$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b7148a1a-4b2d-4045-ae74-1ae201ddcacc.roa File: b7148a1a-4b2d-4045-ae74-1ae201ddcacc.roa (raw, json) Hash identifier: P98F+4s5zrKcCQY8sf2DVZvqBxXb6N5F7zZzkI1MzB4= Subject key identifier: E0:54:E6:50:AD:DB:61:F2:A6:9C:F7:25:4B:8B:CA:B6:D5:1C:0C:07 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0BA08370B81E646AAB27BFA19AE5496EAC09478A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b7148a1a-4b2d-4045-ae74-1ae201ddcacc.roa Signing time: Sun 22 Feb 2026 00:21:10 +0000 ROA not before: Sun 22 Feb 2026 00:21:10 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:a0:83:70:b8:1e:64:6a:ab:27:bf:a1:9a:e5:49:6e:ac:09:47:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:21:10 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=b8dc2429cad689e671d189367ba5f6dfcf89d1ca619cd9b6f54de9846a606b79, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:50:ce:c9:42:52:5a:ca:66:35:07:f2:c9:29: b1:e2:c6:ff:2d:aa:e9:b1:a0:4a:0e:f8:ca:9d:8b: 71:cf:3d:7b:5c:40:58:c1:bd:01:e2:4f:de:67:85: 5c:8e:fa:33:a1:3d:46:c9:dc:6e:8a:ba:ff:c5:97: 88:ef:db:b0:78:3c:fa:c3:49:18:67:2f:b8:c1:48: 6c:c6:42:a7:8e:97:6d:2e:d6:d3:0d:0e:6e:02:e5: 15:f8:7f:4f:50:7d:40:d5:35:76:86:d0:cf:1d:fe: 43:83:a3:26:3f:ad:b7:73:ae:76:a5:30:82:66:5b: e7:b3:03:2b:ea:1e:71:8e:c1:2b:b7:24:40:8d:b0: bf:95:23:e1:1d:df:d3:82:19:c7:bb:0f:81:f7:8a: 4f:1f:55:e8:90:95:58:4c:ef:2a:ac:02:8e:0b:b4: b4:bf:16:24:c1:e2:39:af:7b:e1:bf:12:5a:01:2d: b4:bb:a6:68:cb:45:af:e3:fa:b8:2b:8c:d8:cb:ed: e9:57:02:be:a6:ba:03:68:62:15:ad:a9:0e:a7:7c: a2:46:e4:49:68:67:c0:79:b1:f7:5c:45:4e:28:8e: 05:d3:71:ee:19:e0:51:8f:7e:ba:d1:44:91:5c:2d: 51:9b:2a:18:d3:e0:98:8b:fc:41:32:8d:40:7f:09: ec:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:54:E6:50:AD:DB:61:F2:A6:9C:F7:25:4B:8B:CA:B6:D5:1C:0C:07 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b7148a1a-4b2d-4045-ae74-1ae201ddcacc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:b000::/40 Signature Algorithm: sha256WithRSAEncryption 2f:71:db:95:eb:37:ac:b5:bf:48:78:4d:bd:0f:96:d2:23:d0: a3:2f:44:80:a4:3f:cc:67:1f:02:66:fd:48:c0:07:2d:31:ab: 26:4e:7c:88:13:91:88:4b:78:8c:f7:75:4e:41:ef:71:ff:b0: 85:21:7a:e6:d8:b7:5b:7e:2f:72:ea:62:b7:74:ed:83:ad:0f: 5d:29:cd:3d:48:8a:cf:67:19:f7:52:58:38:c5:26:8e:87:2c: c8:e0:c8:6d:51:9b:3e:09:3e:7a:88:e3:bb:79:cc:95:27:c2: 45:41:a9:75:19:b8:73:21:59:74:96:2c:17:43:46:5e:9b:2c: 88:4f:d7:91:cb:81:30:8a:57:d9:4a:4b:6a:21:a4:a5:42:c3: f5:27:ae:46:05:ef:22:8f:f5:fd:37:49:90:fe:e7:8a:80:ff: 34:c4:22:de:ce:31:3e:4c:7e:4e:b4:c0:c6:0c:ed:3a:e5:71: 4b:30:80:62:cb:21:2f:6a:e1:0a:f2:bf:ad:88:73:cb:82:d8: 53:56:9f:24:07:9e:62:fa:99:d5:31:74:a8:80:7f:a2:e5:b0: 88:06:77:61:08:40:12:f1:77:a6:3a:af:d5:e8:d7:df:58:42: 82:26:be:d9:4f:30:c3:18:0f:8f:aa:e2:10:40:b5:74:32:1f: e3:ed:9d:f8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUC6CDcLgeZGqrJ7+hmuVJbqwJR4owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMjExMFoX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAYjhkYzI0MjljYWQ2ODllNjcxZDE4 OTM2N2JhNWY2ZGZjZjg5ZDFjYTYxOWNkOWI2ZjU0ZGU5ODQ2YTYwNmI3OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlDOyUJSWspmNQfyySmx4sb/Larp saBKDvjKnYtxzz17XEBYwb0B4k/eZ4VcjvozoT1Gydxuirr/xZeI79uweDz6w0kY Zy+4wUhsxkKnjpdtLtbTDQ5uAuUV+H9PUH1A1TV2htDPHf5Dg6MmP623c652pTCC ZlvnswMr6h5xjsErtyRAjbC/lSPhHd/TghnHuw+B94pPH1XokJVYTO8qrAKOC7S0 vxYkweI5r3vhvxJaAS20u6Zoy0Wv4/q4K4zYy+3pVwK+proDaGIVrakOp3yiRuRJ aGfAebH3XEVOKI4F03HuGeBRj3660USRXC1RmyoY0+CYi/xBMo1AfwnsUwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOBU5lCt22Hyppz3JUuLyrbVHAwHMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I3MTQ4YTFhLTRiMmQtNDA0NS1hZTc0LTFhZTIwMWRkY2FjYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaLAwDQYJKoZIhvcNAQELBQADggEBAC9x25XrN6y1v0h4Tb0P ltIj0KMvRICkP8xnHwJm/UjABy0xqyZOfIgTkYhLeIz3dU5B73H/sIUheubYt1t+ L3LqYrd07YOtD10pzT1Iis9nGfdSWDjFJo6HLMjgyG1Rmz4JPnqI47t5zJUnwkVB qXUZuHMhWXSWLBdDRl6bLIhP15HLgTCKV9lKS2ohpKVCw/UnrkYF7yKP9f03SZD+ 54qA/zTEIt7OMT5Mfk60wMYM7TrlcUswgGLLIS9q4Qryv62Ic8uC2FNWnyQHnmL6 mdUxdKiAf6LlsIgGd2EIQBLxd6Y6r9Xo199YQoImvtlPMMMYD4+q4hBAtXQyH+Pt nfg= -----END CERTIFICATE-----Generated at Sun Mar 1 22:07:56 2026 by rpki-client