$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e70dad39-c92d-44cb-9d80-658d97292bec.roa File: e70dad39-c92d-44cb-9d80-658d97292bec.roa (raw, json) Hash identifier: nfHMD08KaodSiLjZzjuSCwHBH35V3p8oVy/ckcbqS0Y= Subject key identifier: 3C:0B:56:12:2C:88:D9:62:B1:38:33:FE:75:E4:D7:75:F7:94:A2:E0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 634887B66834B35432341E6B5576F1AD3F94BB2A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e70dad39-c92d-44cb-9d80-658d97292bec.roa Signing time: Wed 11 Feb 2026 00:11:09 +0000 ROA not before: Wed 11 Feb 2026 00:11:09 +0000 ROA not after: Tue 12 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:e040::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:48:87:b6:68:34:b3:54:32:34:1e:6b:55:76:f1:ad:3f:94:bb:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 11 00:11:09 2026 GMT Not After : May 12 23:59:59 2026 GMT Subject: serialNumber=e60ad0604fc463055a43cdf77a2172ef226cfbfce247dddf356e63cc91f50c57, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:a0:a2:e1:6a:8d:53:36:f8:c3:c1:db:bd:b1: 81:02:e1:f6:00:c6:c5:6d:e0:61:11:2a:41:c5:f1: 66:af:94:af:04:c3:8e:98:3b:26:bb:18:27:e3:c4: 7b:8d:37:16:af:d3:65:73:5a:62:bf:fb:a2:b9:9f: e2:24:ed:d7:0e:ea:d3:d8:a3:f3:16:7a:79:e9:b3: 3f:53:09:d3:af:85:5b:da:25:c8:01:b8:3c:d3:5b: df:08:b3:70:3d:c1:9f:0a:81:fa:af:c9:db:09:3f: ee:a8:45:e7:cb:a2:8a:6b:00:11:31:34:3f:2e:11: 1c:70:77:de:fe:ad:86:9c:75:35:c1:61:08:ca:d4: 41:84:62:6d:f4:48:77:b7:62:32:d2:6d:06:36:49: f9:20:2c:21:f9:b2:c1:de:a4:db:6e:97:8c:78:85: 34:ed:64:e8:53:ef:41:33:78:27:8a:dc:df:c3:80: 3d:24:59:66:c1:07:34:63:30:3e:25:41:d9:b6:20: e0:c3:91:cf:cd:7e:c3:a6:81:73:8b:eb:5b:c4:d3: b9:b4:80:0b:5d:80:3a:c3:08:ec:a9:a0:4d:1f:f0: ea:43:ba:ca:ec:0a:0e:4c:d5:9d:58:a3:ab:a8:66: 58:6b:d0:a0:79:cd:2a:b3:11:98:60:03:4e:27:8d: 55:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:0B:56:12:2C:88:D9:62:B1:38:33:FE:75:E4:D7:75:F7:94:A2:E0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e70dad39-c92d-44cb-9d80-658d97292bec.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:e040::/46 Signature Algorithm: sha256WithRSAEncryption 87:a4:b7:21:27:85:f6:7f:ab:aa:7f:8b:a3:0e:56:aa:26:0a: a0:b1:08:83:19:d5:e1:39:28:0f:14:cb:be:cc:b6:78:03:ec: 74:ef:4a:39:2b:85:f8:b7:12:52:1d:d6:4b:50:63:36:bf:d7: d2:d0:93:f9:1d:30:4b:82:f9:7a:e5:4f:84:85:7d:32:e2:3d: 0c:b0:3b:2a:cc:05:49:b0:4a:aa:82:dc:15:8e:7a:36:11:4e: 82:2e:ac:23:dc:21:a0:e1:bb:7e:8b:f8:48:d0:8a:76:91:cc: 8a:b6:a1:ca:20:a2:17:ee:23:0a:b4:2a:67:f2:ed:e0:a9:c9: 94:9c:ef:cf:c0:27:f7:8b:31:de:36:e3:46:63:84:6c:c7:c2: 0b:fe:0b:67:0b:e9:6c:eb:68:67:a0:64:64:2d:5e:f5:0a:f7: b2:76:2e:96:5c:53:73:90:67:d7:78:d3:68:12:e9:0c:10:eb: 32:2e:65:2c:8a:32:aa:58:b1:30:71:c5:54:d2:6a:64:32:0c: 6c:de:76:f6:fb:f2:9f:cb:20:ec:ab:ef:34:0f:6b:31:ab:26: 0a:59:5a:94:ca:63:99:03:e8:d9:13:9d:f4:4a:eb:d2:a2:eb: 6f:1f:ca:a0:55:3c:36:96:ed:80:4f:a9:b9:af:55:87:f0:93: 4c:de:6f:c3 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUY0iHtmg0s1QyNB5rVXbxrT+UuyowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxMTAwMTEwOVoX DTI2MDUxMjIzNTk1OVowejFJMEcGA1UEBRNAZTYwYWQwNjA0ZmM0NjMwNTVhNDNj ZGY3N2EyMTcyZWYyMjZjZmJmY2UyNDdkZGRmMzU2ZTYzY2M5MWY1MGM1NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqCi4WqNUzb4w8HbvbGBAuH2AMbF beBhESpBxfFmr5SvBMOOmDsmuxgn48R7jTcWr9Nlc1piv/uiuZ/iJO3XDurT2KPz Fnp56bM/UwnTr4Vb2iXIAbg801vfCLNwPcGfCoH6r8nbCT/uqEXny6KKawARMTQ/ LhEccHfe/q2GnHU1wWEIytRBhGJt9Eh3t2Iy0m0GNkn5ICwh+bLB3qTbbpeMeIU0 7WToU+9BM3gnitzfw4A9JFlmwQc0YzA+JUHZtiDgw5HPzX7DpoFzi+tbxNO5tIAL XYA6wwjsqaBNH/DqQ7rK7AoOTNWdWKOrqGZYa9Cgec0qsxGYYANOJ41VIQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDwLVhIsiNlisTgz/nXk13X3lKLgMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2U3MGRhZDM5LWM5MmQtNDRjYi05ZDgwLTY1OGQ5NzI5MmJlYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba8+BAMA0GCSqGSIb3DQEBCwUAA4IBAQCHpLchJ4X2f6uqf4uj DlaqJgqgsQiDGdXhOSgPFMu+zLZ4A+x070o5K4X4txJSHdZLUGM2v9fS0JP5HTBL gvl65U+EhX0y4j0MsDsqzAVJsEqqgtwVjno2EU6CLqwj3CGg4bt+i/hI0Ip2kcyK tqHKIKIX7iMKtCpn8u3gqcmUnO/PwCf3izHeNuNGY4Rsx8IL/gtnC+ls62hnoGRk LV71Cveydi6WXFNzkGfXeNNoEukMEOsyLmUsijKqWLEwccVU0mpkMgxs3nb2+/Kf yyDsq+80D2sxqyYKWVqUymOZA+jZE530SuvSoutvH8qgVTw2lu2AT6m5r1WH8JNM 3m/D -----END CERTIFICATE-----Generated at Mon Mar 2 01:44:23 2026 by rpki-client