$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ec8e23bf-c8d6-4a69-9151-124b795d815a.roa File: ec8e23bf-c8d6-4a69-9151-124b795d815a.roa (raw, json) Hash identifier: +8WuBeYKy8ivjkma8JN7vYz4TVTmXZjhuEO8bW5/knk= Subject key identifier: FE:61:2E:24:45:A5:D0:67:69:28:2E:E2:5A:D5:72:F4:7D:CB:70:C0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 17876058A6A515E56CB5DF97A23C2B59E083E10F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ec8e23bf-c8d6-4a69-9151-124b795d815a.roa Signing time: Fri 20 Feb 2026 00:20:36 +0000 ROA not before: Fri 20 Feb 2026 00:20:36 +0000 ROA not after: Thu 21 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:6040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:87:60:58:a6:a5:15:e5:6c:b5:df:97:a2:3c:2b:59:e0:83:e1:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 20 00:20:36 2026 GMT Not After : May 21 23:59:59 2026 GMT Subject: serialNumber=c2e98682588bd4e879750ba5cf7fe393492c62a0e3356aaadd38fb3a09521a07, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:79:8e:27:6a:70:fd:fa:cb:a1:e4:16:dd:77: 2f:57:7d:3e:8a:6b:a3:61:3d:2f:a7:79:3e:aa:c0: cc:52:34:98:2d:e5:a5:38:6c:52:df:f2:c5:aa:a4: 49:cb:1c:de:6d:ee:a6:9e:0f:17:4f:6c:ba:0a:bd: c7:dd:c7:cb:8b:62:24:00:31:e3:d0:59:64:a3:ca: d6:9c:56:ca:24:32:9a:cb:37:fc:21:24:ef:8a:b7: 6d:d8:40:ae:34:61:74:36:fe:f2:e4:ce:3a:29:6e: 68:5a:98:03:38:24:64:33:df:51:eb:9a:4d:3c:28: 00:21:7f:e7:ac:7e:77:8d:e5:ba:c4:45:a4:7e:f0: 5f:3a:e8:fe:7d:a6:9e:2d:80:eb:f1:9e:90:42:62: dc:78:f1:30:ae:d0:21:a1:b4:81:0c:41:6e:46:f3: ef:8b:fe:84:a6:e7:30:5a:85:88:24:3e:33:fb:4b: 39:56:de:4a:6e:42:3a:03:bf:65:a0:4e:32:cd:12: df:3c:8b:1d:7a:77:43:1b:96:af:4b:2d:5d:4a:0a: 3c:04:9f:00:f8:38:9c:57:d6:4b:54:5f:b0:a8:c2: c5:36:5d:40:ff:a9:f9:5c:0d:22:76:93:a2:c6:06: 34:aa:42:e4:51:24:b2:b7:eb:c2:1b:5c:47:24:ad: 3c:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:61:2E:24:45:A5:D0:67:69:28:2E:E2:5A:D5:72:F4:7D:CB:70:C0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ec8e23bf-c8d6-4a69-9151-124b795d815a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:6040::/48 Signature Algorithm: sha256WithRSAEncryption 0a:b4:f1:17:6d:36:46:1e:72:66:1d:26:f5:de:b8:fb:94:38: b9:f6:b5:ca:be:4d:60:33:e0:f0:9f:23:8e:95:f5:46:26:ce: 4a:2c:dc:57:c4:0a:5f:17:00:0c:e3:cf:e6:42:dd:e2:69:8d: 80:40:c7:1e:76:6c:41:a4:94:4d:c2:55:1a:6d:c0:b7:0a:64: 39:55:35:c5:8f:bc:4b:c4:8a:a8:7e:f7:08:aa:cf:82:ac:42: 3b:f7:86:8c:a8:ef:b6:ca:57:56:13:9e:e5:21:89:29:76:5e: 15:77:85:69:3a:d9:64:64:8b:11:ce:2e:26:a6:33:ad:d0:a3: 76:95:b9:2b:76:6a:da:ad:d5:be:81:9c:8b:f9:09:69:0f:09: 0c:39:13:5a:51:c2:5b:95:51:0a:17:71:59:ff:5f:48:87:bc: 60:2a:1f:e9:ba:d6:73:fa:1d:c1:b9:ca:06:0d:48:13:a4:2d: f9:d3:85:3f:53:4f:65:41:45:48:5a:bc:b8:13:c5:f5:34:ec: ae:cf:d4:f0:bd:6a:63:ea:33:15:84:e8:96:13:6f:b3:01:fd: e0:d1:4f:c5:2a:8b:4a:0b:a7:e0:06:d1:0c:40:55:fe:cc:70: 64:fb:87:00:00:ae:52:03:8d:71:d4:a9:41:d8:ff:33:59:3a: 25:1e:54:d9 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUF4dgWKalFeVstd+XojwrWeCD4Q8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMDAwMjAzNloX DTI2MDUyMTIzNTk1OVowejFJMEcGA1UEBRNAYzJlOTg2ODI1ODhiZDRlODc5NzUw YmE1Y2Y3ZmUzOTM0OTJjNjJhMGUzMzU2YWFhZGQzOGZiM2EwOTUyMWEwNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXmOJ2pw/frLoeQW3XcvV30+imuj YT0vp3k+qsDMUjSYLeWlOGxS3/LFqqRJyxzebe6mng8XT2y6Cr3H3cfLi2IkADHj 0Flko8rWnFbKJDKayzf8ISTvirdt2ECuNGF0Nv7y5M46KW5oWpgDOCRkM99R65pN PCgAIX/nrH53jeW6xEWkfvBfOuj+faaeLYDr8Z6QQmLcePEwrtAhobSBDEFuRvPv i/6EpucwWoWIJD4z+0s5Vt5KbkI6A79loE4yzRLfPIsdendDG5avSy1dSgo8BJ8A +DicV9ZLVF+wqMLFNl1A/6n5XA0idpOixgY0qkLkUSSyt+vCG1xHJK08mwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFP5hLiRFpdBnaSgu4lrVcvR9y3DAMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VjOGUyM2JmLWM4ZDYtNGE2OS05MTUxLTEyNGI3OTVkODE1YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAGBAMA0GCSqGSIb3DQEBCwUAA4IBAQAKtPEXbTZGHnJmHSb1 3rj7lDi59rXKvk1gM+DwnyOOlfVGJs5KLNxXxApfFwAM48/mQt3iaY2AQMcedmxB pJRNwlUabcC3CmQ5VTXFj7xLxIqofvcIqs+CrEI794aMqO+2yldWE57lIYkpdl4V d4VpOtlkZIsRzi4mpjOt0KN2lbkrdmrardW+gZyL+QlpDwkMORNaUcJblVEKF3FZ /19Ih7xgKh/putZz+h3BucoGDUgTpC3504U/U09lQUVIWry4E8X1NOyuz9TwvWpj 6jMVhOiWE2+zAf3g0U/FKotKC6fgBtEMQFX+zHBk+4cAAK5SA41x1KlB2P8zWTol HlTZ -----END CERTIFICATE-----Generated at Sun Mar 1 21:55:15 2026 by rpki-client