$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e32899b9-14c3-4649-a1dc-82fec0214193.roa File: e32899b9-14c3-4649-a1dc-82fec0214193.roa (raw, json) Hash identifier: mISVuvBEIKKlVbZ2O4j0es49xqM66FrLPfNKHjRlMCQ= Subject key identifier: A7:21:A5:D4:D8:EA:27:BB:09:51:A9:B5:98:53:F0:1F:2D:14:23:4D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1C11379CB607D4C0E408650A8BE2F87608FA15C5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e32899b9-14c3-4649-a1dc-82fec0214193.roa Signing time: Wed 18 Feb 2026 00:01:33 +0000 ROA not before: Wed 18 Feb 2026 00:01:33 +0000 ROA not after: Tue 19 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:e080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1c:11:37:9c:b6:07:d4:c0:e4:08:65:0a:8b:e2:f8:76:08:fa:15:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 18 00:01:33 2026 GMT Not After : May 19 23:59:59 2026 GMT Subject: serialNumber=b1ec99df161fc80efd587825b1c919692467e532c2cb4aa31a7fbb5fb693b97b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:93:9a:8f:07:f8:f1:31:9d:4f:72:a8:1a:85: 32:1a:7b:d9:24:a0:08:2c:68:a6:bd:b0:65:f1:b4: e0:09:b5:3b:6a:fc:f6:7a:39:81:03:b1:24:17:52: 18:4c:fd:eb:8e:8d:8c:3f:9e:69:cd:46:5c:bc:5d: 64:c1:12:cc:58:af:08:6b:2f:1b:5d:3b:47:bb:6e: 0c:3f:29:5c:bc:14:a6:c5:8c:89:91:90:ef:5f:68: 3c:d5:49:94:4f:38:3f:0a:b3:09:21:df:f0:65:ea: b5:1e:71:3a:32:8b:df:1c:b0:e4:c7:82:0e:db:4a: 7d:90:93:d9:e7:1c:cb:0e:36:f3:9b:f6:e3:69:f4: c1:04:6c:02:bd:34:69:13:0b:1e:aa:10:80:15:04: f3:74:10:db:7b:a8:33:a6:00:a9:64:5b:d4:44:7e: 40:55:12:93:82:78:90:21:5f:74:de:19:49:35:9a: 53:2b:e4:34:3d:e5:36:2f:0c:02:32:f7:65:8c:4a: c8:ac:4f:0b:fc:3b:92:56:58:37:d7:ca:25:84:3d: 58:b4:56:99:35:b4:ba:73:fd:e5:c9:01:ea:20:e7: 1e:07:80:a6:de:ac:5b:2e:13:df:d3:4e:d9:1f:2d: 51:d2:db:12:aa:b2:7a:49:5e:64:7f:8a:d2:97:4a: 1f:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:21:A5:D4:D8:EA:27:BB:09:51:A9:B5:98:53:F0:1F:2D:14:23:4D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e32899b9-14c3-4649-a1dc-82fec0214193.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:e080::/48 Signature Algorithm: sha256WithRSAEncryption 9d:f6:5f:dc:b2:8c:20:75:f9:5a:8f:eb:fc:c0:99:fb:f5:e3: 96:37:24:e6:92:1e:db:ff:af:4f:c4:cb:7f:ee:1a:6e:e0:8b: 5f:00:5f:71:db:01:e2:8e:13:b5:55:ef:e7:c2:d2:88:50:e4: 95:d2:05:33:92:87:e0:a0:27:b8:7d:84:57:62:2a:14:f8:a4: 9c:a9:a4:25:49:6c:ba:92:a3:ff:64:d5:3f:9b:95:5d:d0:9c: 1e:a6:1c:62:d8:f6:58:81:5a:d7:3d:0a:3f:aa:ec:90:58:23: f0:da:46:37:71:b5:81:3c:20:9e:46:f2:9e:bc:20:de:c5:83: 95:c1:89:31:33:80:81:8e:cf:7f:0c:41:3e:e0:29:48:2a:31: 49:5e:3a:53:fe:fa:48:8e:32:94:99:0d:5e:fa:1a:84:a6:f7: 4b:fc:da:41:25:59:7c:40:04:f3:c9:70:ea:2d:06:83:0b:a4: 4f:5d:f4:19:3f:77:8d:d2:7c:e8:3b:bd:1b:2d:ec:41:3f:2a: 3b:4c:b0:79:04:7b:5a:4b:f7:e1:fb:d7:1c:70:ba:0c:db:08: a2:d8:4d:8d:de:13:e6:a9:36:37:b6:1f:4a:d3:2c:3e:97:9d: 15:95:80:28:62:70:ad:47:83:54:77:11:19:af:50:18:c6:17: 26:4a:12:de -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUHBE3nLYH1MDkCGUKi+L4dgj6FcUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxODAwMDEzM1oX DTI2MDUxOTIzNTk1OVowejFJMEcGA1UEBRNAYjFlYzk5ZGYxNjFmYzgwZWZkNTg3 ODI1YjFjOTE5NjkyNDY3ZTUzMmMyY2I0YWEzMWE3ZmJiNWZiNjkzYjk3YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZOajwf48TGdT3KoGoUyGnvZJKAI LGimvbBl8bTgCbU7avz2ejmBA7EkF1IYTP3rjo2MP55pzUZcvF1kwRLMWK8Iay8b XTtHu24MPylcvBSmxYyJkZDvX2g81UmUTzg/CrMJId/wZeq1HnE6MovfHLDkx4IO 20p9kJPZ5xzLDjbzm/bjafTBBGwCvTRpEwseqhCAFQTzdBDbe6gzpgCpZFvURH5A VRKTgniQIV903hlJNZpTK+Q0PeU2LwwCMvdljErIrE8L/DuSVlg318olhD1YtFaZ NbS6c/3lyQHqIOceB4Cm3qxbLhPf007ZHy1R0tsSqrJ6SV5kf4rSl0ofPQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKchpdTY6ie7CVGptZhT8B8tFCNNMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UzMjg5OWI5LTE0YzMtNDY0OS1hMWRjLTgyZmVjMDIxNDE5My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAOCAMA0GCSqGSIb3DQEBCwUAA4IBAQCd9l/csowgdflaj+v8 wJn79eOWNyTmkh7b/69PxMt/7hpu4ItfAF9x2wHijhO1Ve/nwtKIUOSV0gUzkofg oCe4fYRXYioU+KScqaQlSWy6kqP/ZNU/m5Vd0Jwephxi2PZYgVrXPQo/quyQWCPw 2kY3cbWBPCCeRvKevCDexYOVwYkxM4CBjs9/DEE+4ClIKjFJXjpT/vpIjjKUmQ1e +hqEpvdL/NpBJVl8QATzyXDqLQaDC6RPXfQZP3eN0nzoO70bLexBPyo7TLB5BHta S/fh+9cccLoM2wii2E2N3hPmqTY3th9K0yw+l50VlYAoYnCtR4NUdxEZr1AYxhcm ShLe -----END CERTIFICATE-----Generated at Mon Mar 2 03:34:22 2026 by rpki-client