$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f30d8c61-acb1-465e-a200-0d6a14eb38de.roa File: f30d8c61-acb1-465e-a200-0d6a14eb38de.roa (raw, json) Hash identifier: Smm/yF0Togs7PORiK7EcA0aSClXxJl2RoOt9AgRDLVc= Subject key identifier: 11:8A:94:37:BD:7A:AD:8E:C8:1B:F5:01:5D:A8:DC:2F:4D:F5:29:C2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 05C0142A62907C2CC29A85A1780A887F314E028D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f30d8c61-acb1-465e-a200-0d6a14eb38de.roa Signing time: Sun 22 Feb 2026 00:11:01 +0000 ROA not before: Sun 22 Feb 2026 00:11:01 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da12::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 05:c0:14:2a:62:90:7c:2c:c2:9a:85:a1:78:0a:88:7f:31:4e:02:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:11:01 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=17f9934bf3005f6e272f901507df9fc480b400f86bd43a60e85c5bf147519f44, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:55:12:cb:65:dc:0e:65:80:ee:4c:2a:d8:f4: 0b:eb:1e:5e:da:e4:55:ab:e8:54:df:d3:ae:00:09: 78:b1:6f:77:78:0d:f8:4f:09:e3:c0:6b:11:5d:71: 09:1a:b8:8e:c8:28:1c:65:b4:23:d5:9a:a4:72:d8: 3d:33:b7:fc:17:f9:08:8d:5f:96:8e:b0:24:79:80: 9f:24:4d:7c:73:17:23:22:81:0d:ff:21:7f:b7:59: d9:33:cc:e5:be:03:06:d7:e1:2e:f9:c9:31:22:b2: a5:52:6a:bd:1d:a4:e1:5c:b7:b8:95:9d:3c:50:5b: 8e:03:2a:a2:fe:9e:cf:c9:be:10:c4:c1:2d:a1:16: e2:b5:15:17:ab:51:a3:cf:38:5c:03:d4:9f:6b:2a: 17:d3:dd:8a:6e:bd:2d:37:d2:17:ed:ec:c4:6d:cc: 15:e2:f7:72:64:69:c3:df:35:50:d0:c7:dc:10:20: a3:e9:41:b6:98:b7:07:57:5d:c5:de:9c:b1:8b:72: a6:8b:2d:de:17:b7:ec:3d:b3:6a:bd:68:82:3e:a4: 7f:b5:1e:30:7c:7a:df:f5:69:ec:74:74:c1:f8:87: b7:55:d7:77:de:c8:a3:71:c2:56:02:20:1f:ef:a1: 4d:e7:bc:c4:71:17:60:d7:35:91:2f:62:b4:9f:a8: 43:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:8A:94:37:BD:7A:AD:8E:C8:1B:F5:01:5D:A8:DC:2F:4D:F5:29:C2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f30d8c61-acb1-465e-a200-0d6a14eb38de.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da12::/38 Signature Algorithm: sha256WithRSAEncryption 6a:64:68:73:6b:2a:49:d5:18:98:08:87:95:be:ca:68:85:de: 1e:b5:dd:1e:8e:b0:18:42:dc:3b:6a:61:b2:3d:26:e3:22:87: 8f:8f:9e:44:00:94:5b:f8:f2:32:d1:bb:63:ea:fd:e4:73:ac: a8:e7:99:65:b0:16:2c:8f:a3:b9:1b:ca:e5:c6:8e:b4:8f:ec: 8e:2d:db:17:ee:ef:e7:a6:89:68:61:c5:2d:53:2d:02:db:6e: 9f:f6:ad:7b:ae:19:8c:b6:1f:9a:2f:f0:80:93:0f:13:6e:3a: 63:bf:e8:ec:0d:0d:66:17:e3:47:92:09:42:8f:cd:41:80:da: ec:c4:f0:9a:d5:dd:58:80:81:14:18:b4:9b:a9:3a:14:f2:2e: e1:91:b4:de:d2:38:67:1b:b9:2f:28:31:16:68:5a:02:45:76: 38:26:8e:ca:ef:18:4f:33:a1:ef:9c:29:26:66:6a:93:0a:fb: 9d:c7:a7:5e:dd:cd:2c:15:d4:17:f7:c4:e2:12:ed:ca:aa:8c: 79:b3:57:c2:50:d6:f8:61:c1:da:f5:d4:44:41:96:81:aa:5d: d3:22:c8:c2:86:42:70:30:94:ae:52:2d:d5:43:d3:57:7e:95: be:03:9d:12:22:33:a8:db:25:24:aa:0f:8b:8c:4c:62:da:47: 71:82:4c:b2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUBcAUKmKQfCzCmoWheAqIfzFOAo0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMTEwMVoX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAMTdmOTkzNGJmMzAwNWY2ZTI3MmY5 MDE1MDdkZjlmYzQ4MGI0MDBmODZiZDQzYTYwZTg1YzViZjE0NzUxOWY0NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVUSy2XcDmWA7kwq2PQL6x5e2uRV q+hU39OuAAl4sW93eA34TwnjwGsRXXEJGriOyCgcZbQj1Zqkctg9M7f8F/kIjV+W jrAkeYCfJE18cxcjIoEN/yF/t1nZM8zlvgMG1+Eu+ckxIrKlUmq9HaThXLe4lZ08 UFuOAyqi/p7Pyb4QxMEtoRbitRUXq1GjzzhcA9SfayoX092Kbr0tN9IX7ezEbcwV 4vdyZGnD3zVQ0MfcECCj6UG2mLcHV13F3pyxi3Kmiy3eF7fsPbNqvWiCPqR/tR4w fHrf9WnsdHTB+Ie3Vdd33sijccJWAiAf76FN57zEcRdg1zWRL2K0n6hDfwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBGKlDe9eq2OyBv1AV2o3C9N9SnCMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YzMGQ4YzYxLWFjYjEtNDY1ZS1hMjAwLTBkNmExNGViMzhkZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaEgAwDQYJKoZIhvcNAQELBQADggEBAGpkaHNrKknVGJgIh5W+ ymiF3h613R6OsBhC3DtqYbI9JuMih4+PnkQAlFv48jLRu2Pq/eRzrKjnmWWwFiyP o7kbyuXGjrSP7I4t2xfu7+emiWhhxS1TLQLbbp/2rXuuGYy2H5ov8ICTDxNuOmO/ 6OwNDWYX40eSCUKPzUGA2uzE8JrV3ViAgRQYtJupOhTyLuGRtN7SOGcbuS8oMRZo WgJFdjgmjsrvGE8zoe+cKSZmapMK+53Hp17dzSwV1Bf3xOIS7cqqjHmzV8JQ1vhh wdr11ERBloGqXdMiyMKGQnAwlK5SLdVD01d+lb4DnRIiM6jbJSSqD4uMTGLaR3GC TLI= -----END CERTIFICATE-----Generated at Sun Mar 1 23:50:04 2026 by rpki-client