$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dfeb39ad-2644-4f2a-b23e-18f51ccd49e3.roa File: dfeb39ad-2644-4f2a-b23e-18f51ccd49e3.roa (raw, json) Hash identifier: otwpkk3eu+R0BIVxLUIwUQWcSdPycG6YZArApG7rNNE= Subject key identifier: 94:C4:3A:7E:A4:AA:88:C5:53:4D:26:11:1C:7A:48:8D:1C:20:4C:19 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 58EBDCE1DE4F343288D7E3F18B8216E8286B12 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dfeb39ad-2644-4f2a-b23e-18f51ccd49e3.roa Signing time: Fri 20 Feb 2026 00:21:20 +0000 ROA not before: Fri 20 Feb 2026 00:21:20 +0000 ROA not after: Thu 21 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:10c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:eb:dc:e1:de:4f:34:32:88:d7:e3:f1:8b:82:16:e8:28:6b:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 20 00:21:20 2026 GMT Not After : May 21 23:59:59 2026 GMT Subject: serialNumber=b55222af00ad2dae7f93c43973e3c1f3800f3d13c4880d1cf29948e26481dac2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:85:96:b2:f6:48:21:f3:4d:cc:90:c3:4f:bc: e7:c0:c6:3f:b0:d8:4e:dd:42:6c:4f:f9:49:7e:99: 7f:d4:d3:1a:22:ee:8c:42:77:da:4d:9e:f9:99:d2: 30:17:92:18:c7:35:97:1a:8c:fe:c7:43:22:3b:08: dc:b1:09:f0:6b:dd:49:41:e4:89:b0:a5:8a:a6:5f: cb:d5:7e:0d:fe:0d:b8:bf:3c:a1:42:0b:0a:06:cc: 27:29:c9:f1:67:01:be:c3:4b:10:44:61:89:58:bd: 4b:1e:12:ae:21:7b:aa:b1:84:bd:08:43:74:04:5a: 56:e2:88:0a:ba:de:b5:e3:00:78:7e:17:e7:07:f7: 23:88:1d:04:41:aa:fa:3a:4d:43:b0:f2:7c:ae:c3: e0:55:c7:b1:b5:0a:cb:91:6a:63:ac:58:0a:5f:c8: 06:1f:f3:bb:ba:0a:c7:a5:b5:6a:bd:5d:1c:65:4f: fc:45:8b:1a:db:d8:c8:f7:9b:53:26:a9:3b:10:c1: fa:a6:e8:2e:d5:30:8a:f2:5d:f2:bf:85:99:f9:5b: 75:6b:2e:bd:58:4c:2b:f9:eb:17:5c:e0:db:13:63: 01:e5:23:aa:1d:7b:03:07:83:73:52:44:94:0f:9b: ef:4b:9e:cb:da:32:de:18:ac:dd:12:5a:eb:89:68: 39:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:C4:3A:7E:A4:AA:88:C5:53:4D:26:11:1C:7A:48:8D:1C:20:4C:19 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dfeb39ad-2644-4f2a-b23e-18f51ccd49e3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:10c0::/48 Signature Algorithm: sha256WithRSAEncryption 0c:22:13:5f:7a:f2:8f:c5:b1:e7:87:be:5e:00:58:51:75:c3: ca:ec:a4:fc:10:69:8a:78:68:ad:a0:0e:56:39:a6:ad:9e:da: ce:79:20:08:40:3f:01:bc:49:5b:23:b4:49:c7:d1:cf:f6:52: 