$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ff7aeb9b-4fc4-44e8-aa35-b92698a6c334.roa File: ff7aeb9b-4fc4-44e8-aa35-b92698a6c334.roa (raw, json) Hash identifier: i325nrO8jEsvMTFojckdjnWDrfWcQ73fS9YJLknLqLw= Subject key identifier: 7D:B6:AB:95:3C:6B:DD:CE:54:44:17:C9:D7:C6:5E:2D:79:F2:E4:14 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3B2B6FB3A7362BE0685C7F4E9831DA9ED6CA011C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ff7aeb9b-4fc4-44e8-aa35-b92698a6c334.roa Signing time: Wed 18 Feb 2026 00:00:43 +0000 ROA not before: Wed 18 Feb 2026 00:00:43 +0000 ROA not after: Tue 19 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da38:28c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:2b:6f:b3:a7:36:2b:e0:68:5c:7f:4e:98:31:da:9e:d6:ca:01:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 18 00:00:43 2026 GMT Not After : May 19 23:59:59 2026 GMT Subject: serialNumber=b9c8094540d6af785da99b0859b0a91587729e9ef846aba9f513d0f516d946aa, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:0a:f2:92:25:5f:3b:2a:70:02:1b:08:41:cc: ae:88:e3:ec:8d:b7:b9:0e:c9:d2:75:e9:82:a1:6f: 65:65:df:29:1b:6d:61:45:f1:3a:5e:ce:86:3c:00: 2c:e1:c7:9b:da:0a:c1:b6:a0:74:d2:55:f4:23:d7: 27:bf:ee:e8:98:85:36:bf:3e:0c:3e:c5:5a:bd:c6: dc:af:0a:c7:fe:4d:e6:23:94:a7:26:47:7c:e7:d8: c8:94:99:41:4a:50:22:31:e0:af:7e:7c:38:62:a7: d7:e5:08:07:e6:d2:94:11:a4:91:e3:b4:68:b8:74: bc:8e:d7:3a:1f:c8:69:b1:55:76:7b:68:9e:77:1b: 16:83:e7:a3:a3:2b:05:0f:2c:a4:ba:b7:a7:f3:97: 2f:0b:a3:dc:be:45:0a:74:94:17:f0:98:ff:07:95: 8c:01:79:bf:70:7d:eb:d6:17:1e:6e:db:13:e4:9d: d4:db:eb:40:4c:f5:c2:58:f8:c9:75:44:15:eb:c2: 36:9a:52:0a:d2:bd:74:0b:dc:4a:79:3c:43:8a:d0: 67:4e:2a:e9:97:29:f4:4d:09:22:38:b2:1a:bb:74: 56:49:34:09:b3:8c:83:b0:fc:c8:01:0b:a4:7c:86: 2d:78:83:f7:bf:38:f6:16:70:d0:f6:c5:65:d0:43: e0:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:B6:AB:95:3C:6B:DD:CE:54:44:17:C9:D7:C6:5E:2D:79:F2:E4:14 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ff7aeb9b-4fc4-44e8-aa35-b92698a6c334.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da38:28c0::/48 Signature Algorithm: sha256WithRSAEncryption 95:eb:74:cd:26:b8:bc:b3:30:77:4e:4c:c5:d9:45:e9:ca:52: b7:c9:9b:e9:7d:cd:69:be:f0:62:d6:a0:02:0e:5c:93:26:7c: 21:97:68:33:f7:b9:64:33:94:86:3d:65:fd:56:00:a1:64:ec: cc:76:17:19:46:30:29:01:12:a3:7e:bb:0c:07:ed:fa:7d:39: a8:e4:ab:0f:da:a4:af:45:14:a1:f1:d4:d6:14:4d:ee:2f:f6: 8e:a0:8f:14:bf:c2:18:fa:66:05:cd:a8:9c:96:c0:f0:39:7d: fe:2c:62:b6:5f:14:8c:d3:34:26:54:32:87:3c:1d:ae:20:85: 5e:86:00:2b:f2:ef:0f:13:d0:f7:be:49:f4:3c:10:79:76:fc: 55:5e:3a:88:37:3e:c7:e9:44:c0:4d:10:08:22:e0:44:6e:20: 5f:73:65:d3:ae:0f:0e:85:17:f0:9e:c7:c7:73:e8:82:19:10: 61:91:9d:32:46:2c:39:0b:8b:d7:f1:5d:df:6a:ca:79:c0:c2: a4:51:30:35:35:fe:6b:8a:90:82:5c:df:10:7b:6c:40:94:ba: 10:14:9f:d6:85:18:5e:18:66:5b:4d:b2:6d:8a:0e:33:42:e2: 0d:95:3f:97:3a:07:e9:aa:f6:d5:e1:ee:b6:ce:30:d4:81:a8: 37:54:e1:ca -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUOytvs6c2K+BoXH9OmDHantbKARwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxODAwMDA0M1oX DTI2MDUxOTIzNTk1OVowejFJMEcGA1UEBRNAYjljODA5NDU0MGQ2YWY3ODVkYTk5 YjA4NTliMGE5MTU4NzcyOWU5ZWY4NDZhYmE5ZjUxM2QwZjUxNmQ5NDZhYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQrykiVfOypwAhsIQcyuiOPsjbe5 DsnSdemCoW9lZd8pG21hRfE6Xs6GPAAs4ceb2grBtqB00lX0I9cnv+7omIU2vz4M PsVavcbcrwrH/k3mI5SnJkd859jIlJlBSlAiMeCvfnw4YqfX5QgH5tKUEaSR47Ro uHS8jtc6H8hpsVV2e2iedxsWg+ejoysFDyykuren85cvC6PcvkUKdJQX8Jj/B5WM AXm/cH3r1hcebtsT5J3U2+tATPXCWPjJdUQV68I2mlIK0r10C9xKeTxDitBnTirp lyn0TQkiOLIau3RWSTQJs4yDsPzIAQukfIYteIP3vzj2FnDQ9sVl0EPg9wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFH22q5U8a93OVEQXydfGXi158uQUMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZmN2FlYjliLTRmYzQtNDRlOC1hYTM1LWI5MjY5OGE2YzMzNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaOCjAMA0GCSqGSIb3DQEBCwUAA4IBAQCV63TNJri8szB3TkzF 2UXpylK3yZvpfc1pvvBi1qACDlyTJnwhl2gz97lkM5SGPWX9VgChZOzMdhcZRjAp ARKjfrsMB+36fTmo5KsP2qSvRRSh8dTWFE3uL/aOoI8Uv8IY+mYFzaiclsDwOX3+ LGK2XxSM0zQmVDKHPB2uIIVehgAr8u8PE9D3vkn0PBB5dvxVXjqINz7H6UTATRAI IuBEbiBfc2XTrg8OhRfwnsfHc+iCGRBhkZ0yRiw5C4vX8V3fasp5wMKkUTA1Nf5r ipCCXN8Qe2xAlLoQFJ/WhRheGGZbTbJtig4zQuINlT+XOgfpqvbV4e62zjDUgag3 VOHK -----END CERTIFICATE-----Generated at Sun Mar 1 21:57:46 2026 by rpki-client