$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d857c82f-a402-44db-b300-f24b347c61d1.roa File: d857c82f-a402-44db-b300-f24b347c61d1.roa (raw, json) Hash identifier: PMLRQ0EXk0CamAqqiiDzW2TolDPhxMlPfPYZSz0hZCE= Subject key identifier: EB:EA:9A:4E:2C:E6:12:F4:48:1E:8A:8D:BE:B7:A9:75:A2:DA:CC:89 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 18BA3B44BC43550CF0F0820A32169131B1347604 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d857c82f-a402-44db-b300-f24b347c61d1.roa Signing time: Sun 22 Feb 2026 00:10:59 +0000 ROA not before: Sun 22 Feb 2026 00:10:59 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da14:c00::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:ba:3b:44:bc:43:55:0c:f0:f0:82:0a:32:16:91:31:b1:34:76:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:10:59 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=40b3ddf5bda7fd5db115617151b5c89460dad8d0bd595c769b15c78c20f00dbd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:5d:88:6e:48:85:66:e7:91:f4:93:87:60:1f: 73:37:1b:66:89:9b:30:5c:f4:0a:18:cf:01:ff:d0: c0:94:4c:4c:72:ca:76:1a:1a:76:34:0c:ce:57:3c: 92:51:ac:94:37:c5:0b:ae:fc:a4:31:fa:2e:8a:e8: 76:b4:5c:52:e2:b1:19:6c:fe:61:67:a5:9a:31:db: bd:4c:d6:76:2c:2e:6d:df:7e:bd:d1:86:56:51:03: 56:df:90:cb:fe:ba:50:5c:ea:6d:d2:cc:69:89:de: c2:d2:47:0b:b9:0c:6f:52:ba:46:38:bb:64:7b:de: 35:b2:3e:d5:0c:ff:6c:2c:80:2d:65:c0:3a:c1:0a: 03:ab:53:2c:11:6a:5b:73:dd:01:4c:4c:0f:48:a9: 67:c5:5a:8f:4e:35:43:02:61:e5:96:5b:8f:54:60: 33:7c:59:03:08:32:3d:6f:f2:8c:bf:0f:9a:90:b6: 2c:f0:39:72:b7:96:cf:be:97:a9:01:f7:c6:4e:86: 9d:de:60:27:c9:d9:27:16:4c:50:bb:6e:d6:b1:3d: 3e:df:ae:4c:93:1f:03:10:9d:66:d3:bd:1c:9b:09: ca:f1:22:f7:c8:9f:a0:14:83:92:6c:ad:b0:ea:03: 1a:26:b5:87:ba:09:d7:ec:1b:88:af:55:77:0b:c9: fd:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:EA:9A:4E:2C:E6:12:F4:48:1E:8A:8D:BE:B7:A9:75:A2:DA:CC:89 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d857c82f-a402-44db-b300-f24b347c61d1.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da14:c00::/38 Signature Algorithm: sha256WithRSAEncryption 7a:1a:d9:ae:05:0e:50:9b:8e:b5:2f:b3:5d:21:db:0f:67:8f: df:ad:02:95:74:66:ff:8b:9c:41:2e:ed:56:d6:85:e3:f0:ba: 57:7f:63:21:09:b2:95:6a:81:07:d2:77:09:4c:17:35:66:9c: d6:79:71:66:36:a9:ac:f3:49:9c:3a:82:4b:70:45:67:b8:fc: 55:4e:45:51:22:85:c7:60:24:cd:6d:30:46:d6:98:c7:ac:36: f3:71:b7:b0:79:89:8e:e1:b5:43:7b:85:e3:78:cc:b8:d6:17: ab:01:c3:10:f8:62:0f:66:03:96:48:66:3d:8a:2b:89:1b:60: 01:84:33:64:67:32:11:a9:12:82:41:6c:17:97:23:ee:7c:7d: e5:db:ee:a4:5a:41:72:37:0e:25:1f:9e:7f:a4:b4:e8:86:48: c1:09:fc:26:f4:a5:45:ac:67:29:5d:8c:02:59:2e:f6:1f:60: ff:52:89:3c:4f:11:e6:7f:98:66:7d:e4:57:b7:cc:9a:2f:a3: f4:da:29:31:e6:57:20:0c:59:12:2f:c0:0d:79:64:2f:5a:31: f2:5f:83:fe:e2:92:18:47:a8:b4:65:01:12:f3:d1:2d:70:b5: a0:2e:fc:c4:a0:86:7d:24:4f:6d:0b:d2:04:d9:dc:d3:6c:9d: 9d:a6:f9:8d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUGLo7RLxDVQzw8IIKMhaRMbE0dgQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMTA1OVoX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNANDBiM2RkZjViZGE3ZmQ1ZGIxMTU2 MTcxNTFiNWM4OTQ2MGRhZDhkMGJkNTk1Yzc2OWIxNWM3OGMyMGYwMGRiZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2F2IbkiFZueR9JOHYB9zNxtmiZsw XPQKGM8B/9DAlExMcsp2Ghp2NAzOVzySUayUN8ULrvykMfouiuh2tFxS4rEZbP5h Z6WaMdu9TNZ2LC5t33690YZWUQNW35DL/rpQXOpt0sxpid7C0kcLuQxvUrpGOLtk e941sj7VDP9sLIAtZcA6wQoDq1MsEWpbc90BTEwPSKlnxVqPTjVDAmHllluPVGAz fFkDCDI9b/KMvw+akLYs8Dlyt5bPvpepAffGToad3mAnydknFkxQu27WsT0+365M kx8DEJ1m070cmwnK8SL3yJ+gFIOSbK2w6gMaJrWHugnX7BuIr1V3C8n9awIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOvqmk4s5hL0SB6Kjb63qXWi2syJMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q4NTdjODJmLWE0MDItNDRkYi1iMzAwLWYyNGIzNDdjNjFkMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaFAwwDQYJKoZIhvcNAQELBQADggEBAHoa2a4FDlCbjrUvs10h 2w9nj9+tApV0Zv+LnEEu7VbWhePwuld/YyEJspVqgQfSdwlMFzVmnNZ5cWY2qazz SZw6gktwRWe4/FVORVEihcdgJM1tMEbWmMesNvNxt7B5iY7htUN7heN4zLjWF6sB wxD4Yg9mA5ZIZj2KK4kbYAGEM2RnMhGpEoJBbBeXI+58feXb7qRaQXI3DiUfnn+k tOiGSMEJ/Cb0pUWsZyldjAJZLvYfYP9SiTxPEeZ/mGZ95Fe3zJovo/TaKTHmVyAM WRIvwA15ZC9aMfJfg/7ikhhHqLRlARLz0S1wtaAu/MSghn0kT20L0gTZ3NNsnZ2m +Y0= -----END CERTIFICATE-----Generated at Sun Mar 1 23:56:59 2026 by rpki-client