$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/be8702e9-72df-463a-bb7d-aa1daff3f574.roa File: be8702e9-72df-463a-bb7d-aa1daff3f574.roa (raw, json) Hash identifier: dvF/lCJJb2oloIG8JqCRVJ0QcUdg1b9/thuFpRn5ByU= Subject key identifier: D6:92:EB:E7:3E:8C:4F:D1:88:3D:91:D5:2D:B1:1B:E6:DB:8A:13:F1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6AD31DA50BFE1B6AA8BA0EE1A96FCF688DB4C68D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/be8702e9-72df-463a-bb7d-aa1daff3f574.roa Signing time: Fri 20 Feb 2026 00:20:29 +0000 ROA not before: Fri 20 Feb 2026 00:20:29 +0000 ROA not after: Thu 21 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6a:d3:1d:a5:0b:fe:1b:6a:a8:ba:0e:e1:a9:6f:cf:68:8d:b4:c6:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 20 00:20:29 2026 GMT Not After : May 21 23:59:59 2026 GMT Subject: serialNumber=cb3a423e5165925f714fc6805d12fcd0e2b81a5385fb9d0bff380e46b0c599df, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:d9:c6:2a:a2:de:92:fc:b3:4f:f0:fb:38:f9: 06:cf:03:08:cd:cb:e0:38:ba:ac:c6:54:80:fe:f5: 75:95:ce:75:64:00:50:fb:34:5b:f5:bb:77:01:f1: 5c:7b:59:fa:d5:f4:b7:90:06:12:f1:4d:5a:75:67: e2:b2:0b:03:da:b9:dc:96:02:0e:1f:42:3e:7c:e6: 7a:6a:bf:32:db:d1:3b:55:7b:60:06:6b:59:c8:5a: 0a:38:bd:17:a2:fd:1a:38:c0:03:42:a2:aa:a6:ba: e0:bf:53:39:da:7e:6d:c6:e3:05:98:d3:09:30:a1: 2c:41:c3:6e:f6:ab:e4:ec:bc:51:49:0f:7a:a7:2e: b5:78:08:50:51:b0:eb:2c:87:fd:1f:1b:ef:be:e8: 37:6e:59:7f:e2:8c:c6:7c:8e:2f:04:c6:ab:6d:0a: 95:db:e8:c4:71:2a:d2:56:7b:79:84:91:79:0f:10: da:10:f3:86:9e:96:e3:dc:5a:e8:d0:9c:6c:ee:64: 2b:5f:0a:fa:f2:81:d4:f4:7a:eb:8f:aa:4e:2f:6a: ad:f6:b0:05:d1:d2:2b:bb:f0:0a:18:45:b0:a4:cc: 6d:c5:e8:22:3d:0a:a0:0c:e3:45:60:bd:6f:ea:96: 3f:e7:06:5d:51:d8:0f:47:b0:41:ac:d4:9f:4d:2f: b3:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:92:EB:E7:3E:8C:4F:D1:88:3D:91:D5:2D:B1:1B:E6:DB:8A:13:F1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/be8702e9-72df-463a-bb7d-aa1daff3f574.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:a000::/40 Signature Algorithm: sha256WithRSAEncryption 36:6b:f3:2a:f8:9d:22:f9:eb:1c:39:90:e3:eb:33:ce:d7:b6: c0:99:03:b7:bd:dd:e0:20:90:2b:db:27:7c:90:4c:cd:07:41: 28:b2:71:01:78:27:b9:34:e7:44:da:53:38:43:31:a2:0d:a1: 36:ef:10:c3:93:94:70:3e:c3:a2:02:b2:ad:49:0f:96:ca:79: cf:e0:92:a8:49:5d:31:cf:c9:cb:95:1e:d4:b1:aa:f6:33:67: 15:6a:f1:a0:0c:46:34:7c:51:f2:56:bc:ba:d3:9b:2b:be:47: 9b:76:bb:1e:55:20:54:51:29:17:6d:ad:6c:5c:20:2c:ff:8b: 13:3c:dd:84:f4:db:3c:21:86:ef:23:40:81:3d:7f:2e:75:48: 20:21:53:d1:5b:43:b0:1a:c8:35:f6:96:17:69:c4:f1:a9:78: b3:83:89:73:3c:cf:57:70:7c:00:98:a4:9d:c4:fa:9a:73:91: 8e:0c:d1:74:5c:68:13:d4:6d:e0:db:db:e8:24:d2:c5:03:b3: 38:f3:7b:cc:ea:ff:c2:60:b7:9f:11:4f:f0:a3:5f:0f:1e:53: 0a:0a:32:cb:9f:41:e8:83:12:93:2c:5b:d4:78:b4:2f:0d:85: 11:60:bf:05:07:bb:99:98:aa:2a:59:cb:80:77:1d:29:f8:d4: ee:5a:77:92 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUatMdpQv+G2qoug7hqW/PaI20xo0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMDAwMjAyOVoX DTI2MDUyMTIzNTk1OVowejFJMEcGA1UEBRNAY2IzYTQyM2U1MTY1OTI1ZjcxNGZj NjgwNWQxMmZjZDBlMmI4MWE1Mzg1ZmI5ZDBiZmYzODBlNDZiMGM1OTlkZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9nGKqLekvyzT/D7OPkGzwMIzcvg OLqsxlSA/vV1lc51ZABQ+zRb9bt3AfFce1n61fS3kAYS8U1adWfisgsD2rnclgIO H0I+fOZ6ar8y29E7VXtgBmtZyFoKOL0Xov0aOMADQqKqprrgv1M52n5txuMFmNMJ MKEsQcNu9qvk7LxRSQ96py61eAhQUbDrLIf9Hxvvvug3bll/4ozGfI4vBMarbQqV 2+jEcSrSVnt5hJF5DxDaEPOGnpbj3Fro0Jxs7mQrXwr68oHU9Hrrj6pOL2qt9rAF 0dIru/AKGEWwpMxtxegiPQqgDONFYL1v6pY/5wZdUdgPR7BBrNSfTS+z4QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNaS6+c+jE/RiD2R1S2xG+bbihPxMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JlODcwMmU5LTcyZGYtNDYzYS1iYjdkLWFhMWRhZmYzZjU3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/6AwDQYJKoZIhvcNAQELBQADggEBADZr8yr4nSL56xw5kOPr M87XtsCZA7e93eAgkCvbJ3yQTM0HQSiycQF4J7k050TaUzhDMaINoTbvEMOTlHA+ w6ICsq1JD5bKec/gkqhJXTHPycuVHtSxqvYzZxVq8aAMRjR8UfJWvLrTmyu+R5t2 ux5VIFRRKRdtrWxcICz/ixM83YT02zwhhu8jQIE9fy51SCAhU9FbQ7AayDX2lhdp xPGpeLODiXM8z1dwfACYpJ3E+ppzkY4M0XRcaBPUbeDb2+gk0sUDszjze8zq/8Jg t58RT/CjXw8eUwoKMsufQeiDEpMsW9R4tC8NhRFgvwUHu5mYqipZy4B3HSn41O5a d5I= -----END CERTIFICATE-----Generated at Sun Mar 1 21:54:05 2026 by rpki-client