$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/baa01805-cb98-4c85-9fa0-fdff4c3b18af.roa File: baa01805-cb98-4c85-9fa0-fdff4c3b18af.roa (raw, json) Hash identifier: Vy8jzMfasC7DMA4WqNt90SirgpyA31J+onCyuq8A09Y= Subject key identifier: 5F:FD:23:14:D5:FD:4F:04:D4:76:E4:61:B1:B9:A5:B6:94:DA:10:1E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 235E51729D874049FE9C1E16D5F7A26A91ECC5CD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/baa01805-cb98-4c85-9fa0-fdff4c3b18af.roa Signing time: Sat 21 Feb 2026 00:00:30 +0000 ROA not before: Sat 21 Feb 2026 00:00:30 +0000 ROA not after: Fri 22 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daec:7000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:5e:51:72:9d:87:40:49:fe:9c:1e:16:d5:f7:a2:6a:91:ec:c5:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 21 00:00:30 2026 GMT Not After : May 22 23:59:59 2026 GMT Subject: serialNumber=015c274e3cb36e0517e0a40d19cb5c942d47f7e2eadd787f6595db2faa416568, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:b3:ea:b4:6b:94:cd:2d:7e:31:dd:d3:9e:6f: 37:4b:ea:e2:12:03:72:2c:83:62:94:7d:b9:f4:bc: 87:4c:05:73:82:14:0a:92:b8:66:8e:cb:f4:6d:41: cf:3b:b6:e3:20:d0:b3:f6:4d:76:e8:f7:be:98:b7: 0a:c1:f5:45:51:c1:2c:73:97:2f:60:6e:32:59:85: bf:3b:6f:2f:f5:6e:22:c7:92:db:87:e4:51:67:c4: 58:75:2f:05:41:d3:8b:6f:54:ed:7a:16:fb:da:f6: 64:e1:cf:e4:26:8a:24:61:41:ac:c6:75:38:94:41: 11:30:85:4b:f9:30:f1:8f:7f:c7:c3:ac:7e:89:03: ea:5d:f1:68:50:75:2c:36:41:3f:d1:a3:2d:82:86: ce:20:a0:0e:28:11:2b:e8:85:08:ba:a6:0c:a1:a5: 8c:8c:94:4d:91:82:c9:0e:49:b1:4f:15:6d:84:e3: 28:02:2d:0d:1f:2b:be:d6:06:12:98:4b:b5:98:c0: 48:7e:22:86:38:f9:1c:fc:e9:19:e6:03:0b:d1:c1: 3d:9e:5c:80:a6:0c:a1:15:80:c5:02:5d:28:be:42: 45:21:18:b0:67:b5:c1:57:97:ee:4b:24:e7:29:cf: 90:ec:a8:fb:60:9a:e9:3d:22:7c:0e:67:af:64:40: 4e:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:FD:23:14:D5:FD:4F:04:D4:76:E4:61:B1:B9:A5:B6:94:DA:10:1E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/baa01805-cb98-4c85-9fa0-fdff4c3b18af.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daec:7000::/48 Signature Algorithm: sha256WithRSAEncryption 5a:1e:04:b0:6c:53:42:37:a8:c2:56:97:60:d4:e1:98:66:bf: 03:2a:d1:7a:40:b7:01:ee:ee:40:20:c2:ce:10:91:0e:23:3e: 2e:45:ef:ab:ea:a4:51:3a:5f:c8:e9:ea:4e:9a:42:dc:d3:89: 12:2b:34:b8:7a:8d:bd:f7:fa:43:db:cc:00:96:a9:73:20:9f: 9c:f2:cb:6c:b9:b1:c0:39:22:39:1b:2c:01:77:30:b4:6e:2b: 94:76:1a:59:eb:86:98:06:e8:7f:68:11:fb:54:2a:ee:c8:03: 29:51:9a:aa:05:fa:d1:54:e2:ae:87:aa:72:9d:71:63:4c:31: 18:81:2f:89:a3:b7:db:a5:21:94:51:9c:86:0b:8f:b2:37:f6: 8a:cd:d9:b8:1f:5e:45:09:f3:e4:ec:ff:8a:a9:98:f7:24:92: ad:0b:a7:80:a1:62:28:d9:45:7c:2b:8d:c8:3f:26:a8:e3:6c: b5:d1:16:49:c9:1d:d2:91:66:60:ae:0c:3f:1c:04:e9:01:fa: 0b:aa:82:c5:75:34:c7:ea:7e:e0:c8:9b:24:49:fa:ac:f1:a6: 14:80:06:36:c5:ff:7d:92:81:8e:5a:ce:29:ce:de:6c:f7:a2: 42:9f:e6:1d:d5:73:45:79:8c:0d:9e:54:e2:a6:77:35:31:96: c5:cb:6d:53 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUI15Rcp2HQEn+nB4W1feiapHsxc0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMTAwMDAzMFoX DTI2MDUyMjIzNTk1OVowejFJMEcGA1UEBRNAMDE1YzI3NGUzY2IzNmUwNTE3ZTBh NDBkMTljYjVjOTQyZDQ3ZjdlMmVhZGQ3ODdmNjU5NWRiMmZhYTQxNjU2ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrPqtGuUzS1+Md3Tnm83S+riEgNy LINilH259LyHTAVzghQKkrhmjsv0bUHPO7bjINCz9k126Pe+mLcKwfVFUcEsc5cv YG4yWYW/O28v9W4ix5Lbh+RRZ8RYdS8FQdOLb1Ttehb72vZk4c/kJookYUGsxnU4 lEERMIVL+TDxj3/Hw6x+iQPqXfFoUHUsNkE/0aMtgobOIKAOKBEr6IUIuqYMoaWM jJRNkYLJDkmxTxVthOMoAi0NHyu+1gYSmEu1mMBIfiKGOPkc/OkZ5gML0cE9nlyA pgyhFYDFAl0ovkJFIRiwZ7XBV5fuSyTnKc+Q7Kj7YJrpPSJ8DmevZEBOgwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFF/9IxTV/U8E1HbkYbG5pbaU2hAeMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JhYTAxODA1LWNiOTgtNGM4NS05ZmEwLWZkZmY0YzNiMThhZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba7HAAMA0GCSqGSIb3DQEBCwUAA4IBAQBaHgSwbFNCN6jCVpdg 1OGYZr8DKtF6QLcB7u5AIMLOEJEOIz4uRe+r6qRROl/I6epOmkLc04kSKzS4eo29 9/pD28wAlqlzIJ+c8stsubHAOSI5GywBdzC0biuUdhpZ64aYBuh/aBH7VCruyAMp UZqqBfrRVOKuh6pynXFjTDEYgS+Jo7fbpSGUUZyGC4+yN/aKzdm4H15FCfPk7P+K qZj3JJKtC6eAoWIo2UV8K43IPyao42y10RZJyR3SkWZgrgw/HATpAfoLqoLFdTTH 6n7gyJskSfqs8aYUgAY2xf99koGOWs4pzt5s96JCn+Yd1XNFeYwNnlTipnc1MZbF y21T -----END CERTIFICATE-----Generated at Sun Mar 1 23:38:19 2026 by rpki-client