$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/da917d8a-5f87-4b60-9a74-a3a380e8de88.roa File: da917d8a-5f87-4b60-9a74-a3a380e8de88.roa (raw, json) Hash identifier: DZRKzg7/GaJvXjTss22SN57ZczpsPyMch8wApl/icm4= Subject key identifier: 7B:AE:06:E0:A5:B1:5E:ED:F3:09:84:08:21:6D:D5:49:09:B3:05:0A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0330B0408889A4EA5741A17CAF9DD9DD9721BEFC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/da917d8a-5f87-4b60-9a74-a3a380e8de88.roa Signing time: Fri 20 Feb 2026 00:11:01 +0000 ROA not before: Fri 20 Feb 2026 00:11:01 +0000 ROA not after: Thu 21 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:c020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:30:b0:40:88:89:a4:ea:57:41:a1:7c:af:9d:d9:dd:97:21:be:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 20 00:11:01 2026 GMT Not After : May 21 23:59:59 2026 GMT Subject: serialNumber=d379827597bd30d59978aaa032c87cb098b1486c8716c422fed5d44bc31bc70a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:bd:b7:62:08:40:0b:d3:06:83:d7:0b:46:ae: 61:1b:3a:c1:d5:28:f5:a2:1c:c5:72:1d:6f:4a:92: c9:b3:d0:c5:39:7e:ca:9b:24:25:e1:45:66:df:71: 69:4c:98:f5:9b:88:18:e3:65:b0:2d:50:66:15:5a: ec:03:78:47:6e:70:c9:f6:95:19:88:1b:21:f7:48: f8:f7:e4:c5:f0:b1:11:7c:83:9e:dc:ba:e0:79:cb: 6b:24:64:98:84:02:0c:c4:22:2e:90:5f:f7:d8:b8: 1a:5f:bb:33:de:0c:44:49:7c:9b:5f:5b:ea:9c:9e: 6e:74:72:c7:70:af:67:b3:b7:f8:6c:18:b4:08:3f: 7b:2e:64:72:3b:79:e9:69:b9:7e:66:9f:32:d4:09: 71:6e:97:0b:4f:40:d3:7a:79:fb:b0:dd:55:c6:ef: 77:82:bb:04:ce:6f:62:61:c7:c8:2c:4e:95:5e:5a: bd:b6:18:76:5f:fb:b3:23:4d:dc:27:79:99:7c:52: d6:1f:7f:e3:fc:b9:73:7a:b4:2e:67:70:28:5f:3b: 79:51:08:87:a3:72:dc:aa:d5:9a:8b:80:c0:fd:da: 0a:c5:8a:73:c6:13:2e:9e:d4:de:43:b9:37:73:5c: d5:72:9f:a3:b5:34:c3:7a:77:4c:12:6e:bc:3d:dc: 9b:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:AE:06:E0:A5:B1:5E:ED:F3:09:84:08:21:6D:D5:49:09:B3:05:0A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/da917d8a-5f87-4b60-9a74-a3a380e8de88.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:c020::/48 Signature Algorithm: sha256WithRSAEncryption 0a:85:d4:ca:0b:8d:9b:b1:7e:7d:d4:ec:0a:be:b4:08:f3:ce: 3a:cf:cb:82:e5:db:8d:9c:a4:f0:2a:e6:69:bc:e8:40:63:1b: db:9b:67:32:ff:e4:b3:62:c7:27:d1:f4:f6:65:63:e1:be:59: d9:01:f3:57:3d:5a:a2:d7:2b:a5:20:1a:25:50:e4:0b:c0:b6: e3:e6:5a:ac:90:b6:10:28:f9:59:2c:2e:3c:70:26:91:8b:ba: 9c:6f:af:f5:9d:75:45:2a:02:a8:ac:a6:2c:1a:7a:cf:52:7b: c8:4b:a6:ab:26:b9:5d:27:6b:69:45:ea:d7:97:fc:66:b5:e0: db:cd:0d:7b:86:11:9c:66:59:c2:81:b4:a0:d7:89:45:04:a4: 5b:58:48:8a:bf:6d:22:4c:34:79:20:0a:5d:61:8c:80:b9:de: 80:73:07:b7:b2:64:5c:e0:30:7a:89:74:b7:0f:d7:4d:1f:a9: a8:d3:91:60:49:bd:86:8b:be:53:ca:fe:1e:0b:f3:19:3a:c3: 56:91:4e:11:89:8a:4a:57:c9:6e:ea:c0:7d:36:6b:f3:d9:25: 37:21:a1:4f:80:98:76:26:43:a3:aa:54:18:0e:9e:d5:bf:b2: 4b:75:96:1c:ef:2e:a3:01:f0:18:0e:a3:86:b6:cf:e0:a9:1b: 16:11:eb:c7 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUAzCwQIiJpOpXQaF8r53Z3ZchvvwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMDAwMTEwMVoX DTI2MDUyMTIzNTk1OVowejFJMEcGA1UEBRNAZDM3OTgyNzU5N2JkMzBkNTk5Nzhh YWEwMzJjODdjYjA5OGIxNDg2Yzg3MTZjNDIyZmVkNWQ0NGJjMzFiYzcwYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8b23YghAC9MGg9cLRq5hGzrB1Sj1 ohzFch1vSpLJs9DFOX7KmyQl4UVm33FpTJj1m4gY42WwLVBmFVrsA3hHbnDJ9pUZ iBsh90j49+TF8LERfIOe3LrgectrJGSYhAIMxCIukF/32LgaX7sz3gxESXybX1vq nJ5udHLHcK9ns7f4bBi0CD97LmRyO3npabl+Zp8y1AlxbpcLT0DTenn7sN1Vxu93 grsEzm9iYcfILE6VXlq9thh2X/uzI03cJ3mZfFLWH3/j/LlzerQuZ3AoXzt5UQiH o3LcqtWai4DA/doKxYpzxhMuntTeQ7k3c1zVcp+jtTTDendMEm68PdybAQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFHuuBuClsV7t8wmECCFt1UkJswUKMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RhOTE3ZDhhLTVmODctNGI2MC05YTc0LWEzYTM4MGU4ZGU4OC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/8AgMA0GCSqGSIb3DQEBCwUAA4IBAQAKhdTKC42bsX591OwK vrQI8846z8uC5duNnKTwKuZpvOhAYxvbm2cy/+SzYscn0fT2ZWPhvlnZAfNXPVqi 1yulIBolUOQLwLbj5lqskLYQKPlZLC48cCaRi7qcb6/1nXVFKgKorKYsGnrPUnvI S6arJrldJ2tpRerXl/xmteDbzQ17hhGcZlnCgbSg14lFBKRbWEiKv20iTDR5IApd YYyAud6Acwe3smRc4DB6iXS3D9dNH6mo05FgSb2Gi75Tyv4eC/MZOsNWkU4RiYpK V8lu6sB9Nmvz2SU3IaFPgJh2JkOjqlQYDp7Vv7JLdZYc7y6jAfAYDqOGts/gqRsW EevH -----END CERTIFICATE-----Generated at Sun Mar 1 21:54:34 2026 by rpki-client