$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ca0c8ab7-0eda-4bcf-8475-be256fcdcaf5.roa File: ca0c8ab7-0eda-4bcf-8475-be256fcdcaf5.roa (raw, json) Hash identifier: LK1Aa1K9ROHH7VUYWN/VyySXUlHV58+lK7jMUN3iMCg= Subject key identifier: A9:3A:F5:46:6F:B4:3B:26:B1:43:FA:51:D7:9C:A8:70:A3:88:09:59 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1072CBF3C03DC60631DDA27A272D3CD2C1A3A42C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ca0c8ab7-0eda-4bcf-8475-be256fcdcaf5.roa Signing time: Sun 22 Feb 2026 00:20:10 +0000 ROA not before: Sun 22 Feb 2026 00:20:10 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:72:cb:f3:c0:3d:c6:06:31:dd:a2:7a:27:2d:3c:d2:c1:a3:a4:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:20:10 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=253a2cc5901ec454ccfd7877a9e624670e1c3ddf8cddf3f5cd8f9721776c8a28, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:86:ff:43:ef:ca:7d:6d:f0:90:df:94:a9:cf: d4:5c:3e:f2:78:05:77:bc:03:ce:34:ca:e1:50:3a: 0c:b2:ab:b4:01:66:8a:d3:cc:6c:48:83:01:ac:c6: 23:d4:60:61:94:f9:9d:c8:7f:9d:41:97:f4:3c:90: 74:b3:56:a0:f2:9d:63:5b:c1:54:b7:a0:24:68:f8: e8:98:3f:5e:6a:e0:d4:e8:50:f5:c7:67:16:bf:a1: 69:41:cd:8c:22:1f:e4:90:b3:c5:4e:ca:1d:a0:03: 1d:e4:65:6b:5e:a4:7f:18:f2:41:7f:d5:be:9a:5a: 62:a1:cd:04:b6:de:91:5a:98:7e:f9:3c:61:68:70: 04:11:52:e0:f5:fb:09:6b:dd:66:7c:f4:8d:3b:de: 40:d5:43:1a:13:dd:1d:01:20:dc:be:bb:90:6e:37: 34:1a:bd:5d:ae:e9:10:03:a0:86:6b:fd:27:0e:04: 6b:12:34:a9:62:d4:8c:a0:b7:db:85:34:7d:ea:26: 5f:57:4a:60:2d:62:f2:34:57:4a:74:9d:b2:2a:11: 5d:66:86:04:8e:ea:d1:52:34:14:4d:3a:28:52:cc: cd:97:ae:f2:36:31:63:6f:ba:ee:7f:00:fd:72:c1: 98:1e:0f:99:ee:bb:01:6b:17:82:99:75:dc:a0:58: 33:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:3A:F5:46:6F:B4:3B:26:B1:43:FA:51:D7:9C:A8:70:A3:88:09:59 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ca0c8ab7-0eda-4bcf-8475-be256fcdcaf5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe:c000::/40 Signature Algorithm: sha256WithRSAEncryption 93:27:a2:23:bd:b1:d4:5e:85:27:5b:2d:ff:63:a0:8c:a4:2a: 2e:bd:a4:45:02:fb:c6:69:10:ac:66:e3:bc:ee:f8:2a:ec:cc: b9:c8:08:f6:11:55:dd:d8:b2:1e:0c:1b:aa:9c:1d:94:8b:5a: 51:1b:c2:5f:f6:9c:a1:59:3c:43:d4:9d:61:1a:33:db:f0:f1: 7b:a1:3d:56:56:d2:8c:37:06:34:5f:d6:ca:bd:3a:8d:ef:ff: b9:89:e4:11:02:d4:be:8f:85:70:e7:1f:77:22:48:b5:5f:19: e6:cd:98:87:d3:1e:bc:28:86:04:a3:ba:48:7f:66:92:49:64: af:56:9d:99:70:78:e0:81:3b:a9:f2:a5:16:ad:04:61:56:91: 05:c4:0d:17:3c:6e:72:58:7e:08:4c:f0:1e:75:3e:c4:bf:68: 1a:c2:51:97:3f:18:a8:22:96:91:b8:0b:ae:bf:0a:09:c9:42: ac:01:cb:ff:80:c3:f3:c4:f2:ee:e3:c6:6f:66:6b:bd:8c:61: b4:b0:9e:bb:f3:b0:75:11:73:64:b4:99:a7:3b:f2:ee:4e:8e: 9d:33:d9:c1:93:3e:70:c5:ec:4d:04:68:cc:fa:58:2b:da:98: 0f:4b:72:c3:21:59:dc:a6:b0:76:ef:26:0c:92:88:11:b6:2c: 4e:fb:5f:47 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUEHLL88A9xgYx3aJ6Jy080sGjpCwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMjAxMFoX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAMjUzYTJjYzU5MDFlYzQ1NGNjZmQ3 ODc3YTllNjI0NjcwZTFjM2RkZjhjZGRmM2Y1Y2Q4Zjk3MjE3NzZjOGEyODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ib/Q+/KfW3wkN+Uqc/UXD7yeAV3 vAPONMrhUDoMsqu0AWaK08xsSIMBrMYj1GBhlPmdyH+dQZf0PJB0s1ag8p1jW8FU t6AkaPjomD9eauDU6FD1x2cWv6FpQc2MIh/kkLPFTsodoAMd5GVrXqR/GPJBf9W+ mlpioc0Ett6RWph++TxhaHAEEVLg9fsJa91mfPSNO95A1UMaE90dASDcvruQbjc0 Gr1drukQA6CGa/0nDgRrEjSpYtSMoLfbhTR96iZfV0pgLWLyNFdKdJ2yKhFdZoYE jurRUjQUTTooUszNl67yNjFjb7rufwD9csGYHg+Z7rsBaxeCmXXcoFgzgwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKk69UZvtDsmsUP6UdecqHCjiAlZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NhMGM4YWI3LTBlZGEtNGJjZi04NDc1LWJlMjU2ZmNkY2FmNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/sAwDQYJKoZIhvcNAQELBQADggEBAJMnoiO9sdRehSdbLf9j oIykKi69pEUC+8ZpEKxm47zu+CrszLnICPYRVd3Ysh4MG6qcHZSLWlEbwl/2nKFZ PEPUnWEaM9vw8XuhPVZW0ow3BjRf1sq9Oo3v/7mJ5BEC1L6PhXDnH3ciSLVfGebN mIfTHrwohgSjukh/ZpJJZK9WnZlweOCBO6nypRatBGFWkQXEDRc8bnJYfghM8B51 PsS/aBrCUZc/GKgilpG4C66/CgnJQqwBy/+Aw/PE8u7jxm9ma72MYbSwnrvzsHUR c2S0mac78u5Ojp0z2cGTPnDF7E0EaMz6WCvamA9LcsMhWdymsHbvJgySiBG2LE77 X0c= -----END CERTIFICATE-----Generated at Mon Mar 2 01:26:04 2026 by rpki-client