$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bc4defb3-3b7f-41b0-9b47-56b4d0f50806.roa File: bc4defb3-3b7f-41b0-9b47-56b4d0f50806.roa (raw, json) Hash identifier: gMHnXBD/RvnyIc39zK17E4mumpEFzpVztM7s44tGZaA= Subject key identifier: F6:37:A2:AF:F4:B7:87:23:91:57:BF:98:04:E3:1B:F9:76:08:D0:39 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4C1F17652A7078BA39F69121C09660E7E0C31E4C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bc4defb3-3b7f-41b0-9b47-56b4d0f50806.roa Signing time: Sat 28 Feb 2026 00:00:54 +0000 ROA not before: Sat 28 Feb 2026 00:00:54 +0000 ROA not after: Fri 29 May 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:1f:17:65:2a:70:78:ba:39:f6:91:21:c0:96:60:e7:e0:c3:1e:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 28 00:00:54 2026 GMT Not After : May 29 23:59:59 2026 GMT Subject: serialNumber=b6eedcf170408f5983931117c3b6a51d3dd93716bf0ae7139c1276cf8647d1b1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:7e:f2:3b:c5:2b:c3:04:23:51:7f:4a:c5:04: 08:0a:1b:cb:7c:fc:ee:cb:d4:d5:8d:52:9f:ac:5d: 50:f6:c9:9f:1a:b4:f2:2a:43:ce:58:be:08:af:d8: 2a:49:7f:8d:69:62:ce:91:b0:a1:04:af:2a:97:0c: fb:f4:4b:e9:be:5a:6f:4c:19:71:1c:10:a6:62:29: 0e:41:72:a4:31:10:3b:e9:33:34:f1:c9:b3:e5:77: 87:27:02:18:65:77:8a:28:32:5b:06:27:ec:39:79: 89:54:76:f3:64:b6:cf:e5:c5:b1:ab:b6:12:35:44: fc:fa:02:65:da:1e:c8:6c:3e:e3:47:30:7a:f9:c1: d4:85:aa:1a:5c:ad:97:be:ea:59:61:8a:6e:f6:f4: f8:5a:7d:b2:af:cf:3e:09:97:4f:c7:31:d7:3b:91: 68:5b:9f:52:46:00:c8:fd:b0:62:fe:4c:9c:28:e8: 9a:a6:03:9f:a7:b4:31:8a:c7:5e:c0:10:2c:4b:08: b7:f9:d7:82:cf:d0:57:fe:1f:d6:59:8f:c0:f3:9a: 12:38:d1:4c:e2:4d:92:89:e8:95:e6:18:bf:50:21: a7:5f:6f:2a:ab:df:c2:a8:cc:dd:52:a5:2f:68:aa: 5d:6d:2b:a6:34:dd:8f:fb:09:31:03:63:53:8b:cc: f3:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:37:A2:AF:F4:B7:87:23:91:57:BF:98:04:E3:1B:F9:76:08:D0:39 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bc4defb3-3b7f-41b0-9b47-56b4d0f50806.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:a000::/40 Signature Algorithm: sha256WithRSAEncryption 99:b5:1c:27:e4:9c:33:ae:2a:fc:ce:c5:3a:f2:ff:e1:cf:cc: f1:e5:02:4c:ac:17:d2:32:8d:6a:55:d8:b5:e0:41:48:07:23: 90:aa:a2:d4:da:88:5f:1c:51:e9:01:85:31:e5:d4:db:91:e3: 75:2d:38:1e:b4:f3:a0:28:fe:2f:07:3d:a7:12:90:37:f3:69: 41:9b:09:97:f9:dd:00:dd:f5:af:61:f1:1b:bf:d9:1f:db:b0: ac:51:ba:e2:ba:b7:a8:76:d7:6c:7e:d4:2e:ef:af:1d:ea:70: 08:92:a4:f3:7f:b7:82:80:f6:73:61:de:a2:15:40:a3:c9:6f: 3a:a5:44:a2:9e:bf:86:40:d4:70:c3:73:18:3d:df:8c:ce:13: 73:ab:9b:0c:c1:1c:36:73:e8:ec:1d:f6:b2:92:27:99:c3:3f: 9f:78:d5:c2:70:63:d0:dd:5b:d8:a1:7b:c6:b5:ef:3e:e5:12: 35:5b:ac:96:ff:cb:e4:bd:f7:8c:c2:42:f6:33:b8:d6:22:48: 7b:25:cf:3e:d2:54:72:89:38:65:51:bf:0b:22:30:eb:9a:36: 35:eb:c2:55:00:ab:43:98:e5:0c:f8:60:c7:d0:cc:cf:1f:ab: b3:0e:1d:5e:2b:93:6e:f7:0e:6b:59:7b:89:99:d4:a0:2a:88: 6b:07:14:1f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUTB8XZSpweLo59pEhwJZg5+DDHkwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyODAwMDA1NFoX DTI2MDUyOTIzNTk1OVowejFJMEcGA1UEBRNAYjZlZWRjZjE3MDQwOGY1OTgzOTMx MTE3YzNiNmE1MWQzZGQ5MzcxNmJmMGFlNzEzOWMxMjc2Y2Y4NjQ3ZDFiMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlX7yO8UrwwQjUX9KxQQIChvLfPzu y9TVjVKfrF1Q9smfGrTyKkPOWL4Ir9gqSX+NaWLOkbChBK8qlwz79EvpvlpvTBlx HBCmYikOQXKkMRA76TM08cmz5XeHJwIYZXeKKDJbBifsOXmJVHbzZLbP5cWxq7YS NUT8+gJl2h7IbD7jRzB6+cHUhaoaXK2XvupZYYpu9vT4Wn2yr88+CZdPxzHXO5Fo W59SRgDI/bBi/kycKOiapgOfp7QxisdewBAsSwi3+deCz9BX/h/WWY/A85oSONFM 4k2SieiV5hi/UCGnX28qq9/CqMzdUqUvaKpdbSumNN2P+wkxA2NTi8zzFwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPY3oq/0t4cjkVe/mATjG/l2CNA5MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JjNGRlZmIzLTNiN2YtNDFiMC05YjQ3LTU2YjRkMGY1MDgwNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba76AwDQYJKoZIhvcNAQELBQADggEBAJm1HCfknDOuKvzOxTry /+HPzPHlAkysF9IyjWpV2LXgQUgHI5CqotTaiF8cUekBhTHl1NuR43UtOB6086Ao /i8HPacSkDfzaUGbCZf53QDd9a9h8Ru/2R/bsKxRuuK6t6h212x+1C7vrx3qcAiS pPN/t4KA9nNh3qIVQKPJbzqlRKKev4ZA1HDDcxg934zOE3OrmwzBHDZz6Owd9rKS J5nDP5941cJwY9DdW9ihe8a17z7lEjVbrJb/y+S994zCQvYzuNYiSHslzz7SVHKJ OGVRvwsiMOuaNjXrwlUAq0OY5Qz4YMfQzM8fq7MOHV4rk273DmtZe4mZ1KAqiGsH FB8= -----END CERTIFICATE-----Generated at Mon Mar 2 03:22:37 2026 by rpki-client