$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b990f5b3-241d-4db7-8197-5e39d9181be8.roa File: b990f5b3-241d-4db7-8197-5e39d9181be8.roa (raw, json) Hash identifier: vblbhetlHHP/tAUtxlrhVTBvHc4k7NdOEhfViqee0h4= Subject key identifier: AF:D3:65:80:2D:0B:BF:57:ED:29:43:97:15:38:3B:96:B9:F6:F9:90 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 36361582E5A53F4569C8EEED0B3C5AF320A261FA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b990f5b3-241d-4db7-8197-5e39d9181be8.roa Signing time: Fri 20 Feb 2026 00:20:34 +0000 ROA not before: Fri 20 Feb 2026 00:20:34 +0000 ROA not after: Thu 21 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:2840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:36:15:82:e5:a5:3f:45:69:c8:ee:ed:0b:3c:5a:f3:20:a2:61:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 20 00:20:34 2026 GMT Not After : May 21 23:59:59 2026 GMT Subject: serialNumber=e2e60458fb9a1e2b5efc8c178ac0574b1e963d92a69c38cd49e67986059bcf75, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:60:b4:8e:40:84:22:40:65:1e:0b:ce:48:a3: b3:b2:94:7b:a9:6a:d2:1c:7e:b9:32:79:3d:3c:57: ea:eb:48:7d:37:43:36:a7:3b:ea:ea:01:d5:57:3d: f8:77:eb:37:a6:dd:95:69:9b:0f:a9:72:41:0e:7e: ac:3c:80:06:29:99:c7:93:49:db:c3:ca:bf:cb:3c: 06:c2:a4:c6:d8:fe:50:83:11:54:8c:4c:16:56:29: ee:0a:e1:da:4c:d4:f2:bf:94:3e:d0:ac:7b:a6:ab: 3f:3a:d3:ff:a5:91:a7:a7:69:b0:04:0c:77:68:45: 1e:7c:d5:3c:5f:ff:ad:53:72:73:25:57:9e:b6:c8: e5:6f:43:91:eb:8b:43:22:2f:c5:ab:e6:aa:43:f0: 34:70:b4:52:27:77:5e:8b:f1:f6:fd:2a:a0:c6:6c: 19:54:9a:b1:19:14:29:27:17:52:3f:5d:8b:09:ac: 04:f5:df:95:73:7b:c4:81:20:70:3b:e4:e0:34:9d: 22:67:cf:10:f1:5d:6b:e9:10:e9:9e:1c:17:8f:7c: 29:d1:ad:61:64:66:e3:ba:c7:f8:7c:a4:71:80:f8: de:4f:6e:90:06:b2:2f:15:0c:15:51:e3:9a:6e:e2: b7:8c:d8:44:25:4d:95:a4:f1:ff:1d:8a:88:9b:83: 97:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:D3:65:80:2D:0B:BF:57:ED:29:43:97:15:38:3B:96:B9:F6:F9:90 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b990f5b3-241d-4db7-8197-5e39d9181be8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:2840::/48 Signature Algorithm: sha256WithRSAEncryption 34:e8:d0:0f:3a:88:28:f4:6b:d0:ea:67:17:35:37:49:57:e9: da:bc:ed:fd:ff:52:dc:21:2f:f0:e4:0d:1d:bb:cf:8e:90:ba: 72:c2:c2:0f:31:fe:1b:26:72:c5:c0:61:bd:25:66:b6:2f:ac: 26:ca:04:d1:5b:b6:5f:ea:36:a6:e5:c1:a4:d4:a2:39:f8:36: 0c:ed:84:4f:67:ab:93:3b:f8:eb:ab:9c:e3:b8:83:3e:8f:ba: 81:dd:e1:96:24:96:31:a1:12:12:24:29:af:5d:da:b8:be:e9: a5:dd:6c:10:1c:24:e4:e7:2a:bc:c0:76:aa:70:c1:a8:40:8a: c0:ec:70:15:05:44:7d:a5:bd:dd:29:66:4b:ab:25:ac:d4:d1: ba:1d:5d:e6:ba:06:1f:d3:fc:e5:22:11:52:15:ae:d0:96:13: e7:f2:1c:f0:d3:69:8d:87:05:57:b8:63:58:19:65:b0:fc:ed: f9:2a:b7:21:30:a4:db:7e:cf:fd:ab:a5:46:f7:b7:90:83:9e: 7a:7c:6b:07:b1:13:27:01:c1:2c:4e:30:d6:7d:de:67:2a:fe: a1:e1:b8:c1:39:72:73:5a:3d:3f:c2:e9:e3:af:b0:e0:ac:a8: fd:36:ea:3e:3d:41:02:68:2e:3c:9d:8a:82:f4:55:a9:a7:fc: 40:5c:16:36 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUNjYVguWlP0VpyO7tCzxa8yCiYfowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMDAwMjAzNFoX DTI2MDUyMTIzNTk1OVowejFJMEcGA1UEBRNAZTJlNjA0NThmYjlhMWUyYjVlZmM4 YzE3OGFjMDU3NGIxZTk2M2Q5MmE2OWMzOGNkNDllNjc5ODYwNTliY2Y3NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmC0jkCEIkBlHgvOSKOzspR7qWrS HH65Mnk9PFfq60h9N0M2pzvq6gHVVz34d+s3pt2VaZsPqXJBDn6sPIAGKZnHk0nb w8q/yzwGwqTG2P5QgxFUjEwWVinuCuHaTNTyv5Q+0Kx7pqs/OtP/pZGnp2mwBAx3 aEUefNU8X/+tU3JzJVeetsjlb0OR64tDIi/Fq+aqQ/A0cLRSJ3dei/H2/SqgxmwZ VJqxGRQpJxdSP12LCawE9d+Vc3vEgSBwO+TgNJ0iZ88Q8V1r6RDpnhwXj3wp0a1h ZGbjusf4fKRxgPjeT26QBrIvFQwVUeOabuK3jNhEJU2VpPH/HYqIm4OXWwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFK/TZYAtC79X7SlDlxU4O5a59vmQMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I5OTBmNWIzLTI0MWQtNGRiNy04MTk3LTVlMzlkOTE4MWJlOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8ihAMA0GCSqGSIb3DQEBCwUAA4IBAQA06NAPOogo9GvQ6mcX NTdJV+navO39/1LcIS/w5A0du8+OkLpywsIPMf4bJnLFwGG9JWa2L6wmygTRW7Zf 6jam5cGk1KI5+DYM7YRPZ6uTO/jrq5zjuIM+j7qB3eGWJJYxoRISJCmvXdq4vuml 3WwQHCTk5yq8wHaqcMGoQIrA7HAVBUR9pb3dKWZLqyWs1NG6HV3mugYf0/zlIhFS Fa7QlhPn8hzw02mNhwVXuGNYGWWw/O35KrchMKTbfs/9q6VG97eQg556fGsHsRMn AcEsTjDWfd5nKv6h4bjBOXJzWj0/wunjr7DgrKj9Nuo+PUECaC48nYqC9FWpp/xA XBY2 -----END CERTIFICATE-----Generated at Sun Mar 1 23:52:59 2026 by rpki-client