$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b460995f-b872-442a-beb5-8fc9d6720509.roa File: b460995f-b872-442a-beb5-8fc9d6720509.roa (raw, json) Hash identifier: Wr77wFwVguZKvHtI5KrwouraQqa4g1LRKXrxwDZrfEw= Subject key identifier: A2:50:C1:61:CD:62:80:6F:C6:08:B0:64:55:17:C2:26:71:26:A8:DC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4B403265122635BB591BA7D6015FB55CEEC0CF97 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b460995f-b872-442a-beb5-8fc9d6720509.roa Signing time: Sun 22 Feb 2026 00:41:09 +0000 ROA not before: Sun 22 Feb 2026 00:41:09 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da19::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:40:32:65:12:26:35:bb:59:1b:a7:d6:01:5f:b5:5c:ee:c0:cf:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:41:09 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=495c243d62b869804eb57e3ee57d65559c72cc16656d5ed5cf8a6d89179dc8c9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:55:03:aa:16:21:57:c1:0e:70:67:bf:d3:f3: 2d:96:af:c5:b8:51:79:f7:bd:7d:88:76:4b:c8:08: 07:88:d6:fc:ab:6b:de:68:5b:86:9c:ab:3e:ea:50: f5:09:83:8b:84:19:86:2a:e4:75:d6:cd:63:70:71: 8d:41:a6:5f:8f:00:15:ef:70:9e:19:93:dc:e6:ed: c5:9a:19:34:99:58:78:0c:35:55:78:b5:f4:81:42: 8e:0d:e2:15:81:dd:ff:cc:c3:01:12:8f:60:b7:8e: d3:ec:0d:89:ba:60:d8:a5:4a:12:9c:e5:12:8c:71: 93:e7:a5:ae:73:0c:14:88:8f:4e:d6:cc:b2:0e:c8: 1f:ae:87:f9:6f:35:6d:30:3f:20:33:81:d6:fa:5f: 95:92:c4:fe:e8:a5:77:7c:16:5b:39:8d:51:3f:48: 91:6d:58:02:ae:cb:20:26:42:3c:15:32:5b:2f:b2: 6d:8d:63:22:17:88:37:41:d0:e2:46:7b:94:8c:db: 43:4e:19:c7:ff:3a:b5:e1:72:87:c7:9d:e4:55:d1: bd:ff:0d:c2:dd:88:e0:87:a0:70:8d:7b:8a:d5:7f: 25:11:5f:86:af:8b:b7:60:fb:3f:e7:84:18:ea:dc: 00:7d:34:99:a0:44:fd:79:8e:79:e8:fe:4b:34:f2: c4:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:50:C1:61:CD:62:80:6F:C6:08:B0:64:55:17:C2:26:71:26:A8:DC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b460995f-b872-442a-beb5-8fc9d6720509.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da19::/38 Signature Algorithm: sha256WithRSAEncryption 89:6f:8d:6a:75:67:f5:25:8e:2b:6f:99:05:4f:23:a3:34:29: a6:b0:b0:4d:5e:4c:5e:58:b3:37:fb:c6:6b:4c:96:aa:2a:72: 42:f3:72:84:d3:1c:32:03:33:d3:a7:d9:a7:22:bb:8e:46:67: ca:7b:35:dc:4c:83:6c:36:c6:08:7f:ee:42:3b:f3:9c:a8:4e: 0f:30:07:36:b4:9c:0c:65:49:28:da:df:56:81:e0:0c:71:3d: 74:72:04:5b:d4:c2:9d:b8:0c:c2:ba:f7:aa:98:4b:5d:dc:5a: cf:66:87:8d:13:78:53:e2:8a:52:9b:69:6e:52:14:69:f9:13: 37:22:4d:ec:ba:1c:b8:5d:8d:45:54:3b:be:7b:8c:7b:56:02: 00:53:f7:d7:94:a7:c7:bd:58:ed:bd:37:04:37:88:fb:5d:84: 41:39:67:4c:76:53:66:ab:7b:17:47:bf:1b:01:d5:c4:41:20: bf:8b:15:3b:7f:1b:f6:44:a9:5d:fc:8c:e9:cf:a1:64:6e:28: ef:b6:2a:32:93:09:47:fe:8d:b5:07:81:fa:15:76:4b:66:77: 2b:41:55:ee:48:d5:b7:0a:35:3e:6b:7a:de:41:cd:d6:f0:bb: f7:6f:f3:d6:1b:dd:4c:c9:44:2c:93:53:dd:f1:f0:46:ae:a0: 11:c2:ef:17 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUS0AyZRImNbtZG6fWAV+1XO7Az5cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwNDEwOVoX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNANDk1YzI0M2Q2MmI4Njk4MDRlYjU3 ZTNlZTU3ZDY1NTU5YzcyY2MxNjY1NmQ1ZWQ1Y2Y4YTZkODkxNzlkYzhjOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVUDqhYhV8EOcGe/0/Mtlq/FuFF5 9719iHZLyAgHiNb8q2veaFuGnKs+6lD1CYOLhBmGKuR11s1jcHGNQaZfjwAV73Ce GZPc5u3Fmhk0mVh4DDVVeLX0gUKODeIVgd3/zMMBEo9gt47T7A2JumDYpUoSnOUS jHGT56WucwwUiI9O1syyDsgfrof5bzVtMD8gM4HW+l+VksT+6KV3fBZbOY1RP0iR bVgCrssgJkI8FTJbL7JtjWMiF4g3QdDiRnuUjNtDThnH/zq14XKHx53kVdG9/w3C 3Yjgh6BwjXuK1X8lEV+Gr4u3YPs/54QY6twAfTSZoET9eY556P5LNPLEzwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKJQwWHNYoBvxgiwZFUXwiZxJqjcMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I0NjA5OTVmLWI4NzItNDQyYS1iZWI1LThmYzlkNjcyMDUwOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaGQAwDQYJKoZIhvcNAQELBQADggEBAIlvjWp1Z/UljitvmQVP I6M0KaawsE1eTF5Yszf7xmtMlqoqckLzcoTTHDIDM9On2aciu45GZ8p7NdxMg2w2 xgh/7kI785yoTg8wBza0nAxlSSja31aB4AxxPXRyBFvUwp24DMK696qYS13cWs9m h40TeFPiilKbaW5SFGn5EzciTey6HLhdjUVUO757jHtWAgBT99eUp8e9WO29NwQ3 iPtdhEE5Z0x2U2arexdHvxsB1cRBIL+LFTt/G/ZEqV38jOnPoWRuKO+2KjKTCUf+ jbUHgfoVdktmdytBVe5I1bcKNT5ret5Bzdbwu/dv89Yb3UzJRCyTU93x8EauoBHC 7xc= -----END CERTIFICATE-----Generated at Sun Mar 1 23:54:40 2026 by rpki-client