$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cc7f81a9-6f4b-42c4-80d7-ad99343f49e1.roa File: cc7f81a9-6f4b-42c4-80d7-ad99343f49e1.roa (raw, json) Hash identifier: kmito+rd0tgdkZkS2pynoIAJ/7ym8VeDH6UxEeZNbf0= Subject key identifier: 12:A7:5E:3D:10:1C:8D:18:A1:ED:E1:37:8E:FE:21:83:85:0E:02:E4 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 51A15F7BD4E95702F7A74018BBA15959FF2F0ABE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cc7f81a9-6f4b-42c4-80d7-ad99343f49e1.roa Signing time: Fri 06 Feb 2026 00:00:04 +0000 ROA not before: Fri 06 Feb 2026 00:00:04 +0000 ROA not after: Thu 07 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da28:8000::/37 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:a1:5f:7b:d4:e9:57:02:f7:a7:40:18:bb:a1:59:59:ff:2f:0a:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 6 00:00:04 2026 GMT Not After : May 7 23:59:59 2026 GMT Subject: serialNumber=7e5cbe9f264b95d366afe169cd58a97496e415d116fa64d177551b4e02643443, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:31:eb:85:20:93:3b:48:03:e2:da:15:f4:77: 78:83:c5:58:02:27:46:53:c2:b5:08:d2:d4:44:51: 75:ae:1a:bf:d8:d0:bd:f3:f4:79:c1:19:a4:d3:08: e9:a6:9d:dd:17:4e:4a:01:f9:44:ff:4e:55:3e:21: 22:1c:49:0d:1a:47:da:cd:e9:b0:f0:73:ce:56:f3: b9:2b:76:8e:84:53:98:41:c6:73:f7:5e:72:97:fe: ac:17:ec:5f:64:47:bf:c9:6f:2d:01:9e:1b:96:39: 7f:8b:c9:f8:94:45:a1:e8:74:02:d9:6a:50:00:bc: 3d:53:fe:bf:e9:92:b3:b4:a3:79:79:92:f7:00:46: 88:d5:2c:8d:6d:50:ae:b9:fd:26:25:21:f9:a6:a1: d1:50:ec:46:e5:9c:2a:88:ca:44:57:56:48:dc:e4: 4a:a3:76:7d:0d:a4:23:74:c8:fe:11:fa:71:44:bc: 83:33:af:6e:64:5e:8c:bb:31:2a:5b:5a:dd:24:16: 3c:49:f5:22:a1:58:36:ae:9b:dd:e8:5c:9c:14:2d: da:f2:4a:05:54:35:3a:79:9d:e3:5c:95:e6:ff:71: 34:94:77:63:03:3d:62:09:52:02:24:98:5f:ea:6a: 52:0a:57:ba:fe:a6:e7:3c:b9:e1:d6:d1:b2:e2:3c: 0e:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:A7:5E:3D:10:1C:8D:18:A1:ED:E1:37:8E:FE:21:83:85:0E:02:E4 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cc7f81a9-6f4b-42c4-80d7-ad99343f49e1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da28:8000::/37 Signature Algorithm: sha256WithRSAEncryption 3b:8b:68:a4:0f:53:96:0e:20:82:55:9b:5f:3a:33:e0:d0:b9: f2:11:4f:82:13:d1:88:15:f8:b4:b1:6a:c3:42:a7:70:49:c0: 15:4d:b9:de:08:ad:79:62:7b:81:61:21:e6:3f:99:6c:ab:98: c8:ef:21:60:85:b4:3e:0e:a8:e0:05:46:5e:c1:f1:9f:9d:41: ba:11:50:81:44:0c:d2:fb:ce:a6:0f:db:16:eb:23:7e:a8:1c: 37:ac:53:5d:81:78:a7:c3:36:21:d9:15:5e:de:14:8c:cf:bc: b9:d8:93:ff:2e:59:0f:6d:40:72:20:73:a3:c8:34:de:5c:87: 74:4a:85:50:15:80:2b:de:2f:e0:da:e1:bc:94:97:f3:1c:d1: a9:27:eb:6a:bf:b8:da:d4:c4:12:d3:1a:29:59:ae:79:27:aa: ea:bd:fc:91:4d:63:86:1e:b5:fe:ac:77:58:ae:ab:9a:1e:7a: 9e:4b:d9:dd:96:70:f4:37:2e:7d:da:c7:5a:10:0e:42:49:61: f0:f0:e1:2a:38:5b:34:6a:e5:62:ec:04:2a:db:f8:9d:4a:b7: e8:0a:ec:93:60:89:8f:0e:94:17:a8:f0:29:45:8d:77:55:b4: 42:e4:c5:37:7f:73:03:aa:5a:46:70:bb:a9:bc:96:fd:aa:b3: d1:13:43:ba -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUUaFfe9TpVwL3p0AYu6FZWf8vCr4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIwNjAwMDAwNFoX DTI2MDUwNzIzNTk1OVowejFJMEcGA1UEBRNAN2U1Y2JlOWYyNjRiOTVkMzY2YWZl MTY5Y2Q1OGE5NzQ5NmU0MTVkMTE2ZmE2NGQxNzc1NTFiNGUwMjY0MzQ0MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjHrhSCTO0gD4toV9Hd4g8VYAidG U8K1CNLURFF1rhq/2NC98/R5wRmk0wjppp3dF05KAflE/05VPiEiHEkNGkfazemw 8HPOVvO5K3aOhFOYQcZz915yl/6sF+xfZEe/yW8tAZ4bljl/i8n4lEWh6HQC2WpQ ALw9U/6/6ZKztKN5eZL3AEaI1SyNbVCuuf0mJSH5pqHRUOxG5ZwqiMpEV1ZI3ORK o3Z9DaQjdMj+EfpxRLyDM69uZF6MuzEqW1rdJBY8SfUioVg2rpvd6FycFC3a8koF VDU6eZ3jXJXm/3E0lHdjAz1iCVICJJhf6mpSCle6/qbnPLnh1tGy4jwOJwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBKnXj0QHI0Yoe3hN47+IYOFDgLkMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2NjN2Y4MWE5LTZmNGItNDJjNC04MGQ3LWFkOTkzNDNmNDllMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYDJAbaKIAwDQYJKoZIhvcNAQELBQADggEBADuLaKQPU5YOIIJVm186 M+DQufIRT4IT0YgV+LSxasNCp3BJwBVNud4IrXlie4FhIeY/mWyrmMjvIWCFtD4O qOAFRl7B8Z+dQboRUIFEDNL7zqYP2xbrI36oHDesU12BeKfDNiHZFV7eFIzPvLnY k/8uWQ9tQHIgc6PINN5ch3RKhVAVgCveL+Da4byUl/Mc0akn62q/uNrUxBLTGilZ rnknquq9/JFNY4Yetf6sd1iuq5oeep5L2d2WcPQ3Ln3ax1oQDkJJYfDw4So4WzRq 5WLsBCrb+J1Kt+gK7JNgiY8OlBeo8ClFjXdVtELkxTd/cwOqWkZwu6m8lv2qs9ET Q7o= -----END CERTIFICATE-----Generated at Sun Mar 1 22:03:10 2026 by rpki-client