$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afd5a2d0-5e14-4939-9e39-1f9f26e2f67e.roa File: afd5a2d0-5e14-4939-9e39-1f9f26e2f67e.roa (raw, json) Hash identifier: MIB/TpH4WnY4JEViMXQV+mFKGF8WeQYOBaSNGjU+oSM= Subject key identifier: 8D:E3:97:1D:45:AC:9B:26:4D:9B:65:EC:45:0A:EF:54:4D:EB:2F:5D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5D1A2739060D75AD1AD855C784C6126039391F38 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afd5a2d0-5e14-4939-9e39-1f9f26e2f67e.roa Signing time: Sat 28 Feb 2026 00:00:54 +0000 ROA not before: Sat 28 Feb 2026 00:00:54 +0000 ROA not after: Fri 29 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da1a:8000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:1a:27:39:06:0d:75:ad:1a:d8:55:c7:84:c6:12:60:39:39:1f:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 28 00:00:54 2026 GMT Not After : May 29 23:59:59 2026 GMT Subject: serialNumber=ffdd250c3fcfe4cf2d18fb2cda21897a43c0b31fd12ba49c7cc0e9fe0b80611c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:4f:e8:b4:28:df:cd:d8:86:e9:0d:e1:9b:82: 31:cc:01:9e:11:5d:b9:35:7d:b1:07:70:0b:4f:14: 5c:34:4f:41:e8:9e:49:5b:16:1a:80:ea:a6:39:52: 68:28:f3:a3:45:4a:c0:1f:3a:7e:b8:51:a7:5f:2b: 6a:80:dc:6b:78:76:d4:5f:00:62:1d:bb:2a:3e:8e: ba:a9:4e:cc:6d:21:45:4a:a2:fa:40:c5:b9:b3:c8: 02:db:9f:6f:b3:eb:02:51:0a:d2:dd:b7:00:4e:d6: 27:68:18:a6:78:86:01:b1:d8:40:39:6c:69:fb:d8: 5f:f8:87:e8:fe:1d:d0:6c:b2:c9:d6:d7:86:47:fe: 13:f7:88:2c:82:5d:d2:d4:4a:13:0f:f2:2c:73:53: 96:05:87:2d:fc:6c:03:41:00:15:90:09:49:e2:ac: 48:fb:eb:69:bb:d9:6c:b5:02:aa:e3:2a:19:ed:71: cb:6d:3a:fe:87:25:fa:dc:ba:a1:3f:f6:44:d2:be: e8:40:0a:4d:6a:fc:42:52:91:91:dd:71:1e:8d:22: 03:ff:4a:52:c8:89:73:d8:45:5f:a1:c7:74:9a:57: ab:d1:03:2a:6b:81:4a:31:c5:9c:0d:e6:2f:5d:97: 6e:fe:06:1a:0d:be:02:1e:37:b1:81:52:5d:a5:57: 2b:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:E3:97:1D:45:AC:9B:26:4D:9B:65:EC:45:0A:EF:54:4D:EB:2F:5D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afd5a2d0-5e14-4939-9e39-1f9f26e2f67e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da1a:8000::/36 Signature Algorithm: sha256WithRSAEncryption 62:b2:a5:67:4f:f0:fa:0d:a7:0f:24:33:12:c3:eb:77:7b:44: 77:29:10:ad:d0:99:e1:2d:1c:e9:38:79:d5:1d:c2:b7:42:dd: ab:f3:15:0d:eb:8c:7a:b7:20:c3:cf:c3:b9:80:d1:a3:45:08: 2c:99:8a:5a:50:e2:d8:a8:53:29:0a:a8:d1:df:d8:3f:1c:6f: 99:bd:33:e3:00:09:87:01:81:0d:ae:f2:09:1d:0d:fd:a8:62: 0f:d8:e9:27:c1:20:c7:92:17:19:e6:51:41:ea:27:ab:f5:8b: 77:0c:c3:0c:51:35:0c:5e:5a:16:30:99:af:4c:fc:c5:ba:50: cb:37:db:fa:89:f1:d1:d7:b8:72:9b:c8:1a:df:3f:51:97:25: 06:7e:ec:73:89:bd:2a:1c:69:30:be:cb:12:70:b0:e7:1b:c8: 84:88:88:23:99:f7:46:dd:f6:9a:01:16:26:20:f3:5a:dc:55: 89:77:44:47:c4:b3:30:a8:71:cd:25:fc:17:7f:81:47:f6:aa: b1:f4:d4:d2:58:5c:6e:b6:fd:80:92:1c:a4:3c:47:d9:cb:ce: df:50:e5:02:44:b9:25:58:a8:18:ca:1f:e5:bb:42:fa:c6:b8: b9:1c:15:d0:36:c3:fe:eb:ad:d2:ed:28:be:da:58:72:96:55: ec:db:1b:ca -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUXRonOQYNda0a2FXHhMYSYDk5HzgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyODAwMDA1NFoX DTI2MDUyOTIzNTk1OVowejFJMEcGA1UEBRNAZmZkZDI1MGMzZmNmZTRjZjJkMThm YjJjZGEyMTg5N2E0M2MwYjMxZmQxMmJhNDljN2NjMGU5ZmUwYjgwNjExYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0/otCjfzdiG6Q3hm4IxzAGeEV25 NX2xB3ALTxRcNE9B6J5JWxYagOqmOVJoKPOjRUrAHzp+uFGnXytqgNxreHbUXwBi HbsqPo66qU7MbSFFSqL6QMW5s8gC259vs+sCUQrS3bcATtYnaBimeIYBsdhAOWxp +9hf+Ifo/h3QbLLJ1teGR/4T94gsgl3S1EoTD/Isc1OWBYct/GwDQQAVkAlJ4qxI ++tpu9lstQKq4yoZ7XHLbTr+hyX63LqhP/ZE0r7oQApNavxCUpGR3XEejSID/0pS yIlz2EVfocd0mler0QMqa4FKMcWcDeYvXZdu/gYaDb4CHjexgVJdpVcrpQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFI3jlx1FrJsmTZtl7EUK71RN6y9dMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FmZDVhMmQwLTVlMTQtNDkzOS05ZTM5LTFmOWYyNmUyZjY3ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaGoAwDQYJKoZIhvcNAQELBQADggEBAGKypWdP8PoNpw8kMxLD 63d7RHcpEK3QmeEtHOk4edUdwrdC3avzFQ3rjHq3IMPPw7mA0aNFCCyZilpQ4tio UykKqNHf2D8cb5m9M+MACYcBgQ2u8gkdDf2oYg/Y6SfBIMeSFxnmUUHqJ6v1i3cM wwxRNQxeWhYwma9M/MW6UMs32/qJ8dHXuHKbyBrfP1GXJQZ+7HOJvSocaTC+yxJw sOcbyISIiCOZ90bd9poBFiYg81rcVYl3REfEszCocc0l/Bd/gUf2qrH01NJYXG62 /YCSHKQ8R9nLzt9Q5QJEuSVYqBjKH+W7QvrGuLkcFdA2w/7rrdLtKL7aWHKWVezb G8o= -----END CERTIFICATE-----Generated at Sun Mar 1 21:56:21 2026 by rpki-client