$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d6622abc-f896-4288-ad4e-5c52c1eaf806.roa File: d6622abc-f896-4288-ad4e-5c52c1eaf806.roa (raw, json) Hash identifier: j0PSkv+GjYH2BIIHSElBC35vw5En4dGN5CagI0sCP08= Subject key identifier: 85:A3:1F:00:14:E9:65:3C:22:02:A1:B9:EF:15:31:FC:52:23:C0:BF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5C9144BBE96AE5307C64285EDEE0E14CACF91D67 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d6622abc-f896-4288-ad4e-5c52c1eaf806.roa Signing time: Sun 15 Feb 2026 00:00:08 +0000 ROA not before: Sun 15 Feb 2026 00:00:08 +0000 ROA not after: Sat 16 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:4800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:91:44:bb:e9:6a:e5:30:7c:64:28:5e:de:e0:e1:4c:ac:f9:1d:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 15 00:00:08 2026 GMT Not After : May 16 23:59:59 2026 GMT Subject: serialNumber=6fd1a40312ba59707fc4b9db953c524c6b13881ee4d49a97e28c88c3be4ba588, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:c8:5f:c6:22:ad:0b:97:40:b7:3a:70:0f:2b: 12:c8:5d:68:29:2f:e5:d9:48:32:ce:21:9e:fa:c5: 3d:4c:f5:36:40:88:f4:7d:38:ea:99:95:8a:c3:40: e3:49:70:92:c7:07:54:63:0b:f9:c2:10:47:9e:d9: 5f:1b:e4:a6:ce:e8:eb:e9:e4:37:74:3b:bf:9f:ec: 0d:6f:82:4d:a4:95:8a:74:e7:b3:a1:46:77:39:cc: fe:bd:fd:c4:2e:2c:e1:64:56:d4:0c:1e:1c:13:77: f4:02:29:2d:e8:1a:22:0f:6f:7b:36:a7:88:a8:07: 8e:8d:4d:e1:86:45:3c:29:99:5c:d9:77:96:fa:9e: 11:40:b3:4a:0f:35:e5:8c:52:ef:36:20:c0:d0:64: 98:7d:18:3d:82:f8:14:f9:a4:d5:f5:3f:9f:c8:9d: 91:5e:1f:e6:c2:32:43:a2:bd:f3:f6:6b:90:59:0d: 0f:07:0c:47:a3:c1:96:49:ef:c9:70:65:b4:64:5f: 1d:39:0e:58:de:08:7c:36:33:30:bc:1e:75:99:c4: b8:48:19:a8:80:05:57:8d:e1:c6:86:52:5a:e2:eb: d0:d2:fd:d3:14:08:59:f1:fb:b8:e4:f4:01:36:4d: ae:a9:27:95:38:c0:16:09:4c:53:d0:e0:46:85:e3: 17:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:A3:1F:00:14:E9:65:3C:22:02:A1:B9:EF:15:31:FC:52:23:C0:BF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d6622abc-f896-4288-ad4e-5c52c1eaf806.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:4800::/40 Signature Algorithm: sha256WithRSAEncryption 51:44:3b:30:18:95:d8:e2:ba:59:55:19:ab:38:35:39:25:37: 4c:d3:22:1a:9f:d7:7b:63:10:5b:13:9e:3b:c8:d5:1d:25:d9: 39:81:e8:71:b2:3f:cd:e5:91:f8:a6:d9:5f:2f:fa:44:2f:90: 98:7f:99:be:ab:bd:0a:eb:8b:c1:4a:65:55:de:88:16:ea:36: 86:24:26:44:9a:e8:36:e8:73:cf:59:05:4f:a5:3f:74:ad:bc: 98:e8:a0:02:3d:00:37:91:a1:ee:2f:7b:29:d8:b2:be:5c:d0: 00:37:4d:90:e6:c5:f9:20:dd:6a:78:7e:1a:ca:7b:85:0a:77: 36:6f:bc:1f:77:bf:19:9d:6b:e4:17:04:2f:22:75:73:de:e0: c3:de:c0:4b:74:01:a0:58:91:9e:f4:1d:bd:03:0f:f4:28:89: f2:b5:2f:17:fe:d7:4e:38:26:99:1c:93:c0:76:86:b5:e4:2d: b3:41:66:5c:be:63:a0:70:66:9c:28:0b:5f:24:53:9e:ed:27: b6:78:fa:66:36:60:17:6d:fd:31:a1:ea:7c:fa:86:48:ba:0e: 39:fc:dd:f3:70:d1:fe:02:16:fc:52:7e:2b:43:13:1b:e3:9b: a3:a0:81:2f:fb:0f:da:d5:26:d1:d9:30:52:44:59:36:82:bc: 15:8a:74:c3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUXJFEu+lq5TB8ZChe3uDhTKz5HWcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxNTAwMDAwOFoX DTI2MDUxNjIzNTk1OVowejFJMEcGA1UEBRNANmZkMWE0MDMxMmJhNTk3MDdmYzRi OWRiOTUzYzUyNGM2YjEzODgxZWU0ZDQ5YTk3ZTI4Yzg4YzNiZTRiYTU4ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmchfxiKtC5dAtzpwDysSyF1oKS/l 2UgyziGe+sU9TPU2QIj0fTjqmZWKw0DjSXCSxwdUYwv5whBHntlfG+Smzujr6eQ3 dDu/n+wNb4JNpJWKdOezoUZ3Ocz+vf3ELizhZFbUDB4cE3f0Aikt6BoiD297NqeI qAeOjU3hhkU8KZlc2XeW+p4RQLNKDzXljFLvNiDA0GSYfRg9gvgU+aTV9T+fyJ2R Xh/mwjJDor3z9muQWQ0PBwxHo8GWSe/JcGW0ZF8dOQ5Y3gh8NjMwvB51mcS4SBmo gAVXjeHGhlJa4uvQ0v3TFAhZ8fu45PQBNk2uqSeVOMAWCUxT0OBGheMX7QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIWjHwAU6WU8IgKhue8VMfxSI8C/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q2NjIyYWJjLWY4OTYtNDI4OC1hZDRlLTVjNTJjMWVhZjgwNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYEgwDQYJKoZIhvcNAQELBQADggEBAFFEOzAYldjiullVGas4 NTklN0zTIhqf13tjEFsTnjvI1R0l2TmB6HGyP83lkfim2V8v+kQvkJh/mb6rvQrr i8FKZVXeiBbqNoYkJkSa6Dboc89ZBU+lP3StvJjooAI9ADeRoe4veynYsr5c0AA3 TZDmxfkg3Wp4fhrKe4UKdzZvvB93vxmda+QXBC8idXPe4MPewEt0AaBYkZ70Hb0D D/QoifK1Lxf+1044Jpkck8B2hrXkLbNBZly+Y6BwZpwoC18kU57tJ7Z4+mY2YBdt /TGh6nz6hki6Djn83fNw0f4CFvxSfitDExvjm6OggS/7D9rVJtHZMFJEWTaCvBWK dMM= -----END CERTIFICATE-----Generated at Sun Mar 1 22:13:06 2026 by rpki-client