$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fe3d6db7-606c-43ce-8bed-3a0264228ad4.roa File: fe3d6db7-606c-43ce-8bed-3a0264228ad4.roa (raw, json) Hash identifier: bSa305W5cx8NWmAwD01dVtiv0OKruHtF91pmXMp7iQM= Subject key identifier: C3:88:80:9D:91:10:FB:93:CF:C3:E4:CE:52:CB:C7:95:B2:BE:77:59 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 18BCDACEAB2DB707DD65C2FB5E0A1E143745692B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fe3d6db7-606c-43ce-8bed-3a0264228ad4.roa Signing time: Sat 21 Feb 2026 00:01:04 +0000 ROA not before: Sat 21 Feb 2026 00:01:04 +0000 ROA not after: Fri 22 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daec:4000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:bc:da:ce:ab:2d:b7:07:dd:65:c2:fb:5e:0a:1e:14:37:45:69:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 21 00:01:04 2026 GMT Not After : May 22 23:59:59 2026 GMT Subject: serialNumber=3fcf6d59951aaf95f833e6026e14e5622a84348a29b0422977a008d8bec71370, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:65:4c:0a:68:7c:d6:b0:80:78:82:d5:36:e3: f8:de:5e:16:c5:ab:6e:f4:79:ea:39:43:f1:43:22: d6:02:65:82:c4:61:8b:79:3b:46:15:18:e1:af:d9: 05:59:8a:f0:9b:af:e4:ba:ff:0b:f1:7b:d9:5f:6e: 32:d5:a2:9f:d1:2f:37:f4:bf:b9:ba:59:70:02:c1: 07:86:99:87:0b:50:3c:c8:ff:ee:45:a6:57:bf:b3: 9e:be:ea:fb:bf:30:38:c2:7d:74:dd:db:6c:50:ac: 44:e2:48:e7:d2:97:8b:3b:e7:d3:d0:a7:bb:80:49: e1:8a:c6:dc:35:95:e8:02:d3:a1:d6:8c:d8:50:c0: 5e:27:96:7c:39:bb:9e:2a:28:7f:e2:27:12:78:97: 95:8c:5a:cd:3b:c4:53:7a:f2:01:64:1c:6a:53:c3: af:ce:ca:66:3b:45:c0:9c:11:26:5f:fb:1d:a3:bb: 71:a4:1a:64:71:a2:b6:19:fb:29:9e:1a:25:50:c5: 41:5a:53:4a:f0:4f:98:6b:68:6f:2a:79:ac:a5:81: 91:ac:43:b6:96:d2:ea:52:e8:b5:e3:36:be:53:35: f5:3b:01:13:29:ca:5b:be:cb:16:7e:a0:1b:f0:29: 9b:83:25:4b:8a:95:d3:8a:ca:75:cc:04:14:ce:2b: e3:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:88:80:9D:91:10:FB:93:CF:C3:E4:CE:52:CB:C7:95:B2:BE:77:59 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fe3d6db7-606c-43ce-8bed-3a0264228ad4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daec:4000::/48 Signature Algorithm: sha256WithRSAEncryption 71:67:d0:7b:e7:3b:0c:2e:d0:0f:69:ad:88:d4:4f:58:3c:ba: f6:f9:ea:68:ae:b9:b3:ec:44:2b:37:7a:4b:de:cf:5f:68:a2: 4f:9e:08:97:89:fa:58:2d:a8:28:1b:80:6d:d9:74:e0:63:77: b5:2a:e4:49:53:6c:ce:a4:6a:c6:e7:aa:8e:71:79:04:fe:d2: d1:b8:10:c7:07:28:12:ea:a2:46:f6:e1:9d:df:8d:71:9c:ba: b9:73:df:71:73:1d:e7:32:f3:76:c2:ba:e4:69:f8:53:c0:08: 15:f7:61:72:2a:8a:06:2d:f1:f6:a9:6f:da:1d:a0:da:2f:d4: 49:3b:81:2e:f4:31:69:bc:5e:fa:78:5a:d6:d2:11:9f:7a:7b: 29:68:89:ce:4b:38:46:aa:69:3d:a8:83:ed:79:2f:a6:4f:dc: ef:da:39:b6:8c:6c:7e:fd:6e:0b:9f:52:f0:44:b9:62:39:3e: a1:34:b8:fd:59:67:6a:f0:79:3f:98:96:15:78:02:b7:57:de: 26:54:7b:ca:00:58:8d:af:8b:33:34:96:4d:29:df:64:60:98: 03:6f:7c:ff:19:bd:27:0d:31:d7:dc:3c:2b:4f:5b:62:71:39: 80:2a:bc:62:d4:d8:14:ef:73:13:a9:14:c3:8f:0f:b4:59:5a: 3c:e5:4b:ad -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUGLzazqsttwfdZcL7XgoeFDdFaSswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMTAwMDEwNFoX DTI2MDUyMjIzNTk1OVowejFJMEcGA1UEBRNAM2ZjZjZkNTk5NTFhYWY5NWY4MzNl NjAyNmUxNGU1NjIyYTg0MzQ4YTI5YjA0MjI5NzdhMDA4ZDhiZWM3MTM3MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3GVMCmh81rCAeILVNuP43l4Wxatu 9HnqOUPxQyLWAmWCxGGLeTtGFRjhr9kFWYrwm6/kuv8L8XvZX24y1aKf0S839L+5 ullwAsEHhpmHC1A8yP/uRaZXv7Oevur7vzA4wn103dtsUKxE4kjn0peLO+fT0Ke7 gEnhisbcNZXoAtOh1ozYUMBeJ5Z8ObueKih/4icSeJeVjFrNO8RTevIBZBxqU8Ov zspmO0XAnBEmX/sdo7txpBpkcaK2GfspnholUMVBWlNK8E+Ya2hvKnmspYGRrEO2 ltLqUui14za+UzX1OwETKcpbvssWfqAb8CmbgyVLipXTisp1zAQUzivjgQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMOIgJ2REPuTz8PkzlLLx5WyvndZMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZlM2Q2ZGI3LTYwNmMtNDNjZS04YmVkLTNhMDI2NDIyOGFkNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba7EAAMA0GCSqGSIb3DQEBCwUAA4IBAQBxZ9B75zsMLtAPaa2I 1E9YPLr2+eporrmz7EQrN3pL3s9faKJPngiXifpYLagoG4Bt2XTgY3e1KuRJU2zO pGrG56qOcXkE/tLRuBDHBygS6qJG9uGd341xnLq5c99xcx3nMvN2wrrkafhTwAgV 92FyKooGLfH2qW/aHaDaL9RJO4Eu9DFpvF76eFrW0hGfenspaInOSzhGqmk9qIPt eS+mT9zv2jm2jGx+/W4Ln1LwRLliOT6hNLj9WWdq8Hk/mJYVeAK3V94mVHvKAFiN r4szNJZNKd9kYJgDb3z/Gb0nDTHX3DwrT1ticTmAKrxi1NgU73MTqRTDjw+0WVo8 5Uut -----END CERTIFICATE-----Generated at Sun Mar 1 22:05:23 2026 by rpki-client