$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f2dd6a07-efa1-4a66-9f07-179c2e6d4574.roa File: f2dd6a07-efa1-4a66-9f07-179c2e6d4574.roa (raw, json) Hash identifier: RspNIQwju42SwsiNWMDwysNqCiAVgZxIj3pKwJyi2Ks= Subject key identifier: DA:4A:88:5C:E1:96:8A:56:AA:89:C4:3E:CA:E0:D0:ED:34:CD:8B:1A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 06FC7DD45C5713F459CF3ED197E27906E387EA8E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f2dd6a07-efa1-4a66-9f07-179c2e6d4574.roa Signing time: Sun 15 Feb 2026 00:00:07 +0000 ROA not before: Sun 15 Feb 2026 00:00:07 +0000 ROA not after: Sat 16 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:fc:7d:d4:5c:57:13:f4:59:cf:3e:d1:97:e2:79:06:e3:87:ea:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 15 00:00:07 2026 GMT Not After : May 16 23:59:59 2026 GMT Subject: serialNumber=79b9f326f4bf6ca52cffac9eba4c7f6fc918d6a13191c4c6b176d2b480ec1b8e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:ea:6a:08:a8:fc:c0:48:48:53:90:75:50:c6: 43:e3:aa:c6:06:8c:be:51:83:4a:c0:8e:6e:b5:fa: 38:4b:71:11:5c:c1:93:82:62:c0:85:be:26:62:a6: 4b:b9:c6:1b:dd:2c:6e:7e:3a:bb:00:30:d0:1e:35: 3b:c4:4c:ea:df:93:b9:84:13:e1:34:7b:92:87:b3: 3d:4a:c2:4e:ae:f0:5e:62:1c:26:89:48:08:66:b0: bc:1f:80:6d:8c:38:43:03:0b:c2:64:bc:7c:64:36: 73:1d:bd:a5:d6:b3:0d:fa:21:1e:d6:a2:79:88:4d: 66:c0:b3:39:a4:ce:14:2b:63:aa:6f:34:db:2a:f9: 81:99:77:68:22:a0:90:26:4f:50:9e:7d:88:50:26: 30:15:24:e0:d4:76:ad:18:7f:3a:6f:8d:2f:06:43: cf:62:96:fa:79:df:cf:62:36:c8:ed:cc:41:9b:07: f3:3f:bf:11:84:18:c0:44:89:51:76:be:10:97:1d: 38:3f:90:b3:de:f7:41:44:50:d3:6e:ad:14:74:91: 6b:b1:72:12:25:0d:f2:96:cd:bc:47:3e:2c:88:c7: 2e:4e:cb:de:4a:fc:41:84:03:63:67:c2:e1:80:00: 2f:7e:23:1a:b1:28:cd:cc:83:86:52:f7:21:54:ac: c8:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:4A:88:5C:E1:96:8A:56:AA:89:C4:3E:CA:E0:D0:ED:34:CD:8B:1A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f2dd6a07-efa1-4a66-9f07-179c2e6d4574.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:6000::/40 Signature Algorithm: sha256WithRSAEncryption 8f:ab:a0:2b:bc:e8:d4:49:03:c1:9c:63:6e:d9:c6:a2:ad:1f: bb:ce:99:fd:54:a0:76:49:6f:e5:3e:9f:5c:26:aa:0f:f1:0e: a5:d2:94:76:40:29:a0:64:61:98:56:27:db:af:8e:f4:73:8c: 28:02:49:d7:81:94:1e:16:f8:1f:75:62:df:f0:bb:a0:3e:81: 18:11:53:e6:40:61:2a:08:8d:6c:99:92:4e:3c:09:8b:cd:a3: 73:b1:18:73:f4:48:d7:74:a9:fb:46:21:64:59:d4:0d:45:51: d3:86:c3:20:11:e5:66:f9:92:7b:e1:13:84:ea:c7:5f:63:45: 38:56:74:f7:d5:43:70:c8:37:75:e6:ca:39:ed:07:3d:6e:97: 56:d7:d2:0c:e6:14:f2:75:e1:94:66:a9:73:fd:b2:9b:87:db: 66:14:8a:30:8d:ca:9f:0a:96:ad:7d:d3:d3:ab:8d:0e:4f:15: 85:b3:1c:a9:13:1c:8f:50:0a:4f:f1:c5:6b:91:0e:69:58:a7: 33:3a:6d:49:12:0e:d9:f9:c7:14:d2:e9:1e:87:cc:f2:cb:00: 24:46:16:32:30:ba:85:68:ee:5e:5d:16:3b:59:84:5a:1e:d2: 0c:63:89:c2:6a:45:f6:53:c6:e5:62:16:c1:13:03:0f:8e:c8: 97:81:0c:a5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBvx91FxXE/RZzz7Rl+J5BuOH6o4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxNTAwMDAwN1oX DTI2MDUxNjIzNTk1OVowejFJMEcGA1UEBRNANzliOWYzMjZmNGJmNmNhNTJjZmZh YzllYmE0YzdmNmZjOTE4ZDZhMTMxOTFjNGM2YjE3NmQyYjQ4MGVjMWI4ZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvepqCKj8wEhIU5B1UMZD46rGBoy+ UYNKwI5utfo4S3ERXMGTgmLAhb4mYqZLucYb3Sxufjq7ADDQHjU7xEzq35O5hBPh NHuSh7M9SsJOrvBeYhwmiUgIZrC8H4BtjDhDAwvCZLx8ZDZzHb2l1rMN+iEe1qJ5 iE1mwLM5pM4UK2OqbzTbKvmBmXdoIqCQJk9Qnn2IUCYwFSTg1HatGH86b40vBkPP Ypb6ed/PYjbI7cxBmwfzP78RhBjARIlRdr4Qlx04P5Cz3vdBRFDTbq0UdJFrsXIS JQ3yls28Rz4siMcuTsveSvxBhANjZ8LhgAAvfiMasSjNzIOGUvchVKzIbQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNpKiFzhlopWqonEPsrg0O00zYsaMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YyZGQ2YTA3LWVmYTEtNGE2Ni05ZjA3LTE3OWMyZTZkNDU3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYGAwDQYJKoZIhvcNAQELBQADggEBAI+roCu86NRJA8GcY27Z xqKtH7vOmf1UoHZJb+U+n1wmqg/xDqXSlHZAKaBkYZhWJ9uvjvRzjCgCSdeBlB4W +B91Yt/wu6A+gRgRU+ZAYSoIjWyZkk48CYvNo3OxGHP0SNd0qftGIWRZ1A1FUdOG wyAR5Wb5knvhE4Tqx19jRThWdPfVQ3DIN3XmyjntBz1ul1bX0gzmFPJ14ZRmqXP9 spuH22YUijCNyp8Klq1909OrjQ5PFYWzHKkTHI9QCk/xxWuRDmlYpzM6bUkSDtn5 xxTS6R6HzPLLACRGFjIwuoVo7l5dFjtZhFoe0gxjicJqRfZTxuViFsETAw+OyJeB DKU= -----END CERTIFICATE-----Generated at Sun Mar 1 23:48:19 2026 by rpki-client