$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dcb796cd-0001-4f06-a9c5-198757a8dde6.roa File: dcb796cd-0001-4f06-a9c5-198757a8dde6.roa (raw, json) Hash identifier: PHPthJOdeEPoypyNnuSIlluG+auZILojrWVXvJBJF58= Subject key identifier: 9B:0E:52:58:EB:3A:7B:EA:BC:74:BB:4B:F1:63:AA:CD:17:03:7C:7E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6F667A9DBAB3E9259C8FEDE2F26BB81DBAD664E0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dcb796cd-0001-4f06-a9c5-198757a8dde6.roa Signing time: Sun 22 Feb 2026 00:00:04 +0000 ROA not before: Sun 22 Feb 2026 00:00:04 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da14::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:66:7a:9d:ba:b3:e9:25:9c:8f:ed:e2:f2:6b:b8:1d:ba:d6:64:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:00:04 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=4bb2a4b33a76eda77f530b53b2651142dc4062ba0d78f3e0321dcab5a6662d61, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:3f:87:23:bd:48:19:0e:04:b8:c7:7b:dd:c0: 01:9b:fa:ef:d5:08:50:06:61:39:82:96:fb:59:bd: 24:aa:3b:f9:ef:3d:d0:1d:5a:52:53:64:e9:8b:1a: 59:a6:56:82:f8:2c:ee:31:4d:3b:9a:28:da:2f:60: 21:6d:03:7c:40:ff:be:e7:d5:71:8d:9b:f1:ac:7d: 0c:5e:58:81:74:68:54:75:ed:88:e8:3b:66:12:2b: f5:0e:38:2f:92:e1:94:71:a1:a5:f5:e2:34:44:61: 32:41:53:59:f0:9f:08:7a:18:13:23:f7:09:61:f8: 75:c9:d6:87:eb:ed:b1:24:5f:2f:ea:bc:d2:9c:52: 43:f7:ba:5d:0f:82:e5:e4:09:09:db:3b:6e:1c:df: 49:f6:61:88:ee:b7:ab:63:ad:01:42:fb:55:44:b9: ff:13:f9:61:cc:00:9e:6f:59:10:33:45:d9:9c:e7: 93:d9:50:5c:15:07:fc:bf:4d:56:32:25:a8:26:74: 87:c1:00:e9:26:a6:57:6b:75:7d:19:50:79:2a:fd: 11:b8:fb:ff:08:8e:38:f4:b8:6c:78:7e:a1:14:c0: 80:53:c5:1a:d1:9a:56:18:8f:36:d4:2b:b0:7d:62: c7:ee:19:41:00:13:bd:e5:96:b3:1c:ae:06:3a:9e: eb:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:0E:52:58:EB:3A:7B:EA:BC:74:BB:4B:F1:63:AA:CD:17:03:7C:7E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dcb796cd-0001-4f06-a9c5-198757a8dde6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da14::/38 Signature Algorithm: sha256WithRSAEncryption 5f:37:62:d9:b7:1c:4a:f3:f9:a6:1c:38:01:bf:3e:e6:f6:bb: 08:0b:92:c0:08:cf:e8:e1:10:e7:08:63:a9:f7:d8:a1:e8:07: bf:37:65:c8:12:02:c8:e0:e5:65:1c:8e:d6:72:b9:6d:74:d5: ba:44:81:3a:23:34:9a:f2:ff:06:46:b3:32:5d:dc:99:20:f9: 6f:0b:48:a4:36:28:f4:11:45:e4:74:da:d8:73:60:8f:e7:c3: 21:45:c3:72:b3:44:7a:29:9a:b2:2c:49:cf:1e:ab:b3:ab:6d: d7:37:69:ec:8d:a0:0d:71:09:74:cb:f4:af:4d:36:63:66:bf: 1b:b8:2e:e6:6b:6d:d8:9f:1e:dd:37:5c:1f:dc:ae:4f:9f:e8: 87:b0:7d:e9:2e:11:55:61:50:4a:c8:2f:0d:00:7e:2c:df:1c: e5:7e:55:32:9e:15:9a:40:af:6f:66:e2:05:55:4b:9d:1c:74: 8a:74:b5:ac:ed:74:8a:1a:ad:06:92:1e:b0:70:ab:43:60:6d: 8f:65:60:b4:b1:ca:70:b9:4f:57:cc:9c:f8:f6:86:f2:42:ce: cf:ba:27:3d:6f:07:1b:8b:ec:de:16:a8:02:62:13:21:1e:3f: 1f:00:52:85:8d:b8:f7:7e:b7:56:c4:6d:5f:95:1f:28:a5:3e: 6b:6d:c7:ca -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUb2Z6nbqz6SWcj+3i8mu4HbrWZOAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMDAwNFoX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNANGJiMmE0YjMzYTc2ZWRhNzdmNTMw YjUzYjI2NTExNDJkYzQwNjJiYTBkNzhmM2UwMzIxZGNhYjVhNjY2MmQ2MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6z+HI71IGQ4EuMd73cABm/rv1QhQ BmE5gpb7Wb0kqjv57z3QHVpSU2TpixpZplaC+CzuMU07mijaL2AhbQN8QP++59Vx jZvxrH0MXliBdGhUde2I6DtmEiv1DjgvkuGUcaGl9eI0RGEyQVNZ8J8IehgTI/cJ Yfh1ydaH6+2xJF8v6rzSnFJD97pdD4Ll5AkJ2ztuHN9J9mGI7rerY60BQvtVRLn/ E/lhzACeb1kQM0XZnOeT2VBcFQf8v01WMiWoJnSHwQDpJqZXa3V9GVB5Kv0RuPv/ CI449LhseH6hFMCAU8Ua0ZpWGI821CuwfWLH7hlBABO95ZazHK4GOp7r3QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJsOUljrOnvqvHS7S/Fjqs0XA3x+MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RjYjc5NmNkLTAwMDEtNGYwNi1hOWM1LTE5ODc1N2E4ZGRlNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaFAAwDQYJKoZIhvcNAQELBQADggEBAF83Ytm3HErz+aYcOAG/ Pub2uwgLksAIz+jhEOcIY6n32KHoB783ZcgSAsjg5WUcjtZyuW101bpEgTojNJry /wZGszJd3Jkg+W8LSKQ2KPQRReR02thzYI/nwyFFw3KzRHopmrIsSc8eq7Orbdc3 aeyNoA1xCXTL9K9NNmNmvxu4LuZrbdifHt03XB/crk+f6IewfekuEVVhUErILw0A fizfHOV+VTKeFZpAr29m4gVVS50cdIp0taztdIoarQaSHrBwq0NgbY9lYLSxynC5 T1fMnPj2hvJCzs+6Jz1vBxuL7N4WqAJiEyEePx8AUoWNuPd+t1bEbV+VHyilPmtt x8o= -----END CERTIFICATE-----Generated at Sun Mar 1 22:04:48 2026 by rpki-client