$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b8f20a02-5b4a-48d7-9377-ff3d3baeaa5c.roa File: b8f20a02-5b4a-48d7-9377-ff3d3baeaa5c.roa (raw, json) Hash identifier: de7nIe/ubVSzLhi32StE8OaGE1l6gXeZHgnOa3VhTK4= Subject key identifier: 9F:41:F6:22:CA:23:E4:2E:FA:82:94:E4:63:77:10:E8:23:71:4F:9D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 37A0D65D75C2F202EC321EA05D7C9FA84F9B392B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b8f20a02-5b4a-48d7-9377-ff3d3baeaa5c.roa Signing time: Wed 11 Feb 2026 00:20:06 +0000 ROA not before: Wed 11 Feb 2026 00:20:06 +0000 ROA not after: Tue 12 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:6040::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:a0:d6:5d:75:c2:f2:02:ec:32:1e:a0:5d:7c:9f:a8:4f:9b:39:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 11 00:20:06 2026 GMT Not After : May 12 23:59:59 2026 GMT Subject: serialNumber=0a25281d1b77c71aeb1ce09b70e705fa03024eb0c32a7d72ab25bca4bc12b9c6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:cb:23:f7:79:05:12:ed:b0:31:03:e3:aa:65: 89:ad:58:28:be:3f:1e:fb:aa:b3:ae:e9:6b:8b:3f: 55:90:45:4b:35:6e:0a:76:ed:b0:55:e2:8b:5d:30: b1:83:1f:5e:23:e5:17:66:0d:9b:10:3b:7a:04:04: 7d:11:3c:bb:e7:54:dc:c4:d2:1f:4f:76:a8:e8:1b: fa:1d:49:71:b4:83:f2:5b:32:d5:5d:98:85:2f:c0: 6d:1c:61:3d:19:d5:19:52:ff:ba:8c:24:b2:98:d5: 9a:f3:e3:b2:79:1b:af:c1:d8:cd:55:bf:ac:ed:f5: 7d:94:ce:88:66:d0:ff:b3:bc:5b:73:b5:b0:f8:fc: 03:25:1d:57:b4:d9:c1:7d:33:c3:97:61:e5:23:63: 90:c5:18:49:da:4d:81:8a:dd:2c:ef:5b:d4:84:cf: e7:98:b1:e4:55:4d:13:48:78:af:fe:d8:c8:d9:23: b7:36:03:82:18:f1:b2:47:55:4f:bd:dd:23:c0:78: b2:5e:2e:a0:35:26:fa:a8:c0:ea:99:3c:ae:49:f8: 94:cf:65:d5:ec:6d:b3:b4:b3:a4:a3:e2:99:65:9b: 7a:dc:55:1c:55:a2:86:d2:a5:84:42:a6:dd:56:4c: 3a:0e:dd:56:ee:55:7d:16:0a:44:9f:ed:b3:c2:f1: 25:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:41:F6:22:CA:23:E4:2E:FA:82:94:E4:63:77:10:E8:23:71:4F:9D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b8f20a02-5b4a-48d7-9377-ff3d3baeaa5c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:6040::/46 Signature Algorithm: sha256WithRSAEncryption ca:64:f8:a3:f4:68:4e:2b:e6:fe:fd:20:ba:ce:44:eb:83:e5: 5a:06:fb:7e:89:0f:e5:ed:ca:7d:a0:39:ef:11:ea:46:e5:c7: 71:41:89:06:fd:8a:dd:a5:eb:1a:79:8f:3f:c7:d0:9d:0d:ec: 02:9b:b5:c4:0c:4e:c4:5f:00:58:ef:42:99:2a:55:38:02:48: c4:4f:52:d7:b7:de:f1:20:4d:09:4a:ae:fd:33:8f:87:c3:12: b6:77:ca:fc:14:9e:e4:ab:86:a2:d1:ed:3a:b4:9d:6a:ad:a3: 63:dd:27:19:2d:e0:e8:fd:82:f0:51:21:78:04:ae:54:4a:7f: 7f:4d:be:69:00:d6:88:4d:7e:79:74:d5:10:67:fd:a7:07:1f: b5:e6:8a:56:ff:94:6e:38:00:e8:90:ee:b6:26:28:e0:b6:b5: 44:2e:75:24:de:9b:57:c8:f4:6d:f0:ba:9d:f3:c1:71:4f:e4: d4:80:87:88:a9:f5:c0:bd:e1:fc:e2:11:01:55:f1:1a:af:a6: 83:ee:93:09:30:34:b0:2a:79:fc:27:34:38:4c:4d:16:7f:8e: dd:1c:d2:65:38:83:69:fb:db:f4:76:df:02:53:e3:45:08:48: fc:4b:51:a2:40:ce:fa:d0:30:c2:df:61:fd:a3:f4:45:8e:27: 8b:16:fa:f1 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUN6DWXXXC8gLsMh6gXXyfqE+bOSswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxMTAwMjAwNloX DTI2MDUxMjIzNTk1OVowejFJMEcGA1UEBRNAMGEyNTI4MWQxYjc3YzcxYWViMWNl MDliNzBlNzA1ZmEwMzAyNGViMGMzMmE3ZDcyYWIyNWJjYTRiYzEyYjljNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8sj93kFEu2wMQPjqmWJrVgovj8e +6qzrulriz9VkEVLNW4Kdu2wVeKLXTCxgx9eI+UXZg2bEDt6BAR9ETy751TcxNIf T3ao6Bv6HUlxtIPyWzLVXZiFL8BtHGE9GdUZUv+6jCSymNWa8+OyeRuvwdjNVb+s 7fV9lM6IZtD/s7xbc7Ww+PwDJR1XtNnBfTPDl2HlI2OQxRhJ2k2Bit0s71vUhM/n mLHkVU0TSHiv/tjI2SO3NgOCGPGyR1VPvd0jwHiyXi6gNSb6qMDqmTyuSfiUz2XV 7G2ztLOko+KZZZt63FUcVaKG0qWEQqbdVkw6Dt1W7lV9FgpEn+2zwvEl1QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJ9B9iLKI+Qu+oKU5GN3EOgjcU+dMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I4ZjIwYTAyLTViNGEtNDhkNy05Mzc3LWZmM2QzYmFlYWE1Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba82BAMA0GCSqGSIb3DQEBCwUAA4IBAQDKZPij9GhOK+b+/SC6 zkTrg+VaBvt+iQ/l7cp9oDnvEepG5cdxQYkG/YrdpesaeY8/x9CdDewCm7XEDE7E XwBY70KZKlU4AkjET1LXt97xIE0JSq79M4+HwxK2d8r8FJ7kq4ai0e06tJ1qraNj 3ScZLeDo/YLwUSF4BK5USn9/Tb5pANaITX55dNUQZ/2nBx+15opW/5RuOADokO62 JijgtrVELnUk3ptXyPRt8Lqd88FxT+TUgIeIqfXAveH84hEBVfEar6aD7pMJMDSw Knn8JzQ4TE0Wf47dHNJlOINp+9v0dt8CU+NFCEj8S1GiQM760DDC32H9o/RFjieL Fvrx -----END CERTIFICATE-----Generated at Mon Mar 2 01:41:37 2026 by rpki-client