$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d43a2e56-2d58-4c7d-8ee2-0ca6ac8a6275.roa File: d43a2e56-2d58-4c7d-8ee2-0ca6ac8a6275.roa (raw, json) Hash identifier: CeST4XI0qFMrZvqScRIzft/mSIOhgrpOORQRjSLmA50= Subject key identifier: B3:F0:66:1C:49:A1:58:53:76:7B:17:FC:8C:EA:63:6B:1A:92:C3:69 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 75BEA8EA6AAEAF5E69ABE7C1891E046FD51DA69E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d43a2e56-2d58-4c7d-8ee2-0ca6ac8a6275.roa Signing time: Sat 28 Feb 2026 00:00:04 +0000 ROA not before: Sat 28 Feb 2026 00:00:04 +0000 ROA not after: Fri 29 May 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 75:be:a8:ea:6a:ae:af:5e:69:ab:e7:c1:89:1e:04:6f:d5:1d:a6:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 28 00:00:04 2026 GMT Not After : May 29 23:59:59 2026 GMT Subject: serialNumber=d87e887bf0587d827a842964fdc5e389eb9a1a63b590c86d1f70ad1b7150fb38, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:50:9e:3b:52:d4:08:80:36:0d:43:f4:8f:c9: c3:0d:47:0f:cf:fa:9c:90:6e:f1:53:fd:10:f8:7d: e8:82:cf:ad:f3:04:5e:ba:cf:56:62:a4:e2:2e:d8: 78:01:e4:6d:53:c9:7d:a4:98:fd:a9:c2:78:c9:fa: de:00:65:48:2c:8f:8f:a8:61:50:79:a4:df:86:7c: b6:a9:b6:98:2e:c0:bd:d4:cf:2d:33:67:4d:87:09: cc:c0:11:d3:7d:b7:38:0a:60:00:13:d8:da:c8:61: 43:e1:57:9d:30:cf:54:a3:c7:e6:08:94:d0:48:24: 6c:ee:12:4a:b1:75:ad:b3:ab:b4:00:03:c3:1b:56: 2b:c7:6b:75:50:83:ca:09:3a:7e:49:02:d2:60:44: d5:77:13:5c:c3:a0:79:d0:c1:f8:5c:22:fc:84:63: 8a:3a:42:60:b4:92:65:76:d9:60:54:db:d7:d9:7a: f3:99:19:3f:f0:d4:ea:fd:bf:0d:41:06:fd:76:d6: 67:1f:39:08:53:1e:b0:3c:79:cd:19:b9:31:57:dc: 4a:5f:c0:f4:44:07:cf:a9:c5:34:6e:eb:6b:e2:8d: 71:2d:80:5f:0e:13:10:3d:8d:a0:33:41:2c:f5:16: 76:67:dc:aa:94:b9:a6:34:a9:0d:95:c4:7d:88:d1: 5d:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:F0:66:1C:49:A1:58:53:76:7B:17:FC:8C:EA:63:6B:1A:92:C3:69 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d43a2e56-2d58-4c7d-8ee2-0ca6ac8a6275.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:2800::/40 Signature Algorithm: sha256WithRSAEncryption 47:f5:7d:1d:95:94:de:18:80:52:ef:c4:ad:9a:87:82:ef:d2: e0:a4:af:ea:ba:bf:07:e4:3f:0a:16:d6:bb:e4:2e:a2:3a:90: b9:89:d2:39:a7:59:bc:ec:42:17:3f:51:90:47:07:93:ea:5d: 1e:cc:26:69:e9:1b:67:3d:31:b9:95:55:e6:30:eb:d4:38:16: 70:18:a0:14:16:38:2e:f4:d0:ed:c4:af:e2:03:52:f4:b4:63: d7:fd:3d:b0:c4:d2:d4:c8:cc:94:a1:cf:41:7d:93:97:fa:ce: f0:ec:7c:eb:27:a2:bc:71:fd:26:78:55:f2:58:85:d2:08:47: 49:03:2f:b5:8a:d7:7a:de:88:4a:02:0f:ba:b8:6b:0b:8a:a2: a4:8e:0a:b2:7d:13:b3:f0:37:a5:27:d6:80:f0:54:25:e0:bb: a6:9f:1b:44:4d:7f:bf:70:ce:5d:a0:86:c6:8e:9c:16:c2:f5: ff:03:30:fc:c0:a3:d5:db:94:78:b0:69:5d:3a:5a:6a:44:ed: 9d:8b:c1:58:ab:3d:ae:7b:bd:f1:1f:19:8c:e6:ab:d7:4e:fe: 0d:59:62:76:af:31:45:36:f9:0b:52:c5:09:43:63:ad:7b:c8: 47:d3:7b:34:c5:b0:d3:de:a3:32:21:28:c2:50:6a:63:30:8c: 63:1b:38:06 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUdb6o6mqur15pq+fBiR4Eb9Udpp4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyODAwMDAwNFoX DTI2MDUyOTIzNTk1OVowejFJMEcGA1UEBRNAZDg3ZTg4N2JmMDU4N2Q4MjdhODQy OTY0ZmRjNWUzODllYjlhMWE2M2I1OTBjODZkMWY3MGFkMWI3MTUwZmIzODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVCeO1LUCIA2DUP0j8nDDUcPz/qc kG7xU/0Q+H3ogs+t8wReus9WYqTiLth4AeRtU8l9pJj9qcJ4yfreAGVILI+PqGFQ eaTfhny2qbaYLsC91M8tM2dNhwnMwBHTfbc4CmAAE9jayGFD4VedMM9Uo8fmCJTQ SCRs7hJKsXWts6u0AAPDG1Yrx2t1UIPKCTp+SQLSYETVdxNcw6B50MH4XCL8hGOK OkJgtJJldtlgVNvX2XrzmRk/8NTq/b8NQQb9dtZnHzkIUx6wPHnNGbkxV9xKX8D0 RAfPqcU0butr4o1xLYBfDhMQPY2gM0Es9RZ2Z9yqlLmmNKkNlcR9iNFdOwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLPwZhxJoVhTdnsX/IzqY2saksNpMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q0M2EyZTU2LTJkNTgtNGM3ZC04ZWUyLTBjYTZhYzhhNjI3NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7ygwDQYJKoZIhvcNAQELBQADggEBAEf1fR2VlN4YgFLvxK2a h4Lv0uCkr+q6vwfkPwoW1rvkLqI6kLmJ0jmnWbzsQhc/UZBHB5PqXR7MJmnpG2c9 MbmVVeYw69Q4FnAYoBQWOC700O3Er+IDUvS0Y9f9PbDE0tTIzJShz0F9k5f6zvDs fOsnorxx/SZ4VfJYhdIIR0kDL7WK13reiEoCD7q4awuKoqSOCrJ9E7PwN6Un1oDw VCXgu6afG0RNf79wzl2ghsaOnBbC9f8DMPzAo9XblHiwaV06WmpE7Z2LwVirPa57 vfEfGYzmq9dO/g1ZYnavMUU2+QtSxQlDY617yEfTezTFsNPeozIhKMJQamMwjGMb OAY= -----END CERTIFICATE-----Generated at Sun Mar 1 21:51:46 2026 by rpki-client