$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f308a076-0e58-4b45-b7b0-474f5484be2e.roa File: f308a076-0e58-4b45-b7b0-474f5484be2e.roa (raw, json) Hash identifier: ygRyGy68X+05r+dwJ7yum1q7QzoMlg+KDf0HiJEUalo= Subject key identifier: 6E:60:89:5D:A2:F0:5D:42:D2:D7:72:7F:D5:CF:11:19:9B:F9:CB:D8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 71C0743FBF97D9EA3FB5FDCD328BA12722A0FEB2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f308a076-0e58-4b45-b7b0-474f5484be2e.roa Signing time: Sat 21 Feb 2026 00:00:04 +0000 ROA not before: Sat 21 Feb 2026 00:00:04 +0000 ROA not after: Fri 22 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daec:1000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Mar 2026 00:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:c0:74:3f:bf:97:d9:ea:3f:b5:fd:cd:32:8b:a1:27:22:a0:fe:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 21 00:00:04 2026 GMT Not After : May 22 23:59:59 2026 GMT Subject: serialNumber=a7d4a6118381b0c2c65304456bd2c15b0d4a92877c7c5fdf0d9396e0fb1786e4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:40:f7:fa:04:2b:32:b9:91:fb:32:df:8d:7a: 73:a8:3c:67:6b:7a:c2:fc:78:75:96:5a:19:bf:87: 71:48:e7:fa:66:42:d3:be:81:9d:e9:bd:45:ea:44: ff:1f:09:17:95:46:7f:5c:79:34:c5:12:fe:ec:c1: 76:ee:69:fe:2b:37:3d:69:69:38:95:0c:84:24:ff: 95:0b:8b:28:1b:28:d8:87:d9:99:76:5f:03:ea:ac: 52:25:26:f5:3a:7c:8a:d2:d3:75:1a:be:86:37:86: a0:52:ee:f5:4c:4d:c7:39:93:1b:f6:6f:88:a0:1e: ba:1b:35:e1:ee:fd:e4:6d:a8:75:57:74:05:3e:60: 87:99:a4:09:67:d2:ea:c1:83:17:0a:ff:c4:03:79: b0:88:09:8a:be:b6:b0:64:d3:7f:c7:f7:4c:88:6d: 41:de:d2:67:7b:24:26:84:5c:15:8c:b2:f1:69:f6: d6:29:1d:f5:22:24:06:a8:a5:cd:ce:01:99:b0:82: 3c:73:c0:76:76:11:b0:ed:0f:3c:de:d4:9a:b9:95: 68:22:a4:c0:1f:b4:c9:f9:67:7c:3c:ab:99:38:d8: 3f:ce:6c:3c:f3:df:4b:d3:29:4d:30:46:5e:ec:54: a5:13:fd:b5:e7:57:03:dc:44:3e:96:ae:db:07:11: b9:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:60:89:5D:A2:F0:5D:42:D2:D7:72:7F:D5:CF:11:19:9B:F9:CB:D8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f308a076-0e58-4b45-b7b0-474f5484be2e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daec:1000::/48 Signature Algorithm: sha256WithRSAEncryption aa:03:41:50:0e:01:66:54:28:97:50:3c:fe:eb:e8:ba:c3:e9: cb:c2:3e:f8:bf:10:b8:a5:90:be:72:71:b9:62:9b:f6:ee:c5: 85:82:85:8d:d9:7d:73:59:79:5c:16:37:44:72:dc:62:9d:bd: 43:5b:94:b4:7e:e6:d9:7d:0f:fd:88:fd:d7:84:ee:c3:f2:c1: e8:38:a3:a5:f4:71:db:65:83:f0:ff:48:2b:58:fc:cd:4a:2d: 17:52:df:45:0f:0d:c6:c2:0e:0c:60:d9:a4:17:01:37:87:9f: 1a:e5:48:56:02:99:2c:a4:32:c3:20:37:67:05:19:6a:76:ae: b4:ef:a5:32:7a:a0:1b:b3:4b:fa:b5:8f:16:55:b8:03:94:96: 26:8a:f1:43:58:ff:8b:91:dc:21:ac:97:8b:f3:de:70:14:23: 24:ba:94:d6:cf:34:36:cc:c5:38:6a:1d:67:11:05:44:b2:d7: 1d:86:66:11:96:86:e0:e6:91:ec:47:81:7b:21:ec:cb:60:aa: 00:89:c2:8e:35:58:a3:b3:4e:83:f0:ea:64:85:ae:60:c3:6b: f4:eb:25:3b:7a:6f:51:39:6f:55:74:a4:4b:a3:d4:3f:c9:3d: 07:d0:12:cd:74:b5:c3:41:24:ea:06:af:47:bd:00:2d:a0:2a: e0:de:fe:5b -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUccB0P7+X2eo/tf3NMouhJyKg/rIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMTAwMDAwNFoX DTI2MDUyMjIzNTk1OVowejFJMEcGA1UEBRNAYTdkNGE2MTE4MzgxYjBjMmM2NTMw NDQ1NmJkMmMxNWIwZDRhOTI4NzdjN2M1ZmRmMGQ5Mzk2ZTBmYjE3ODZlNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApED3+gQrMrmR+zLfjXpzqDxna3rC /Hh1lloZv4dxSOf6ZkLTvoGd6b1F6kT/HwkXlUZ/XHk0xRL+7MF27mn+Kzc9aWk4 lQyEJP+VC4soGyjYh9mZdl8D6qxSJSb1OnyK0tN1Gr6GN4agUu71TE3HOZMb9m+I oB66GzXh7v3kbah1V3QFPmCHmaQJZ9LqwYMXCv/EA3mwiAmKvrawZNN/x/dMiG1B 3tJneyQmhFwVjLLxafbWKR31IiQGqKXNzgGZsII8c8B2dhGw7Q883tSauZVoIqTA H7TJ+Wd8PKuZONg/zmw8899L0ylNMEZe7FSlE/2151cD3EQ+lq7bBxG5+wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFG5giV2i8F1C0tdyf9XPERmb+cvYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YzMDhhMDc2LTBlNTgtNGI0NS1iN2IwLTQ3NGY1NDg0YmUyZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba7BAAMA0GCSqGSIb3DQEBCwUAA4IBAQCqA0FQDgFmVCiXUDz+ 6+i6w+nLwj74vxC4pZC+cnG5Ypv27sWFgoWN2X1zWXlcFjdEctxinb1DW5S0fubZ fQ/9iP3XhO7D8sHoOKOl9HHbZYPw/0grWPzNSi0XUt9FDw3Gwg4MYNmkFwE3h58a 5UhWApkspDLDIDdnBRlqdq6076UyeqAbs0v6tY8WVbgDlJYmivFDWP+LkdwhrJeL 895wFCMkupTWzzQ2zMU4ah1nEQVEstcdhmYRlobg5pHsR4F7IezLYKoAicKONVij s06D8Opkha5gw2v06yU7em9ROW9VdKRLo9Q/yT0H0BLNdLXDQSTqBq9HvQAtoCrg 3v5b -----END CERTIFICATE-----Generated at Mon Mar 2 05:16:44 2026 by rpki-client