$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/de533e09-cd05-4749-8ae2-bf8eb74e13cf.roa File: de533e09-cd05-4749-8ae2-bf8eb74e13cf.roa (raw, json) Hash identifier: EhiRCMdQuCL407kwBjydXWdFiczfLKQiDt0oPS+53O0= Subject key identifier: 51:30:13:35:FC:5E:17:D2:BF:0C:DA:25:C1:38:BB:FC:C2:14:C4:01 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3451B6CBD43DE630CBE82DE837361ACCA4A92417 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/de533e09-cd05-4749-8ae2-bf8eb74e13cf.roa Signing time: Tue 17 Feb 2026 00:00:06 +0000 ROA not before: Tue 17 Feb 2026 00:00:06 +0000 ROA not after: Mon 18 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:2840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:51:b6:cb:d4:3d:e6:30:cb:e8:2d:e8:37:36:1a:cc:a4:a9:24:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 17 00:00:06 2026 GMT Not After : May 18 23:59:59 2026 GMT Subject: serialNumber=74bda7166ec2fa19ad27b80d06e4e0cd1abf30964b4385ce9fd54b42e6827ab0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:2c:8f:c2:03:5f:f1:69:de:00:71:bc:f5:d8: 43:7b:a9:2f:bf:26:75:f7:ab:62:e4:45:de:ce:6f: cb:00:ab:8f:22:76:1b:1c:79:5a:a8:87:53:eb:20: 0e:c0:8e:9f:8f:89:59:6e:71:32:1e:a2:7f:b1:eb: 6f:30:ad:d2:1e:c6:94:5b:eb:3f:49:92:e4:51:55: 7c:95:d5:cf:36:03:3c:91:ce:a5:bb:ec:f0:2b:2f: 8c:4a:4c:08:7e:09:50:1c:a8:24:77:9a:8e:6c:fd: c2:f6:c8:de:07:e4:c8:d3:41:9b:d6:40:ec:bc:49: 28:90:21:e3:30:a1:c1:ab:92:09:9a:af:c7:ce:5e: c1:ea:55:55:9d:f5:73:9d:db:26:ec:a9:be:f2:5d: 6b:09:d0:51:91:2b:7b:50:49:4e:5c:c8:46:d9:c2: b1:ac:9d:f5:5f:4d:89:eb:3f:94:ab:22:53:0f:68: fa:aa:d5:78:1f:3a:9c:35:26:60:e7:b1:62:80:26: cc:4b:da:ac:f2:dd:20:9f:7a:d3:44:d2:f8:b0:09: e3:33:cc:2d:91:b6:b4:6e:58:5c:54:9b:78:f8:53: f2:fb:5a:09:b8:c2:ed:74:b1:73:80:8f:ad:c2:72: 69:45:20:4c:bd:22:07:7a:ff:75:41:fc:2e:a0:e7: 6f:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:30:13:35:FC:5E:17:D2:BF:0C:DA:25:C1:38:BB:FC:C2:14:C4:01 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/de533e09-cd05-4749-8ae2-bf8eb74e13cf.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:2840::/48 Signature Algorithm: sha256WithRSAEncryption 78:9c:4c:ca:68:4c:da:d4:7c:25:5d:5a:ca:5d:8c:00:52:63: a1:fe:2b:73:ca:e6:6f:f7:2e:6e:ae:51:90:a1:33:96:f0:77: 2f:1a:68:8c:63:17:a1:4f:3f:34:31:f3:e3:68:bb:ce:b8:df: 1c:5e:de:7a:d7:e8:e4:43:e4:16:9a:c9:6e:55:67:bd:76:40: 46:d4:a4:11:bc:b7:b8:56:f1:f2:5c:95:0a:a1:26:2a:d6:8b: d9:4c:cb:75:2e:87:f6:73:b7:47:58:3a:0b:0a:bc:08:1a:2d: 5e:65:50:d7:e9:0e:d5:b0:73:77:73:e1:e4:e3:b6:5b:6f:57: 51:c0:ac:d4:7a:f2:1c:32:a8:e7:0d:cc:20:b4:9d:3e:5b:45: 92:c5:91:ff:2d:9e:56:99:bb:26:63:ae:bc:0e:7c:55:8c:9a: 5b:da:18:af:69:9a:e2:cb:1e:7e:0d:7c:e8:25:68:03:1a:bc: 45:ae:06:85:60:8a:8e:8f:46:17:03:4a:ab:b4:b7:23:62:73: 2e:b1:09:89:ae:ce:f3:56:c5:c5:31:db:d2:f7:09:6a:be:86: 04:ec:ef:31:ef:01:0e:d5:11:ea:37:1c:2d:a3:fc:56:16:e5: b8:bc:9f:4b:cb:77:b6:dd:69:dd:f7:a5:27:82:b6:b2:ce:ab: 5b:72:2a:ff -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUNFG2y9Q95jDL6C3oNzYazKSpJBcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxNzAwMDAwNloX DTI2MDUxODIzNTk1OVowejFJMEcGA1UEBRNANzRiZGE3MTY2ZWMyZmExOWFkMjdi ODBkMDZlNGUwY2QxYWJmMzA5NjRiNDM4NWNlOWZkNTRiNDJlNjgyN2FiMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviyPwgNf8WneAHG89dhDe6kvvyZ1 96ti5EXezm/LAKuPInYbHHlaqIdT6yAOwI6fj4lZbnEyHqJ/setvMK3SHsaUW+s/ SZLkUVV8ldXPNgM8kc6lu+zwKy+MSkwIfglQHKgkd5qObP3C9sjeB+TI00Gb1kDs vEkokCHjMKHBq5IJmq/Hzl7B6lVVnfVzndsm7Km+8l1rCdBRkSt7UElOXMhG2cKx rJ31X02J6z+UqyJTD2j6qtV4HzqcNSZg57FigCbMS9qs8t0gn3rTRNL4sAnjM8wt kba0blhcVJt4+FPy+1oJuMLtdLFzgI+twnJpRSBMvSIHev91QfwuoOdvPQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFEwEzX8XhfSvwzaJcE4u/zCFMQBMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RlNTMzZTA5LWNkMDUtNDc0OS04YWUyLWJmOGViNzRlMTNjZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAChAMA0GCSqGSIb3DQEBCwUAA4IBAQB4nEzKaEza1HwlXVrK XYwAUmOh/itzyuZv9y5urlGQoTOW8HcvGmiMYxehTz80MfPjaLvOuN8cXt561+jk Q+QWmsluVWe9dkBG1KQRvLe4VvHyXJUKoSYq1ovZTMt1Lof2c7dHWDoLCrwIGi1e ZVDX6Q7VsHN3c+Hk47Zbb1dRwKzUevIcMqjnDcwgtJ0+W0WSxZH/LZ5WmbsmY668 DnxVjJpb2hivaZriyx5+DXzoJWgDGrxFrgaFYIqOj0YXA0qrtLcjYnMusQmJrs7z VsXFMdvS9wlqvoYE7O8x7wEO1RHqNxwto/xWFuW4vJ9Ly3e23Wnd96Ungrayzqtb cir/ -----END CERTIFICATE-----Generated at Mon Mar 2 06:47:46 2026 by rpki-client