$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b0ca5e8d-a5db-413e-a44b-fb88d0d8f8ce.roa File: b0ca5e8d-a5db-413e-a44b-fb88d0d8f8ce.roa (raw, json) Hash identifier: vngkngzBXRhkICInx4BOjY98dnRx3vepUtYRpBV2SmU= Subject key identifier: 63:67:1D:7B:55:50:C3:F4:68:A6:94:80:12:1B:1B:53:CD:9F:CF:20 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1B9780110C8620FC15E60A4B50BE31BF4DFB5734 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b0ca5e8d-a5db-413e-a44b-fb88d0d8f8ce.roa Signing time: Wed 11 Feb 2026 00:10:09 +0000 ROA not before: Wed 11 Feb 2026 00:10:09 +0000 ROA not after: Tue 12 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:9000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:97:80:11:0c:86:20:fc:15:e6:0a:4b:50:be:31:bf:4d:fb:57:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 11 00:10:09 2026 GMT Not After : May 12 23:59:59 2026 GMT Subject: serialNumber=8b86bd2ade3e3101e547c5945ad70ec284b41c8c91ebd0397e45761097eed11e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:bc:5f:f0:87:d4:2a:bf:97:9d:97:5d:dd:c0: 93:e3:97:76:be:6d:96:c9:9d:f4:e7:dd:0d:05:d3: 99:a9:ab:a3:26:e4:b0:76:2a:3d:06:cf:33:0e:46: 38:0b:4a:dc:20:8b:ad:e2:d9:e5:ad:76:ea:ff:ef: 93:7f:5c:cd:18:7d:69:68:fd:78:84:05:ad:b5:de: 26:2e:ce:c1:b6:13:18:37:e1:f8:23:5f:33:22:4a: bd:83:79:84:16:d7:91:c0:72:69:6d:1e:61:f5:d8: ad:f7:d6:e0:86:86:58:88:05:df:cd:cb:c0:09:06: 41:ad:9b:23:28:e6:83:0e:c6:7d:96:19:69:ac:6f: 05:71:7a:f5:70:6a:b2:7f:b9:6f:eb:3d:47:13:84: a9:e0:dd:ee:e4:83:35:54:68:74:0f:f1:85:f4:55: f4:8a:07:3b:a3:8b:33:9d:95:9a:e1:cb:ee:55:02: e0:89:39:04:f4:d1:9f:b4:b0:4a:e6:dd:43:e5:8f: 72:45:34:c1:ab:c4:1c:ab:92:45:29:29:ed:72:be: 46:81:50:ec:b9:45:3f:ca:06:9b:df:4c:d0:bb:54: 8a:b7:76:17:e8:03:21:aa:f7:17:d7:77:a8:9a:80: 4f:4a:7f:35:0f:4f:18:ed:5a:fa:05:f1:29:84:21: 7e:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:67:1D:7B:55:50:C3:F4:68:A6:94:80:12:1B:1B:53:CD:9F:CF:20 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b0ca5e8d-a5db-413e-a44b-fb88d0d8f8ce.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:9000::/40 Signature Algorithm: sha256WithRSAEncryption 8d:a4:c4:f4:2b:b2:67:60:1e:29:89:62:f6:56:f0:29:b5:bf: dc:47:24:94:ee:a6:e0:f1:84:90:9b:a4:cd:14:e9:8b:8a:f4: 13:86:07:f9:50:44:c4:11:e0:8d:17:93:85:eb:47:81:75:c8: 20:7a:d1:09:c2:51:2e:33:15:f9:cd:bf:c3:f5:67:43:fd:c6: c9:b2:32:10:90:0e:d8:25:40:0d:11:de:80:37:5d:4a:f5:4d: 8c:78:d6:3f:f7:4e:05:3e:4a:8f:03:6b:44:bf:f6:76:e8:01: 09:11:eb:b1:8f:99:e0:f6:ac:fe:de:83:00:ff:04:03:ff:ad: e0:22:fa:c8:99:5d:d0:1b:93:4c:9f:1b:4e:b1:66:60:da:aa: 9a:f6:ae:d3:5d:dc:54:a2:6c:81:eb:10:81:cd:a8:56:50:01: 07:8b:d4:7e:9f:93:4a:66:15:24:13:f2:07:28:9a:47:42:22: 88:0b:21:05:8e:3d:2e:62:21:71:97:06:eb:21:d7:4d:6e:e1: 04:9b:f8:ad:9e:ae:3b:12:7f:e8:40:a1:51:27:6b:84:ec:38: 15:a8:ef:c8:fe:81:17:c4:e7:ef:16:36:b4:da:b8:d7:18:89: d9:c2:ac:95:08:72:55:47:ec:2e:d0:f2:c0:98:94:9a:13:d9: c5:5d:3c:4a -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUG5eAEQyGIPwV5gpLUL4xv037VzQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxMTAwMTAwOVoX DTI2MDUxMjIzNTk1OVowejFJMEcGA1UEBRNAOGI4NmJkMmFkZTNlMzEwMWU1NDdj NTk0NWFkNzBlYzI4NGI0MWM4YzkxZWJkMDM5N2U0NTc2MTA5N2VlZDExZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrxf8IfUKr+XnZdd3cCT45d2vm2W yZ30590NBdOZqaujJuSwdio9Bs8zDkY4C0rcIIut4tnlrXbq/++Tf1zNGH1paP14 hAWttd4mLs7BthMYN+H4I18zIkq9g3mEFteRwHJpbR5h9dit99bghoZYiAXfzcvA CQZBrZsjKOaDDsZ9lhlprG8FcXr1cGqyf7lv6z1HE4Sp4N3u5IM1VGh0D/GF9FX0 igc7o4sznZWa4cvuVQLgiTkE9NGftLBK5t1D5Y9yRTTBq8Qcq5JFKSntcr5GgVDs uUU/ygab30zQu1SKt3YX6AMhqvcX13eomoBPSn81D08Y7Vr6BfEphCF+uwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGNnHXtVUMP0aKaUgBIbG1PNn88gMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IwY2E1ZThkLWE1ZGItNDEzZS1hNDRiLWZiODhkMGQ4ZjhjZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba85AwDQYJKoZIhvcNAQELBQADggEBAI2kxPQrsmdgHimJYvZW 8Cm1v9xHJJTupuDxhJCbpM0U6YuK9BOGB/lQRMQR4I0Xk4XrR4F1yCB60QnCUS4z FfnNv8P1Z0P9xsmyMhCQDtglQA0R3oA3XUr1TYx41j/3TgU+So8Da0S/9nboAQkR 67GPmeD2rP7egwD/BAP/reAi+siZXdAbk0yfG06xZmDaqpr2rtNd3FSibIHrEIHN qFZQAQeL1H6fk0pmFSQT8gcomkdCIogLIQWOPS5iIXGXBush101u4QSb+K2erjsS f+hAoVEna4TsOBWo78j+gRfE5+8WNrTauNcYidnCrJUIclVH7C7Q8sCYlJoT2cVd PEo= -----END CERTIFICATE-----Generated at Sun Mar 1 23:46:19 2026 by rpki-client