$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f3ba3251-a502-4cf8-9bc5-449b1376be0f.roa File: f3ba3251-a502-4cf8-9bc5-449b1376be0f.roa (raw, json) Hash identifier: GGjw+T1bnmneoTpckb91HQLH6kSepgCsFakG1suE5UM= Subject key identifier: 05:C9:C0:58:A6:6F:BD:B1:06:B3:31:75:58:E1:D0:1B:48:09:5D:35 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0FF44BA226A4FC57A1E34DDAF6B60B945D8FE4FA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f3ba3251-a502-4cf8-9bc5-449b1376be0f.roa Signing time: Fri 20 Feb 2026 00:20:30 +0000 ROA not before: Fri 20 Feb 2026 00:20:30 +0000 ROA not after: Thu 21 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:2020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:f4:4b:a2:26:a4:fc:57:a1:e3:4d:da:f6:b6:0b:94:5d:8f:e4:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 20 00:20:30 2026 GMT Not After : May 21 23:59:59 2026 GMT Subject: serialNumber=051c11fbb189184af1f1a3f8e8e75e34a29faffd2eb28489635c69ed0992924d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:08:da:48:b8:ab:db:68:31:51:de:7a:57:f8: d0:05:03:06:9f:58:7a:77:e3:8c:45:b9:80:50:fe: 81:bb:28:15:d2:0f:7f:b8:db:10:03:16:8e:6b:e2: 15:e5:eb:b3:cb:ac:23:ca:51:4c:3d:75:9f:f1:b6: 1e:1f:c9:32:18:b0:b6:56:31:23:cb:b7:b8:67:9a: 9f:bc:ca:30:80:ed:42:85:5d:3a:04:df:4a:81:d7: f8:72:e4:df:a2:78:f1:d8:87:f4:6c:29:1b:00:48: 0d:8f:69:30:e7:a6:74:d9:10:67:a0:1a:51:8c:b3: 14:8b:7f:93:47:82:1b:86:b3:fc:96:6c:da:76:63: d0:a4:47:17:3c:b4:7c:45:67:d6:ed:7d:06:ca:31: 75:63:11:65:42:41:8b:c6:6e:52:ab:9a:47:6f:50: 3b:25:4f:40:bc:19:c0:47:09:7d:09:18:fc:5f:4b: 9c:92:27:47:70:0e:bd:a6:67:a2:f4:ab:ae:c6:6f: 94:48:5e:ff:3e:da:77:51:88:0a:e4:ea:3c:bf:cf: fd:cf:39:1f:0f:89:f4:71:29:dc:ea:3e:af:2e:75: ea:cb:15:9c:d7:93:f8:c9:0d:95:a7:d0:1c:79:8a: 40:db:57:2b:67:df:ac:3b:8b:16:7d:44:27:91:f1: 44:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:C9:C0:58:A6:6F:BD:B1:06:B3:31:75:58:E1:D0:1B:48:09:5D:35 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f3ba3251-a502-4cf8-9bc5-449b1376be0f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:2020::/48 Signature Algorithm: sha256WithRSAEncryption ac:e2:dc:1f:e8:07:5f:03:80:3c:0f:21:7b:9f:7d:ec:42:d6: e2:96:8f:ec:41:79:a1:23:6b:06:f3:f7:89:22:c0:9d:f6:2a: 78:a2:60:a9:4a:f3:51:77:bc:a5:9e:24:20:7c:50:57:66:c6: ee:15:87:92:34:d4:5c:57:d9:8f:80:8e:e7:99:da:4a:ba:a4: 80:eb:20:3e:96:e1:85:29:5a:4b:02:e4:49:e7:09:04:c5:9e: 7f:f6:5a:a8:6d:f6:83:d9:da:be:09:7d:3f:82:72:c7:24:27: 1b:76:2f:0a:5a:5e:b1:29:66:7b:ec:21:85:b5:b3:fe:13:35: 59:31:db:26:8c:30:48:6f:19:b6:0b:d5:ab:82:a9:ab:92:ff: 1d:60:30:9c:ef:42:1f:3b:58:87:9e:b0:83:9a:2f:e8:0a:cf: 62:a1:6d:81:bf:0c:ec:62:f6:af:c1:fb:1b:8e:97:36:e6:87: e2:2b:c8:fb:07:1a:1e:6e:cf:e0:9c:73:ff:95:99:09:cd:ea: a9:b6:a9:e6:ef:ea:aa:13:26:5b:1a:b9:f0:0e:1d:d9:c3:dd: 72:93:e6:b3:ba:5e:80:84:65:1c:07:30:6d:55:80:59:1f:6e: b0:cf:3a:2e:4b:fb:62:f8:ee:2b:05:55:28:d1:f0:fa:b2:74: b2:4e:b8:71 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUD/RLoiak/Feh403a9rYLlF2P5PowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMDAwMjAzMFoX DTI2MDUyMTIzNTk1OVowejFJMEcGA1UEBRNAMDUxYzExZmJiMTg5MTg0YWYxZjFh M2Y4ZThlNzVlMzRhMjlmYWZmZDJlYjI4NDg5NjM1YzY5ZWQwOTkyOTI0ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgjaSLir22gxUd56V/jQBQMGn1h6 d+OMRbmAUP6BuygV0g9/uNsQAxaOa+IV5euzy6wjylFMPXWf8bYeH8kyGLC2VjEj y7e4Z5qfvMowgO1ChV06BN9Kgdf4cuTfonjx2If0bCkbAEgNj2kw56Z02RBnoBpR jLMUi3+TR4IbhrP8lmzadmPQpEcXPLR8RWfW7X0GyjF1YxFlQkGLxm5Sq5pHb1A7 JU9AvBnARwl9CRj8X0uckidHcA69pmei9Kuuxm+USF7/Ptp3UYgK5Oo8v8/9zzkf D4n0cSnc6j6vLnXqyxWc15P4yQ2Vp9AceYpA21crZ9+sO4sWfUQnkfFEVQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAXJwFimb72xBrMxdVjh0BtICV01MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YzYmEzMjUxLWE1MDItNGNmOC05YmM1LTQ0OWIxMzc2YmUwZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYSAgMA0GCSqGSIb3DQEBCwUAA4IBAQCs4twf6AdfA4A8DyF7 n33sQtbilo/sQXmhI2sG8/eJIsCd9ip4omCpSvNRd7ylniQgfFBXZsbuFYeSNNRc V9mPgI7nmdpKuqSA6yA+luGFKVpLAuRJ5wkExZ5/9lqobfaD2dq+CX0/gnLHJCcb di8KWl6xKWZ77CGFtbP+EzVZMdsmjDBIbxm2C9Wrgqmrkv8dYDCc70IfO1iHnrCD mi/oCs9ioW2BvwzsYvavwfsbjpc25ofiK8j7Bxoebs/gnHP/lZkJzeqptqnm7+qq EyZbGrnwDh3Zw91yk+azul6AhGUcBzBtVYBZH26wzzouS/ti+O4rBVUo0fD6snSy Trhx -----END CERTIFICATE-----Generated at Sun Mar 1 23:53:36 2026 by rpki-client