$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af674e28-8a6b-4881-bc24-1bd1d459637c.roa File: af674e28-8a6b-4881-bc24-1bd1d459637c.roa (raw, json) Hash identifier: YqWcKw/K9pDec9jj6I+xHdqgmTxByMghsJnZJmV07JY= Subject key identifier: 27:66:57:C3:6E:F1:CE:13:7A:9D:C5:CA:69:D1:62:45:F0:71:C2:7C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 74A80A233C996799A2D8DE5A1693181AC826DD62 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af674e28-8a6b-4881-bc24-1bd1d459637c.roa Signing time: Sun 22 Feb 2026 00:10:59 +0000 ROA not before: Sun 22 Feb 2026 00:10:59 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:a8:0a:23:3c:99:67:99:a2:d8:de:5a:16:93:18:1a:c8:26:dd:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:10:59 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=19c1f4361916bc6e9ac9b13f56a1d4922e69f6a0fb1958e2b64739553ec753b4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:8b:e8:75:a8:9d:f7:10:a7:d9:e6:5c:48:ef: ce:2c:84:20:e7:28:68:01:90:c7:20:44:4a:2a:74: 6d:30:16:47:12:ef:9d:26:63:85:d0:f8:49:28:b3: d2:fd:8b:d5:05:ee:f5:ab:d7:48:0d:95:4b:bd:34: bc:81:31:f2:72:a7:7d:a0:c1:58:79:82:09:1a:04: ff:d3:b2:cd:9e:48:f9:fc:82:69:46:2e:ac:fb:10: 08:40:3d:d4:88:30:1d:85:1d:f7:4e:78:a2:4e:dc: 10:44:3a:51:d6:f9:84:e2:12:8c:c3:49:aa:a9:3d: f3:af:97:5b:80:ba:9f:a1:6d:db:37:fa:d9:4d:2c: bf:f3:91:da:77:4c:f2:eb:f5:7a:d6:54:5b:53:ce: 28:ae:97:7c:99:e3:90:c0:a3:4a:61:f1:e3:86:e9: a7:af:f6:ba:87:7b:de:aa:31:6a:39:a8:d1:d9:62: e6:a1:7a:c9:f3:35:50:6c:ea:bc:9c:bb:2c:d9:3e: a6:4f:6c:27:d0:6a:66:52:79:1f:30:a6:f1:6a:87: b5:7c:62:cb:e1:0d:2a:33:ab:00:f6:b7:9c:4f:e3: 4c:7f:d2:46:0e:bb:1f:88:11:83:d5:42:8d:d9:14: 3f:e1:37:e0:5a:bf:c6:6f:fc:0a:95:05:52:2b:a6: ca:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:66:57:C3:6E:F1:CE:13:7A:9D:C5:CA:69:D1:62:45:F0:71:C2:7C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af674e28-8a6b-4881-bc24-1bd1d459637c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:a000::/40 Signature Algorithm: sha256WithRSAEncryption 13:22:8f:d8:ef:4d:66:3f:1f:22:3a:b5:21:41:b0:5c:c8:a6: aa:7b:d6:ee:b4:ed:15:e8:2b:31:a1:fa:00:20:06:f1:20:4f: 2f:f8:d4:be:4d:5a:03:db:21:5f:c1:06:8f:3c:46:d9:5b:6c: 80:22:21:ef:f3:81:91:44:3d:1a:48:2f:31:ee:81:c5:2e:78: c6:a0:a9:bc:0b:a4:f8:6b:7c:40:1f:04:bf:33:ad:c0:eb:7a: 1a:9d:91:3b:7a:45:e0:da:43:ac:5e:5e:8e:8c:7a:48:e0:ee: 04:08:b2:e1:2b:0c:31:24:7e:76:51:c0:ea:f2:ec:d4:15:2e: 60:ff:79:fc:fc:10:12:2d:2d:22:2c:cc:85:a4:f8:19:6d:c3: e7:59:c1:71:42:05:67:e3:0d:4c:72:6a:af:01:e9:3b:0c:3e: 5b:3a:42:bf:5b:52:90:84:c4:41:31:34:07:1e:27:6a:4f:29: 48:97:2c:1c:3d:17:18:26:dd:2a:fc:47:51:28:18:96:56:47: 1f:b7:67:4e:f8:be:74:52:f2:de:9c:73:da:61:59:63:60:cd: 99:6d:ec:a8:91:71:d0:6c:72:1c:40:7a:c8:c5:fa:c5:ff:0d: 9d:50:e9:70:44:6f:c1:c3:f4:16:c4:2f:ce:34:51:91:76:b6: 03:c2:dc:08 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdKgKIzyZZ5mi2N5aFpMYGsgm3WIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMTA1OVoX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAMTljMWY0MzYxOTE2YmM2ZTlhYzli MTNmNTZhMWQ0OTIyZTY5ZjZhMGZiMTk1OGUyYjY0NzM5NTUzZWM3NTNiNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4vodaid9xCn2eZcSO/OLIQg5yho AZDHIERKKnRtMBZHEu+dJmOF0PhJKLPS/YvVBe71q9dIDZVLvTS8gTHycqd9oMFY eYIJGgT/07LNnkj5/IJpRi6s+xAIQD3UiDAdhR33TniiTtwQRDpR1vmE4hKMw0mq qT3zr5dbgLqfoW3bN/rZTSy/85Had0zy6/V61lRbU84orpd8meOQwKNKYfHjhumn r/a6h3veqjFqOajR2WLmoXrJ8zVQbOq8nLss2T6mT2wn0GpmUnkfMKbxaoe1fGLL 4Q0qM6sA9recT+NMf9JGDrsfiBGD1UKN2RQ/4TfgWr/Gb/wKlQVSK6bK/QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCdmV8Nu8c4Tep3FymnRYkXwccJ8MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FmNjc0ZTI4LThhNmItNDg4MS1iYzI0LTFiZDFkNDU5NjM3Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoKAwDQYJKoZIhvcNAQELBQADggEBABMij9jvTWY/HyI6tSFB sFzIpqp71u607RXoKzGh+gAgBvEgTy/41L5NWgPbIV/BBo88RtlbbIAiIe/zgZFE PRpILzHugcUueMagqbwLpPhrfEAfBL8zrcDrehqdkTt6ReDaQ6xeXo6Mekjg7gQI suErDDEkfnZRwOry7NQVLmD/efz8EBItLSIszIWk+Bltw+dZwXFCBWfjDUxyaq8B 6TsMPls6Qr9bUpCExEExNAceJ2pPKUiXLBw9Fxgm3Sr8R1EoGJZWRx+3Z074vnRS 8t6cc9phWWNgzZlt7KiRcdBschxAesjF+sX/DZ1Q6XBEb8HD9BbEL840UZF2tgPC 3Ag= -----END CERTIFICATE-----Generated at Sun Mar 1 23:50:57 2026 by rpki-client