$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c71bce5d-19d0-4490-bbf0-f89c982ac8d8.roa File: c71bce5d-19d0-4490-bbf0-f89c982ac8d8.roa (raw, json) Hash identifier: MHUhMfopZRvJaJSViD801tj5Dh3AezKyRxz7PGt8VQs= Subject key identifier: 34:76:B7:68:84:3E:E7:C4:D3:C5:DE:5D:29:08:64:75:74:48:F1:04 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2DD3FAEB8CAE05A25EA5F115CB83BC6C9AC6A736 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c71bce5d-19d0-4490-bbf0-f89c982ac8d8.roa Signing time: Sun 22 Feb 2026 00:11:03 +0000 ROA not before: Sun 22 Feb 2026 00:11:03 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da18::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:d3:fa:eb:8c:ae:05:a2:5e:a5:f1:15:cb:83:bc:6c:9a:c6:a7:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:11:03 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=e81581855bace2b3d9ed5ebd1c9af775dc978bf8e1872a232121cb2af4025bf2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:4f:b2:4c:8f:7d:c5:6b:85:df:a9:ce:5c:f1: 76:20:c0:13:3f:7c:f7:b1:c0:de:de:f0:65:81:ae: fc:60:4a:ed:a4:92:78:e7:d0:70:10:ed:ad:d9:9a: 84:77:99:a7:3d:ca:bd:9c:f1:ca:d8:7d:02:cd:89: 7e:76:cb:5b:c6:74:3e:27:de:e4:fb:bd:3e:81:ca: 50:04:d6:02:ea:69:a5:22:6d:87:e8:ff:49:91:b3: 64:58:d9:bf:e5:0b:92:d4:47:5e:78:0a:15:5d:d1: 5c:f2:ca:cf:bc:3d:e5:12:8f:14:bf:de:26:ee:9f: b2:02:c3:1d:36:04:ab:96:64:e4:44:20:65:6f:76: 62:99:9f:a1:ec:6e:c6:70:a7:39:8a:21:27:df:dc: 54:30:98:2a:01:f9:31:c8:31:6f:5c:44:98:65:7b: 0f:41:66:b6:7c:b0:ef:2f:f4:28:9a:cc:94:9f:59: a2:cb:ce:7f:24:d1:8b:6a:f4:97:2d:b7:37:8c:1d: e7:53:a4:24:3d:2b:57:3e:51:aa:1f:bf:ad:9a:7e: ef:e1:55:fc:e6:db:e3:ff:5d:e8:72:7c:f5:40:fa: 7b:a6:79:8b:37:d8:09:69:db:ff:91:bd:0e:d5:35: f3:56:f9:66:96:1a:44:4f:e0:b9:4c:89:2a:2a:9c: 3a:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:76:B7:68:84:3E:E7:C4:D3:C5:DE:5D:29:08:64:75:74:48:F1:04 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c71bce5d-19d0-4490-bbf0-f89c982ac8d8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da18::/36 Signature Algorithm: sha256WithRSAEncryption 4e:11:69:f1:5a:de:ba:66:68:f2:00:b8:61:f1:c8:5b:8d:ed: c2:fb:b3:93:f4:4f:b0:23:15:83:f5:61:1e:64:56:fa:af:1b: 88:16:3a:20:43:7f:1a:49:cb:16:cb:dc:a1:aa:4c:97:4e:0f: a8:b2:36:38:1f:7c:f0:5e:9f:ca:c0:a9:93:76:a1:3d:03:cb: 42:69:4f:b8:cc:ed:a3:eb:20:4b:26:a1:c4:89:08:ed:a4:63: 62:fb:36:a9:d9:52:74:df:49:3f:57:00:82:76:a3:41:66:24: 9e:58:f0:e1:cc:5f:81:cd:07:36:fc:77:49:f1:1e:39:8f:87: b0:dd:3f:48:5c:31:b0:07:aa:cf:57:41:f3:97:5b:f5:ba:cc: e6:1f:38:7d:a9:f0:7f:6e:36:c6:7d:d9:d1:e2:dd:f6:90:00: 66:23:1f:db:3a:6d:3a:9e:72:a2:4c:fc:69:34:da:33:b6:6e: 21:a8:bc:30:4b:47:45:36:03:e2:56:9f:53:7a:bc:b9:be:c4: e6:99:5a:95:40:61:17:46:e4:8c:fa:1c:56:41:77:7d:81:97: 57:2b:d1:21:a3:b5:c4:a2:35:61:8d:7a:37:13:33:a7:a5:08: 4e:66:3f:d6:4a:1c:f9:f9:c2:fa:0e:b7:b2:4c:69:a9:dd:90: f0:15:10:cb -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIULdP664yuBaJepfEVy4O8bJrGpzYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMTEwM1oX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAZTgxNTgxODU1YmFjZTJiM2Q5ZWQ1 ZWJkMWM5YWY3NzVkYzk3OGJmOGUxODcyYTIzMjEyMWNiMmFmNDAyNWJmMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0+yTI99xWuF36nOXPF2IMATP3z3 scDe3vBlga78YErtpJJ459BwEO2t2ZqEd5mnPcq9nPHK2H0CzYl+dstbxnQ+J97k +70+gcpQBNYC6mmlIm2H6P9JkbNkWNm/5QuS1EdeeAoVXdFc8srPvD3lEo8Uv94m 7p+yAsMdNgSrlmTkRCBlb3ZimZ+h7G7GcKc5iiEn39xUMJgqAfkxyDFvXESYZXsP QWa2fLDvL/QomsyUn1miy85/JNGLavSXLbc3jB3nU6QkPStXPlGqH7+tmn7v4VX8 5tvj/13ocnz1QPp7pnmLN9gJadv/kb0O1TXzVvlmlhpET+C5TIkqKpw6GwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDR2t2iEPufE08XeXSkIZHV0SPEEMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M3MWJjZTVkLTE5ZDAtNDQ5MC1iYmYwLWY4OWM5ODJhYzhkOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaGAAwDQYJKoZIhvcNAQELBQADggEBAE4RafFa3rpmaPIAuGHx yFuN7cL7s5P0T7AjFYP1YR5kVvqvG4gWOiBDfxpJyxbL3KGqTJdOD6iyNjgffPBe n8rAqZN2oT0Dy0JpT7jM7aPrIEsmocSJCO2kY2L7NqnZUnTfST9XAIJ2o0FmJJ5Y 8OHMX4HNBzb8d0nxHjmPh7DdP0hcMbAHqs9XQfOXW/W6zOYfOH2p8H9uNsZ92dHi 3faQAGYjH9s6bTqecqJM/Gk02jO2biGovDBLR0U2A+JWn1N6vLm+xOaZWpVAYRdG 5Iz6HFZBd32Bl1cr0SGjtcSiNWGNejcTM6elCE5mP9ZKHPn5wvoOt7JMaandkPAV EMs= -----END CERTIFICATE-----Generated at Mon Mar 2 03:34:09 2026 by rpki-client