$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b1a24a25-9b3a-42e4-87bd-b212f7fd79c9.roa File: b1a24a25-9b3a-42e4-87bd-b212f7fd79c9.roa (raw, json) Hash identifier: uqyBYa3q+oXOlzAi39emR/czbYq4yb0/qgQyuwi8R5Y= Subject key identifier: FA:16:22:29:5E:8B:7D:06:29:98:21:06:8E:B2:BE:2F:0B:E0:35:02 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 19700C5B40549678A2BF78B3887EC27AAA228AA8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b1a24a25-9b3a-42e4-87bd-b212f7fd79c9.roa Signing time: Wed 18 Feb 2026 00:00:46 +0000 ROA not before: Wed 18 Feb 2026 00:00:46 +0000 ROA not after: Tue 19 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:8080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:70:0c:5b:40:54:96:78:a2:bf:78:b3:88:7e:c2:7a:aa:22:8a:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 18 00:00:46 2026 GMT Not After : May 19 23:59:59 2026 GMT Subject: serialNumber=fd5a6a83e3d5578ed91c548160fc39c9aca07e6b2f4da63a37a4703062976c58, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:e1:eb:07:7f:26:4c:73:d8:f9:74:26:8d:93: 47:bb:3e:30:08:90:10:2e:f0:35:6d:09:d3:e7:c5: dc:65:4e:99:a2:72:0e:e4:0e:d5:1f:20:5e:e7:40: 55:7b:2c:aa:db:55:b5:69:6c:6e:5a:4f:1d:2e:c7: d7:36:f6:ed:6a:25:e8:ef:2b:f1:9f:a9:d2:e4:8b: 17:b0:aa:b5:1d:e3:25:d0:8f:0c:32:b8:e9:10:7b: 8b:ea:49:0c:f9:31:c6:d9:4c:65:3c:b4:76:f6:42: a6:c0:1c:6e:18:31:10:b2:94:a1:71:19:be:2e:c8: 79:b5:49:89:70:df:be:4f:be:40:97:fa:30:79:56: ee:f9:3d:75:65:c0:5c:fe:79:65:08:e7:20:0c:b1: d2:7c:fd:23:8a:a7:d0:62:f9:28:70:ee:39:a1:4b: d0:00:fc:c6:b5:66:ce:de:51:3f:7e:a3:33:94:f6: 90:2b:c3:f4:cd:4e:09:31:80:17:45:30:6f:51:1a: 99:a6:d7:0c:5e:f3:1e:ef:44:cd:94:00:c0:3a:d7: d5:2c:6f:1c:07:55:43:fc:d4:1e:ed:4a:12:87:77: 2d:8f:7f:2d:9b:5a:c2:8f:53:6e:c8:d2:e3:d1:07: 5d:cd:25:58:51:1f:b6:d6:ab:5c:97:25:ab:dc:c4: 5b:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:16:22:29:5E:8B:7D:06:29:98:21:06:8E:B2:BE:2F:0B:E0:35:02 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b1a24a25-9b3a-42e4-87bd-b212f7fd79c9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:8080::/48 Signature Algorithm: sha256WithRSAEncryption 43:6c:5d:a3:ba:a9:90:27:c3:57:75:05:79:29:3a:76:20:0f: 3e:40:01:28:c3:8a:0b:2e:af:65:4e:1d:67:a0:f2:c0:1e:0c: 81:a2:fc:63:14:c8:77:ac:4b:bd:25:ef:cf:b5:78:87:e2:1c: 84:05:ed:a9:be:d2:40:bc:cf:95:2b:e7:c6:be:68:fc:20:25: 74:94:80:07:be:60:dc:92:9c:a4:c8:0b:2e:bb:c3:dc:be:a9: ab:e8:80:ff:fa:76:69:a5:a6:23:eb:3f:97:2b:05:e9:9a:a8: 6f:f9:ac:53:81:77:4e:80:f8:4e:e5:1b:c7:9f:72:35:f8:9f: 8d:52:b4:2c:ff:47:53:40:2b:28:fe:df:ef:b1:72:fc:34:09: 8d:8c:7c:a3:8f:20:53:13:c8:a8:33:a8:b9:6f:64:10:78:e6: 70:aa:9b:12:3c:60:1a:ba:bb:dc:de:33:4a:00:bc:71:18:b8: f4:61:b2:46:d5:31:2b:46:07:62:fe:cc:31:0a:fa:73:7c:a9: 9f:9e:19:6e:21:a0:3a:0c:2f:92:cc:9e:1b:a3:2e:a6:24:a0: 90:4c:db:48:34:86:fe:01:57:d6:f4:1b:bd:41:da:4e:61:0d: 42:13:56:94:9e:1f:e9:d7:ba:29:bd:07:20:6f:4b:3d:af:35: 97:f7:86:99 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUGXAMW0BUlniiv3iziH7CeqoiiqgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxODAwMDA0NloX DTI2MDUxOTIzNTk1OVowejFJMEcGA1UEBRNAZmQ1YTZhODNlM2Q1NTc4ZWQ5MWM1 NDgxNjBmYzM5YzlhY2EwN2U2YjJmNGRhNjNhMzdhNDcwMzA2Mjk3NmM1ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOHrB38mTHPY+XQmjZNHuz4wCJAQ LvA1bQnT58XcZU6ZonIO5A7VHyBe50BVeyyq21W1aWxuWk8dLsfXNvbtaiXo7yvx n6nS5IsXsKq1HeMl0I8MMrjpEHuL6kkM+THG2UxlPLR29kKmwBxuGDEQspShcRm+ Lsh5tUmJcN++T75Al/oweVbu+T11ZcBc/nllCOcgDLHSfP0jiqfQYvkocO45oUvQ APzGtWbO3lE/fqMzlPaQK8P0zU4JMYAXRTBvURqZptcMXvMe70TNlADAOtfVLG8c B1VD/NQe7UoSh3ctj38tm1rCj1NuyNLj0QddzSVYUR+21qtclyWr3MRb+wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFPoWIilei30GKZghBo6yvi8L4DUCMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IxYTI0YTI1LTliM2EtNDJlNC04N2JkLWIyMTJmN2ZkNzljOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8oCAMA0GCSqGSIb3DQEBCwUAA4IBAQBDbF2juqmQJ8NXdQV5 KTp2IA8+QAEow4oLLq9lTh1noPLAHgyBovxjFMh3rEu9Je/PtXiH4hyEBe2pvtJA vM+VK+fGvmj8ICV0lIAHvmDckpykyAsuu8Pcvqmr6ID/+nZppaYj6z+XKwXpmqhv +axTgXdOgPhO5RvHn3I1+J+NUrQs/0dTQCso/t/vsXL8NAmNjHyjjyBTE8ioM6i5 b2QQeOZwqpsSPGAaurvc3jNKALxxGLj0YbJG1TErRgdi/swxCvpzfKmfnhluIaA6 DC+SzJ4boy6mJKCQTNtINIb+AVfW9Bu9QdpOYQ1CE1aUnh/p17opvQcgb0s9rzWX 94aZ -----END CERTIFICATE-----Generated at Sun Mar 1 21:55:23 2026 by rpki-client