$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/8c170584-7c9b-414b-8cba-a934a0a79bbe.roa File: 8c170584-7c9b-414b-8cba-a934a0a79bbe.roa (raw, json) Hash identifier: 6SXvrQCVtJ9I7yKXy5cpiG6IXfqjfmiQZzvT8SNuDyE= Subject key identifier: E4:8D:5F:82:2B:94:B9:F8:90:F5:ED:DB:2F:A8:A9:B4:BC:37:3E:5B Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 2C8A60C62ED429F32790D02600F09EE98AE23DAE Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/8c170584-7c9b-414b-8cba-a934a0a79bbe.roa Signing time: Wed 25 Feb 2026 00:00:06 +0000 ROA not before: Wed 25 Feb 2026 00:00:06 +0000 ROA not after: Tue 26 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500:4000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:8a:60:c6:2e:d4:29:f3:27:90:d0:26:00:f0:9e:e9:8a:e2:3d:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Feb 25 00:00:06 2026 GMT Not After : May 26 23:59:59 2026 GMT Subject: serialNumber=6a74d9eaf48604d80c99a3dce02c4f26997469346780258b2eb1bfcf01a3b5ad, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:63:71:9e:9e:cb:8f:0d:02:24:c7:a3:16:36: 29:28:c2:40:1e:20:06:2f:da:cc:0f:ba:80:4d:97: a5:dc:6d:78:19:50:37:05:cc:a7:c0:78:8c:71:b6: 9a:d7:f0:c9:22:83:74:14:8e:2b:70:3c:70:15:a5: ce:26:5c:1d:10:2b:c2:e6:88:aa:3b:1d:d4:77:e8: e9:7f:50:a0:be:ce:31:61:2a:9f:89:64:d3:5e:e9: b3:43:e2:76:a4:7c:98:43:f8:b7:da:8f:97:7e:c7: 6c:2a:97:d9:d6:1c:2c:2a:9c:58:d5:51:0f:3f:a7: 21:dc:07:00:eb:93:8c:cb:c3:ef:1d:4c:fe:f4:f0: 2c:29:b3:7f:d1:a7:f3:c1:96:09:53:94:88:87:69: 37:45:f9:5d:0d:e6:06:31:0c:5c:72:e5:b7:f3:d5: 3d:06:74:b4:98:31:9d:0c:d2:e5:24:43:0d:20:52: 03:5a:ed:07:44:c0:e0:f0:90:ad:65:42:e0:29:3b: e0:6c:4b:6c:30:dd:aa:5e:45:b1:43:27:ee:46:31: dc:51:d0:69:2b:a6:19:5c:27:84:3f:cd:66:6b:f6: 30:2d:c5:25:fb:5f:95:b6:9c:03:1a:fb:2f:e2:9f: 1c:c7:b8:e9:2a:89:40:4a:7e:78:5a:cc:19:cd:e3: 22:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:8D:5F:82:2B:94:B9:F8:90:F5:ED:DB:2F:A8:A9:B4:BC:37:3E:5B X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/8c170584-7c9b-414b-8cba-a934a0a79bbe.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500:4000::/48 Signature Algorithm: sha256WithRSAEncryption 75:69:cb:c4:45:9a:35:b7:a4:31:75:46:ae:c5:19:e7:b3:3e: c6:28:ec:b8:70:df:d7:5c:ff:a5:5d:0c:e7:48:e1:4a:60:48: 0d:54:b2:8c:b4:e9:01:4a:89:84:6e:8e:b6:1c:c8:5b:9e:b3: 22:20:04:1e:20:4e:48:16:6d:6c:4e:a4:47:32:97:59:c5:41: 4d:c2:d4:8b:78:80:cb:10:69:aa:12:d9:c6:d7:73:de:0b:6b: e2:45:5c:0b:fd:fa:af:a0:2d:fc:f1:56:85:25:cf:a9:4c:b2: 8e:61:66:27:d2:7d:7d:ab:9a:9b:4c:7b:6c:f3:8b:24:d3:98: ff:ae:84:9b:c3:70:59:9e:7f:f1:be:98:e1:c6:ed:ec:b6:82: 7e:2c:7c:34:eb:85:60:b4:4e:86:9b:6c:fd:ee:0b:e0:3f:03: a6:10:9e:7c:9e:60:e4:aa:03:a6:f3:88:6e:12:cf:d5:5a:ba: de:69:a6:7b:3a:e4:0d:22:ec:79:e4:1c:67:a4:5e:c8:7e:1f: 94:62:70:dd:4e:34:4c:29:2b:0b:b3:7d:59:1a:b2:93:94:eb: f4:14:da:40:f8:e4:10:b8:07:cf:ed:79:04:4f:96:1b:7c:dd: 98:f2:9a:4f:92:3f:f7:fa:fc:a7:17:41:ac:16:ac:75:df:e6: 49:09:d6:1d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIULIpgxi7UKfMnkNAmAPCe6YriPa4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI2MDIyNTAwMDAwNloX DTI2MDUyNjIzNTk1OVowejFJMEcGA1UEBRNANmE3NGQ5ZWFmNDg2MDRkODBjOTlh M2RjZTAyYzRmMjY5OTc0NjkzNDY3ODAyNThiMmViMWJmY2YwMWEzYjVhZDEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2Nxnp7Ljw0CJMejFjYpKMJAHiAG L9rMD7qATZel3G14GVA3BcynwHiMcbaa1/DJIoN0FI4rcDxwFaXOJlwdECvC5oiq Ox3Ud+jpf1Cgvs4xYSqfiWTTXumzQ+J2pHyYQ/i32o+XfsdsKpfZ1hwsKpxY1VEP P6ch3AcA65OMy8PvHUz+9PAsKbN/0afzwZYJU5SIh2k3RfldDeYGMQxccuW389U9 BnS0mDGdDNLlJEMNIFIDWu0HRMDg8JCtZULgKTvgbEtsMN2qXkWxQyfuRjHcUdBp K6YZXCeEP81ma/YwLcUl+1+VtpwDGvsv4p8cx7jpKolASn54WswZzeMi7QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFOSNX4IrlLn4kPXt2y+oqbS8Nz5bMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 LzhjMTcwNTg0LTdjOWItNDE0Yi04Y2JhLWE5MzRhMGE3OWJiZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABlAEAAMA0GCSqGSIb3DQEBCwUAA4IBAQB1acvERZo1t6QxdUau xRnnsz7GKOy4cN/XXP+lXQznSOFKYEgNVLKMtOkBSomEbo62HMhbnrMiIAQeIE5I Fm1sTqRHMpdZxUFNwtSLeIDLEGmqEtnG13PeC2viRVwL/fqvoC388VaFJc+pTLKO YWYn0n19q5qbTHts84sk05j/roSbw3BZnn/xvpjhxu3stoJ+LHw064VgtE6Gm2z9 7gvgPwOmEJ58nmDkqgOm84huEs/VWrreaaZ7OuQNIux55BxnpF7Ifh+UYnDdTjRM KSsLs31ZGrKTlOv0FNpA+OQQuAfP7XkET5YbfN2Y8ppPkj/3+vynF0GsFqx13+ZJ CdYd -----END CERTIFICATE-----Generated at Sun Mar 1 22:04:21 2026 by rpki-client