZJSeuyY1iRLi2cXKGpMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FjZjk2ZWFjLTUwNWQtNDJhMy1hZDNiLTIwNDAyYzBmNDNlZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaHQAwDQYJKoZIhvcNAQELBQADggEBAEKMLjYHxuaVCWM//sNw xWzyIvPOJoPu3Y7PHnopvPLwdFDNAKfLpOUtCM8D4puMHpj6u6d7WBXrNm3vswN5 LEazT7ds/DPNZsRiaFuNixqsoVoYZhYxyBqWNDQVV23OLE9EhT++/evNU4FQ4xbM HxBHjoUbG7wM6HXdZgN4ReX1orTUx+WZyXosY3de0LNApMS2OZJ0+/bTs+rlK4ut bIHcL/OK9rsrhalEuMbyzJiP97bZA10IhxLwBUSnvGw5GyFA5bpKmgwBsQCrMU7X 1NjDu1Pl0AMDfRkeLBF5yOtHdF+NPIPlywV+md/qSJEboGiIjWGf3VXQGce2gubs N80= -----END CERTIFICATE-----Generated at Mon Mar 2 07:07:57 2026 by rpki-client