$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aed464c0-6a36-4536-957a-b9c0a5a51ca2.roa File: aed464c0-6a36-4536-957a-b9c0a5a51ca2.roa (raw, json) Hash identifier: lamnr/bIcF/xlPgGK3M4QVxAxR6ODVayMuspWwFA0z8= Subject key identifier: AC:A1:3E:5A:09:F4:3E:7E:DF:E5:9C:2C:B2:FA:7A:EB:5E:92:22:77 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 60AA6FF000F970979237813C0DE5FD53616C77EA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aed464c0-6a36-4536-957a-b9c0a5a51ca2.roa Signing time: Sun 22 Feb 2026 00:40:05 +0000 ROA not before: Sun 22 Feb 2026 00:40:05 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:2800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:aa:6f:f0:00:f9:70:97:92:37:81:3c:0d:e5:fd:53:61:6c:77:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:40:05 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=d75ca5ff5544576eed2a74cae1ccf653a1b9ab6700d7c74f7b7e58faea95b325, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:d9:27:62:ff:fa:cf:70:a9:fc:d6:64:67:07: ca:60:df:8f:08:54:47:1e:32:0e:01:14:e5:b1:5a: 27:d1:2f:52:2c:13:50:1f:2b:62:7d:23:ed:6a:e1: 9f:55:35:26:f0:b6:3f:41:25:0a:17:a9:56:8e:84: 90:69:55:6f:5f:6f:89:fd:b1:a4:a8:ea:f2:f2:68: b6:2f:d4:16:91:82:45:3b:29:3d:2e:7f:b7:76:06: 85:41:7b:53:20:38:6c:2a:40:15:51:cb:94:4c:6f: c1:15:55:35:d9:95:2d:f2:de:2b:3c:92:d2:1e:70: dd:53:a9:a9:f3:51:bd:ee:65:68:88:b7:aa:75:91: 67:07:1d:17:63:68:eb:e9:cd:a5:b0:68:05:1c:ad: 40:ee:65:48:49:a9:e0:39:01:50:f7:9a:0f:2d:16: df:45:b7:6d:2b:88:31:ef:a6:7b:a2:82:4d:a4:d8: 36:9c:50:18:0b:b6:22:60:44:69:84:07:40:89:b1: 03:7a:dd:81:fd:20:a4:de:c0:5d:50:7a:ba:87:5f: e2:6f:57:7b:bb:58:ea:7f:bb:ac:f5:62:24:78:b3: 30:38:16:7a:f9:2c:01:b8:f4:f3:86:97:5e:88:62: f6:8b:85:17:9d:68:1f:8d:a4:5e:a3:1e:5a:56:a8: de:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:A1:3E:5A:09:F4:3E:7E:DF:E5:9C:2C:B2:FA:7A:EB:5E:92:22:77 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aed464c0-6a36-4536-957a-b9c0a5a51ca2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:2800::/40 Signature Algorithm: sha256WithRSAEncryption 3b:4a:e7:c6:07:fb:41:b1:66:26:f0:b3:24:57:6e:e3:55:34: 35:26:85:a1:f1:18:a1:54:0f:99:a9:d5:03:38:96:7f:00:0b: 48:4c:b8:08:63:3d:9e:e9:23:b6:bd:b7:a4:46:35:99:87:11: 70:b8:f8:c4:7d:6b:43:00:b0:6e:20:46:9e:42:7d:5f:53:da: 26:41:13:4e:0a:1a:47:85:1c:f3:fd:87:4f:b4:f7:57:69:74: 6b:3e:76:02:75:a4:2c:07:af:ea:b4:6a:49:0f:84:c1:a8:1a: 90:ec:f0:1d:06:1f:e0:3b:18:3b:f5:67:80:86:b3:08:0a:e9: cc:8e:92:c3:9a:db:70:3c:be:41:7d:a6:78:9c:18:df:4c:07: ab:da:ca:3e:62:29:17:88:d0:b4:26:27:16:6d:06:a6:8a:31: dd:df:78:18:2e:ae:2a:1b:d8:f0:b6:d4:1c:6f:27:ff:35:50: a7:42:0c:99:6d:d0:44:86:ba:f4:79:93:62:df:ab:07:02:29: be:91:25:e8:c1:c4:b4:19:50:35:8b:e7:86:27:05:16:01:77: b5:5e:89:25:53:c3:11:08:85:e5:43:ce:69:36:27:9a:71:f2: f0:1e:e0:d1:d7:3a:b8:6a:36:93:c7:48:df:f6:94:9a:e2:67: 09:10:1b:70 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUYKpv8AD5cJeSN4E8DeX9U2Fsd+owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwNDAwNVoX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAZDc1Y2E1ZmY1NTQ0NTc2ZWVkMmE3 NGNhZTFjY2Y2NTNhMWI5YWI2NzAwZDdjNzRmN2I3ZTU4ZmFlYTk1YjMyNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytknYv/6z3Cp/NZkZwfKYN+PCFRH HjIOARTlsVon0S9SLBNQHytifSPtauGfVTUm8LY/QSUKF6lWjoSQaVVvX2+J/bGk qOry8mi2L9QWkYJFOyk9Ln+3dgaFQXtTIDhsKkAVUcuUTG/BFVU12ZUt8t4rPJLS HnDdU6mp81G97mVoiLeqdZFnBx0XY2jr6c2lsGgFHK1A7mVISangOQFQ95oPLRbf RbdtK4gx76Z7ooJNpNg2nFAYC7YiYERphAdAibEDet2B/SCk3sBdUHq6h1/ib1d7 u1jqf7us9WIkeLMwOBZ6+SwBuPTzhpdeiGL2i4UXnWgfjaReox5aVqje8QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKyhPloJ9D5+3+WcLLL6eutekiJ3MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FlZDQ2NGMwLTZhMzYtNDUzNi05NTdhLWI5YzBhNWE1MWNhMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8SgwDQYJKoZIhvcNAQELBQADggEBADtK58YH+0GxZibwsyRX buNVNDUmhaHxGKFUD5mp1QM4ln8AC0hMuAhjPZ7pI7a9t6RGNZmHEXC4+MR9a0MA sG4gRp5CfV9T2iZBE04KGkeFHPP9h0+091dpdGs+dgJ1pCwHr+q0akkPhMGoGpDs 8B0GH+A7GDv1Z4CGswgK6cyOksOa23A8vkF9pnicGN9MB6vayj5iKReI0LQmJxZt BqaKMd3feBguriob2PC21BxvJ/81UKdCDJlt0ESGuvR5k2LfqwcCKb6RJejBxLQZ UDWL54YnBRYBd7VeiSVTwxEIheVDzmk2J5px8vAe4NHXOrhqNpPHSN/2lJriZwkQ G3A= -----END CERTIFICATE-----Generated at Sun Mar 1 23:50:52 2026 by rpki-client