23:7c:d6:2b:fd:32:fb:7d:8f:3a:be:7e:3a:fc:6e:f6:48:42: 84:5b:0e:f3:2d:79:c3:02:58:29:4f:fc:88:93:69:c8:79:fe: 0b:cc:46:d2:99:01:cf:28:c2:79:50:b9:d6:7e:2d:c6:d4:99: c7:09:26:1e:c6:f4:b5:d1:ba:6d:76:6f:ea:fe:fe:27:e7:81: 64:a5:64:e7:c4:69:91:c5:2b:05:e3:c5:ea:42:6f:8c:7c:d8: 3e:20:17:f4:ed:b8:38:97:61:f5:4f:31:63:d8:9c:3b:a6:2a: 97:69:d9:fd:2a:eb:7e:4f:35:28:d0:df:d6:47:16:f9:37:b6: b4:05:3a:49:27:d5:e0:3e:73:90:11:54:7c:e4:25:d3:80:8a: 84:9a:5a:26:ff:5a:57:31:0e:18:b5:ef:f7:5c:5c:03:98:c5: 40:93:c0:78:7c:f2:be:6a:e4:bd:44:50:b8:7f:46:ed:98:cc: 7f:38:82:8f:18:f2:f9:e5:0d:3f:fb:58:f2:2a:b8:6d:08:20: 8f:d6:a7:93 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgITWOvc4d5PNDKI1+Pxi4IW6ChrEjANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTFGNjM1RjAwMDAxMTAvBgNVBAUTKDQwNzY4MjU1MjRE MkM2NkQyRTEwNDM2RkU2NUU5M0U4QzFCRDRBMzcwHhcNMjYwMjIwMDAyMTIwWhcN MjYwNTIxMjM1OTU5WjB6MUkwRwYDVQQFE0BiNTUyMjJhZjAwYWQyZGFlN2Y5M2M0 Mzk3M2UzYzFmMzgwMGYzZDEzYzQ4ODBkMWNmMjk5NDhlMjY0ODFkYWMyMS0wKwYD VQQDEyRjMGJmMGZlOC03MTdjLTRmNzItOWI0NS1jOWM1MTkxMzJhODEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCIhZay9kgh803MkMNPvOfAxj+w2E7d QmxP+Ul+mX/U0xoi7oxCd9pNnvmZ0jAXkhjHNZcajP7HQyI7CNyxCfBr3UlB5Imw pYqmX8vVfg3+Dbi/PKFCCwoGzCcpyfFnAb7DSxBEYYlYvUseEq4he6qxhL0IQ3QE WlbiiAq63rXjAHh+F+cH9yOIHQRBqvo6TUOw8nyuw+BVx7G1CsuRamOsWApfyAYf 87u6CseltWq9XRxlT/xFixrb2Mj3m1MmqTsQwfqm6C7VMIryXfK/hZn5W3VrLr1Y TCv56xdc4NsTYwHlI6odewMHg3NSRJQPm+9LnsvaMt4YrN0SWuuJaDktAgMBAAGj ggJLMIICRzAdBgNVHQ4EFgQUlMQ6fqSqiMVTTSYRHHpIjRwgTBkwHwYDVR0jBBgw FoAUQHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RT eG0wdUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEv ZGZlYjM5YWQtMjY0NC00ZjJhLWIyM2UtMThmNTFjY2Q0OWUzLnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUw YmVjOTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E AgACMAkDBwAkBtphEMAwDQYJKoZIhvcNAQELBQADggEBAAwiE1968o/FseeHvl4A WFF1w8rspPwQaYp4aK2gDlY5pq2e2s55IAhAPwG8SVsjtEnH0c/2UiN81iv9Mvt9 jzq+fjr8bvZIQoRbDvMtecMCWClP/IiTach5/gvMRtKZAc8ownlQudZ+LcbUmccJ Jh7G9LXRum12b+r+/ifngWSlZOfEaZHFKwXjxepCb4x82D4gF/TtuDiXYfVPMWPY nDumKpdp2f0q635PNSjQ39ZHFvk3trQFOkkn1eA+c5ARVHzkJdOAioSaWib/Wlcx Dhi17/dcXAOYxUCTwHh88r5q5L1EULh/Ru2YzH84go8Y8vnlDT/7WPIquG0III/W p5M= -----END CERTIFICATE-----Generated at Sun Mar 1 23:47:42 2026 by rpki-client