$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bcf07491-4148-4ad5-82e1-58df8b2e226c.roa File: bcf07491-4148-4ad5-82e1-58df8b2e226c.roa (raw, json) Hash identifier: RqsxGJ14/uxKrr3CbpUtUpVfvNAJ529AjjbZTHtmqHI= Subject key identifier: 9C:37:85:8D:BB:14:C4:8F:A7:B8:59:1A:4A:71:C4:75:5B:7C:07:4D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 490C383E13703705D5B801E4D572CDE2174A094D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bcf07491-4148-4ad5-82e1-58df8b2e226c.roa Signing time: Wed 11 Feb 2026 00:10:47 +0000 ROA not before: Wed 11 Feb 2026 00:10:47 +0000 ROA not after: Tue 12 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daea:40c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:0c:38:3e:13:70:37:05:d5:b8:01:e4:d5:72:cd:e2:17:4a:09:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 11 00:10:47 2026 GMT Not After : May 12 23:59:59 2026 GMT Subject: serialNumber=8cf384ec4295f96183e4c0814bcd9d8b7abde497c63676d6ae2dc879df432329, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:d1:16:f6:4b:11:f4:9d:79:34:0b:9a:ff:d8: b8:c3:c3:fb:4d:24:b6:41:fd:2a:22:60:db:6f:5c: 00:fd:cb:7a:4d:20:27:ed:da:12:80:ea:ee:6a:8c: 36:bd:c9:e0:dd:3a:21:7f:8b:08:c0:d0:6b:db:e9: d4:e1:81:a3:77:a5:4e:c7:a0:67:4e:ed:ba:95:7a: ac:95:d0:96:58:69:89:55:1a:fd:d9:b4:16:32:8c: 9a:69:72:4b:6a:b8:a1:f3:e3:e9:38:99:8a:d9:ae: a5:87:f2:cb:c9:bf:6d:d0:82:85:cc:d6:ee:c6:12: e8:d4:46:a3:69:a8:f7:b3:c4:4d:97:d5:28:e4:ce: 93:14:ca:09:fc:9e:64:59:b3:ee:f6:a8:09:4b:df: 5f:a7:6a:21:af:68:b5:66:f6:f3:cf:3c:24:a4:ad: 0d:3a:40:4b:73:fe:2d:6e:9f:01:50:72:0f:fe:d4: 88:99:7f:58:15:40:f2:99:9d:9d:84:fa:c6:82:69: e5:28:97:4e:bc:f8:26:0e:bb:0b:9a:33:24:2e:2c: 18:b2:be:3c:dd:d9:27:3b:f6:85:9e:06:cc:78:10: 7a:f3:42:16:38:0b:99:af:5d:d4:e9:90:7e:de:33: b1:fa:9a:b7:19:29:3d:e4:38:94:85:1a:e1:a8:16: 42:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:37:85:8D:BB:14:C4:8F:A7:B8:59:1A:4A:71:C4:75:5B:7C:07:4D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bcf07491-4148-4ad5-82e1-58df8b2e226c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daea:40c0::/48 Signature Algorithm: sha256WithRSAEncryption 42:cb:ed:dd:eb:98:e7:24:15:0e:aa:af:35:c9:1b:a4:cd:72: f5:65:8c:a8:a5:c6:ba:36:fe:36:9d:e8:a3:35:2c:22:a2:6c: c4:8f:81:2f:0c:83:36:42:01:a2:4e:0b:f7:4e:3c:aa:52:01: c9:8c:8a:bb:6b:79:26:a0:75:87:9a:b6:6b:1e:c9:c7:50:40: 7a:af:97:56:22:86:6f:71:c6:6b:a9:ed:21:df:e0:4d:db:86: ae:59:05:d1:4e:11:a9:97:d9:b3:2d:a7:73:68:80:4c:6c:83: a7:b3:97:f6:27:4c:16:6d:ff:14:6e:a4:df:4c:2e:c5:e1:1f: 80:45:96:b8:fa:52:1a:a0:67:9e:c8:80:1b:e8:8e:62:c2:0b: 86:58:38:86:92:09:91:ac:39:58:b8:4d:65:4f:57:75:f1:bb: d0:82:aa:1c:3f:4b:2b:5f:2d:1b:ac:98:11:4b:22:75:d8:7b: 47:26:3d:f5:9f:96:ab:80:40:c4:bb:83:bc:5a:c2:7b:0a:b5: e6:9c:5c:bf:14:1f:2b:1b:8b:79:18:7e:7e:74:74:4a:db:20: a5:cc:0b:b4:11:f3:2a:5f:2e:04:6f:56:8a:0c:c2:b4:06:01: 1e:fd:89:93:3c:95:83:28:d4:d4:ed:3c:b3:dd:e6:58:d8:cf: 49:33:40:63 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUSQw4PhNwNwXVuAHk1XLN4hdKCU0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxMTAwMTA0N1oX DTI2MDUxMjIzNTk1OVowejFJMEcGA1UEBRNAOGNmMzg0ZWM0Mjk1Zjk2MTgzZTRj MDgxNGJjZDlkOGI3YWJkZTQ5N2M2MzY3NmQ2YWUyZGM4NzlkZjQzMjMyOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNEW9ksR9J15NAua/9i4w8P7TSS2 Qf0qImDbb1wA/ct6TSAn7doSgOruaow2vcng3Tohf4sIwNBr2+nU4YGjd6VOx6Bn Tu26lXqsldCWWGmJVRr92bQWMoyaaXJLarih8+PpOJmK2a6lh/LLyb9t0IKFzNbu xhLo1Eajaaj3s8RNl9Uo5M6TFMoJ/J5kWbPu9qgJS99fp2ohr2i1ZvbzzzwkpK0N OkBLc/4tbp8BUHIP/tSImX9YFUDymZ2dhPrGgmnlKJdOvPgmDrsLmjMkLiwYsr48 3dknO/aFngbMeBB680IWOAuZr13U6ZB+3jOx+pq3GSk95DiUhRrhqBZCrQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJw3hY27FMSPp7hZGkpxxHVbfAdNMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JjZjA3NDkxLTQxNDgtNGFkNS04MmUxLTU4ZGY4YjJlMjI2Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6kDAMA0GCSqGSIb3DQEBCwUAA4IBAQBCy+3d65jnJBUOqq81 yRukzXL1ZYyopca6Nv42neijNSwiomzEj4EvDIM2QgGiTgv3TjyqUgHJjIq7a3km oHWHmrZrHsnHUEB6r5dWIoZvccZrqe0h3+BN24auWQXRThGpl9mzLadzaIBMbIOn s5f2J0wWbf8UbqTfTC7F4R+ARZa4+lIaoGeeyIAb6I5iwguGWDiGkgmRrDlYuE1l T1d18bvQgqocP0srXy0brJgRSyJ12HtHJj31n5argEDEu4O8WsJ7CrXmnFy/FB8r G4t5GH5+dHRK2yClzAu0EfMqXy4Eb1aKDMK0BgEe/YmTPJWDKNTU7Tyz3eZY2M9J M0Bj -----END CERTIFICATE-----Generated at Sun Mar 1 22:02:09 2026 by rpki-client