$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb17f286-f77e-445f-a084-0fef8b29ef6e.roa File: fb17f286-f77e-445f-a084-0fef8b29ef6e.roa (raw, json) Hash identifier: nOzdtQrxhqvLmCpT4KNGMHMUJGq6omzowHiDobhhTNI= Subject key identifier: 80:B4:9F:65:C6:02:05:4D:2D:A6:1F:E3:93:02:ED:35:BA:69:0E:67 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4D1245F54CD68B0BCF914655A900954A847BDE51 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb17f286-f77e-445f-a084-0fef8b29ef6e.roa Signing time: Tue 24 Feb 2026 00:00:05 +0000 ROA not before: Tue 24 Feb 2026 00:00:05 +0000 ROA not after: Mon 25 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab8:800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:12:45:f5:4c:d6:8b:0b:cf:91:46:55:a9:00:95:4a:84:7b:de:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 24 00:00:05 2026 GMT Not After : May 25 23:59:59 2026 GMT Subject: serialNumber=dfc0dd3146620cf44d29ebbd50cc0661ae70aa9519ee3e19f6c084a7f8c71e48, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:12:8d:79:d1:85:65:26:d5:35:25:6d:64:7e: 08:22:e2:3b:63:7d:78:a0:da:30:56:7d:27:ed:a4: 86:75:25:bd:0e:2f:6d:54:93:71:d9:2e:7e:8b:68: 77:15:1a:f5:86:60:de:6b:ff:de:e2:02:90:0b:ef: 97:40:fc:5a:da:31:cc:da:56:98:16:f6:91:2f:61: 00:a4:7b:d2:fa:e2:d9:83:1b:c4:40:79:a7:06:ca: fa:b9:cc:16:21:a9:8c:96:95:1c:63:c7:b0:4d:0d: db:78:83:f8:a5:cb:49:71:d8:8f:61:ae:13:59:2c: 34:15:93:6d:a6:18:a8:42:31:7e:ab:e3:c4:0f:68: 0d:44:17:c8:0a:18:54:fc:87:20:77:b2:8b:8a:d4: 9c:59:b1:99:33:74:16:b9:54:d1:78:40:fc:5b:6e: 55:91:01:5f:7d:4c:68:a3:e0:9d:bd:fa:8f:07:3a: 3c:49:11:14:b1:32:8e:3e:ee:f0:4c:76:2f:23:4d: 64:93:3c:95:42:9a:f4:32:4d:24:77:d2:61:0e:09: 70:5d:1b:8b:d4:96:7f:93:94:a4:68:bf:09:17:be: 40:c3:1a:e9:69:34:7e:7f:a2:5c:17:5a:e7:4a:7e: e3:4c:38:08:06:7c:02:ec:72:5d:1b:0b:f5:d3:5a: 85:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:B4:9F:65:C6:02:05:4D:2D:A6:1F:E3:93:02:ED:35:BA:69:0E:67 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fb17f286-f77e-445f-a084-0fef8b29ef6e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab8:800::/40 Signature Algorithm: sha256WithRSAEncryption 5d:3c:2d:60:ac:b9:08:df:0c:e9:3a:60:2f:9f:ad:be:47:5f: b8:e8:21:e3:c3:82:54:88:e5:7c:2e:34:01:4c:1c:8d:5f:a5: 75:43:d4:47:62:0c:f8:34:db:0c:d6:85:41:5d:9c:37:43:da: 61:0a:39:7c:59:22:f4:f0:4e:e7:6e:a7:36:a0:4a:7e:fe:70: 84:31:9e:14:22:f4:3f:c3:d4:f3:c2:20:04:ff:b5:ea:24:11: 41:ee:f7:88:6d:29:db:5e:df:1a:78:07:14:b0:a0:f4:4d:8a: 5f:65:1f:b6:85:4c:df:ab:91:6d:34:4c:b2:98:26:2d:b2:48: d8:de:13:6b:ff:2d:e1:bd:f4:c3:99:df:3d:25:8e:83:5c:25: 92:eb:b8:5e:a7:5a:44:3c:87:27:f9:6a:d2:6b:0a:cf:e1:c1: 78:01:2a:24:2b:7c:0c:f1:9d:6f:be:61:56:27:0b:ea:f7:fa: 1a:b5:9c:24:9b:de:ae:9f:8f:f7:0a:ff:31:83:c5:21:6a:34: 7e:b4:7c:22:5b:12:00:77:1d:48:65:1b:73:05:9d:ba:5b:73: f6:a9:a7:9c:05:bd:4f:58:9d:f9:67:58:07:b7:c5:66:a5:c5: 72:9b:61:14:b6:cb:e5:2f:15:72:96:44:5f:7f:5e:96:2f:e5: 13:c1:87:86 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUTRJF9UzWiwvPkUZVqQCVSoR73lEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyNDAwMDAwNVoX DTI2MDUyNTIzNTk1OVowejFJMEcGA1UEBRNAZGZjMGRkMzE0NjYyMGNmNDRkMjll YmJkNTBjYzA2NjFhZTcwYWE5NTE5ZWUzZTE5ZjZjMDg0YTdmOGM3MWU0ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBKNedGFZSbVNSVtZH4IIuI7Y314 oNowVn0n7aSGdSW9Di9tVJNx2S5+i2h3FRr1hmDea//e4gKQC++XQPxa2jHM2laY FvaRL2EApHvS+uLZgxvEQHmnBsr6ucwWIamMlpUcY8ewTQ3beIP4pctJcdiPYa4T WSw0FZNtphioQjF+q+PED2gNRBfIChhU/Icgd7KLitScWbGZM3QWuVTReED8W25V kQFffUxoo+CdvfqPBzo8SREUsTKOPu7wTHYvI01kkzyVQpr0Mk0kd9JhDglwXRuL 1JZ/k5SkaL8JF75AwxrpaTR+f6JcF1rnSn7jTDgIBnwC7HJdGwv101qF3QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIC0n2XGAgVNLaYf45MC7TW6aQ5nMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZiMTdmMjg2LWY3N2UtNDQ1Zi1hMDg0LTBmZWY4YjI5ZWY2ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauAgwDQYJKoZIhvcNAQELBQADggEBAF08LWCsuQjfDOk6YC+f rb5HX7joIePDglSI5XwuNAFMHI1fpXVD1EdiDPg02wzWhUFdnDdD2mEKOXxZIvTw TudupzagSn7+cIQxnhQi9D/D1PPCIAT/teokEUHu94htKdte3xp4BxSwoPRNil9l H7aFTN+rkW00TLKYJi2ySNjeE2v/LeG99MOZ3z0ljoNcJZLruF6nWkQ8hyf5atJr Cs/hwXgBKiQrfAzxnW++YVYnC+r3+hq1nCSb3q6fj/cK/zGDxSFqNH60fCJbEgB3 HUhlG3MFnbpbc/app5wFvU9YnflnWAe3xWalxXKbYRS2y+UvFXKWRF9/XpYv5RPB h4Y= -----END CERTIFICATE-----Generated at Sun Mar 1 23:52:49 2026 by rpki-client