$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ddbf3a2c-9a81-450f-90bf-1a2159e5b48a.roa File: ddbf3a2c-9a81-450f-90bf-1a2159e5b48a.roa (raw, json) Hash identifier: EZGCpWeZi8ddzfudGfuG+yp+FoXK77YpSXkwFW678sw= Subject key identifier: 1C:A2:67:EB:23:97:DD:E2:EE:D1:8F:CE:FB:35:64:40:2E:B9:23:35 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6F7B53A588676295391D7064ACA853B12567A93A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ddbf3a2c-9a81-450f-90bf-1a2159e5b48a.roa Signing time: Sun 15 Feb 2026 00:00:13 +0000 ROA not before: Sun 15 Feb 2026 00:00:13 +0000 ROA not after: Sat 16 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:7b:53:a5:88:67:62:95:39:1d:70:64:ac:a8:53:b1:25:67:a9:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 15 00:00:13 2026 GMT Not After : May 16 23:59:59 2026 GMT Subject: serialNumber=e187fae47012a7810351878c756981027454289ca29607e63c3e8ac8e839c44a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:d6:79:04:2a:d1:e1:d0:f5:e8:e2:1e:99:bf: 5b:02:cf:b8:61:c4:13:00:7b:d2:5a:56:e4:a3:e6: 85:d5:dc:40:79:94:f9:25:0d:a9:a5:c4:39:98:e1: b2:1e:6f:86:df:82:12:28:0f:66:89:c9:81:b1:50: a6:40:39:7a:59:ac:95:c8:75:fd:c7:56:02:d7:10: ba:30:b6:18:d1:c8:a9:53:44:4b:91:8b:0a:de:34: 4d:12:f5:b7:be:63:0b:6f:90:e5:01:f3:37:10:16: 1a:56:f0:ad:96:58:df:57:a2:d6:07:da:ef:a0:e6: c7:d9:f5:ac:62:61:3d:ee:31:4c:89:60:30:e4:dc: ee:ad:c6:0f:6b:0c:b6:50:35:14:62:47:b1:2d:02: ed:59:1a:41:fc:83:d8:aa:5f:3f:35:1a:3f:75:bd: 91:51:a8:fc:8a:2e:e5:31:c4:61:dc:64:9d:21:79: c6:da:1f:99:7d:de:a5:9c:a4:6e:27:3a:d5:ff:0b: d8:fa:dd:4d:98:e3:27:bd:2d:4d:56:8b:7e:46:66: 75:01:8e:62:de:9d:54:fd:b5:0e:68:80:b5:63:67: de:f6:cb:2e:e5:fe:30:da:71:8a:d5:de:40:76:bc: cb:f7:1d:cb:cb:5f:ba:8b:5b:ce:e4:7e:05:14:ed: d8:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:A2:67:EB:23:97:DD:E2:EE:D1:8F:CE:FB:35:64:40:2E:B9:23:35 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ddbf3a2c-9a81-450f-90bf-1a2159e5b48a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:1000::/40 Signature Algorithm: sha256WithRSAEncryption 28:42:02:c5:df:05:f0:7c:1f:63:63:93:69:77:8b:60:3a:63: 69:b3:26:7f:cb:3e:44:07:f9:38:a1:03:2e:4f:a5:51:12:94: c2:3c:41:16:33:c7:ed:ef:83:c3:09:d0:e4:7f:60:0a:49:a8: c8:72:6f:d9:e5:ae:78:ce:c5:84:79:d0:42:13:09:8f:01:e2: a4:b9:f4:dd:e1:73:4b:26:b1:3a:20:7b:e6:73:b9:19:b8:a0: 48:51:f0:c4:e8:76:73:71:e7:94:36:41:d8:22:69:08:c2:9e: 55:e8:01:dd:d0:70:ae:57:7b:67:82:7b:9c:98:74:db:11:a1: 14:08:60:d7:f3:aa:60:11:f6:b2:6a:cc:55:1f:45:35:4b:b1: f4:4d:13:4c:20:33:38:59:4c:f5:10:6d:88:ad:6c:76:27:d2: 8a:8f:e0:fb:ac:18:d6:c8:59:b4:b2:39:5d:83:6f:95:20:43: b1:10:91:3f:09:b7:e2:56:b5:52:26:ff:c0:74:0d:a1:b8:9b: ff:0b:75:e3:08:0e:a6:c3:f7:62:e1:f0:df:f9:3a:f4:40:94: 2b:80:cd:72:b8:cb:cc:0d:ef:23:0e:86:05:5a:1c:72:d9:b9: ea:c0:4d:a8:37:f5:5f:dc:a8:17:d7:f2:2b:f9:86:55:e7:e9: 76:4e:65:e8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUb3tTpYhnYpU5HXBkrKhTsSVnqTowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxNTAwMDAxM1oX DTI2MDUxNjIzNTk1OVowejFJMEcGA1UEBRNAZTE4N2ZhZTQ3MDEyYTc4MTAzNTE4 NzhjNzU2OTgxMDI3NDU0Mjg5Y2EyOTYwN2U2M2MzZThhYzhlODM5YzQ0YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNZ5BCrR4dD16OIemb9bAs+4YcQT AHvSWlbko+aF1dxAeZT5JQ2ppcQ5mOGyHm+G34ISKA9micmBsVCmQDl6WayVyHX9 x1YC1xC6MLYY0cipU0RLkYsK3jRNEvW3vmMLb5DlAfM3EBYaVvCtlljfV6LWB9rv oObH2fWsYmE97jFMiWAw5NzurcYPawy2UDUUYkexLQLtWRpB/IPYql8/NRo/db2R Uaj8ii7lMcRh3GSdIXnG2h+Zfd6lnKRuJzrV/wvY+t1NmOMnvS1NVot+RmZ1AY5i 3p1U/bUOaIC1Y2fe9ssu5f4w2nGK1d5AdrzL9x3Ly1+6i1vO5H4FFO3YHwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFByiZ+sjl93i7tGPzvs1ZEAuuSM1MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RkYmYzYTJjLTlhODEtNDUwZi05MGJmLTFhMjE1OWU1YjQ4YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYBAwDQYJKoZIhvcNAQELBQADggEBAChCAsXfBfB8H2Njk2l3 i2A6Y2mzJn/LPkQH+TihAy5PpVESlMI8QRYzx+3vg8MJ0OR/YApJqMhyb9nlrnjO xYR50EITCY8B4qS59N3hc0smsToge+ZzuRm4oEhR8MTodnNx55Q2QdgiaQjCnlXo Ad3QcK5Xe2eCe5yYdNsRoRQIYNfzqmAR9rJqzFUfRTVLsfRNE0wgMzhZTPUQbYit bHYn0oqP4PusGNbIWbSyOV2Db5UgQ7EQkT8Jt+JWtVIm/8B0DaG4m/8LdeMIDqbD 92Lh8N/5OvRAlCuAzXK4y8wN7yMOhgVaHHLZuerATag39V/cqBfX8iv5hlXn6XZO Zeg= -----END CERTIFICATE-----Generated at Sun Mar 1 21:56:15 2026 by rpki-client