$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b0ce5dd-b814-404d-834f-cb4ff6e69c73.roa File: 2b0ce5dd-b814-404d-834f-cb4ff6e69c73.roa (raw, json) Hash identifier: HShOakBOiXPDTBK180W7miIWVNsjY0VUPJbgmORS3yU= Subject key identifier: BF:65:8A:82:36:13:AE:BB:AB:79:BB:3D:55:19:77:A4:1A:61:31:24 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0C781800691E923B684BFC4831C844BC9DABB0F7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b0ce5dd-b814-404d-834f-cb4ff6e69c73.roa Signing time: Sun 22 Feb 2026 00:01:00 +0000 ROA not before: Sun 22 Feb 2026 00:01:00 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daa0:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 05 Mar 2026 00:00:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:78:18:00:69:1e:92:3b:68:4b:fc:48:31:c8:44:bc:9d:ab:b0:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:01:00 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=4f7441f6e3e25d019af2b44aade1c4b1b44d4d21b6f275e5e147d7cf97850a5b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:0d:8b:6e:64:69:9c:17:3f:dd:7d:49:12:81: ef:08:6a:67:bf:53:05:03:56:8c:4d:c9:93:3b:b5: 32:83:bd:65:e8:8d:35:cb:ce:07:04:e8:f7:54:58: 52:ed:91:d1:33:12:b4:ec:2b:a7:07:20:6c:5c:3d: ae:04:2b:66:0f:fe:25:7d:36:1c:1f:a6:c5:a2:8f: 2e:97:de:7f:29:69:19:10:45:75:9a:fb:50:7f:77: f8:33:76:a1:a0:d9:42:c0:be:d5:b3:d5:b3:6a:48: 94:7d:95:a9:1f:74:2c:34:4d:d1:f8:3b:22:36:9e: 8b:ea:f7:57:db:3f:55:bf:3e:31:bb:9d:6c:71:04: 8b:0c:8d:25:49:55:54:c5:03:0f:14:8d:c9:5e:6d: bf:f1:1d:ec:e6:cd:d6:17:84:d0:e1:4b:c7:46:69: d5:fb:63:67:a8:d4:d2:02:61:f1:04:b5:b7:66:7d: f5:bc:57:06:6a:a6:69:fd:ab:f6:96:3b:06:36:1e: ed:8e:e8:23:18:66:7d:72:d6:42:36:61:f7:b4:f6: f9:47:5c:91:e4:66:b9:d4:eb:d5:9c:1f:91:17:5a: a8:d5:88:b8:d6:e4:b3:04:e3:9c:de:8c:6e:80:11: d0:be:75:8a:70:c2:f5:d5:1c:16:72:b7:bc:d2:4d: b3:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:65:8A:82:36:13:AE:BB:AB:79:BB:3D:55:19:77:A4:1A:61:31:24 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b0ce5dd-b814-404d-834f-cb4ff6e69c73.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daa0:1000::/40 Signature Algorithm: sha256WithRSAEncryption 55:ef:1d:87:c0:a7:4d:82:aa:69:f1:a6:3c:7b:dc:12:c6:24: c8:bd:9f:f5:ff:7d:11:07:37:65:f1:f8:e5:c0:7e:d9:17:1f: 3b:5d:ec:d0:73:3c:f8:fb:9a:01:53:66:71:89:95:af:9f:68: 73:de:ca:c8:50:44:f6:71:bc:82:b5:c3:1d:09:8a:eb:fc:f1: 98:1d:20:82:8d:83:51:76:e8:9c:24:ec:1b:de:11:11:92:8b: 35:00:7f:17:37:f9:18:35:58:26:93:7d:55:7f:f2:9d:a7:1c: 79:e1:dc:fc:a3:fe:ef:4e:4b:21:f8:27:77:81:94:92:9b:c2: e7:28:36:be:c1:61:47:95:95:29:01:29:fa:1d:e7:2d:de:be: 44:f6:0a:d5:35:47:5d:42:46:9c:83:83:42:91:d6:5d:7f:47: c1:b8:f7:f6:7b:f0:25:00:bd:8a:87:74:fe:d8:7d:1e:ea:c4: 74:69:06:73:2a:6a:4d:d9:c8:42:66:19:08:41:ea:5f:4e:c1: ea:12:0e:e0:44:28:80:39:5d:61:fe:18:da:0b:02:ab:a1:05: 85:0e:d8:d4:90:8d:9f:e2:16:d2:52:2a:40:cd:35:5d:c5:23: 1b:0c:0b:df:6e:53:ee:ff:bc:8a:2b:b9:cb:1d:39:9e:d2:8c: d2:ad:d7:b5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDHgYAGkekjtoS/xIMchEvJ2rsPcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMDEwMFoX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNANGY3NDQxZjZlM2UyNWQwMTlhZjJi NDRhYWRlMWM0YjFiNDRkNGQyMWI2ZjI3NWU1ZTE0N2Q3Y2Y5Nzg1MGE1YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQ2LbmRpnBc/3X1JEoHvCGpnv1MF A1aMTcmTO7Uyg71l6I01y84HBOj3VFhS7ZHRMxK07CunByBsXD2uBCtmD/4lfTYc H6bFoo8ul95/KWkZEEV1mvtQf3f4M3ahoNlCwL7Vs9WzakiUfZWpH3QsNE3R+Dsi Np6L6vdX2z9Vvz4xu51scQSLDI0lSVVUxQMPFI3JXm2/8R3s5s3WF4TQ4UvHRmnV +2NnqNTSAmHxBLW3Zn31vFcGaqZp/av2ljsGNh7tjugjGGZ9ctZCNmH3tPb5R1yR 5Ga51OvVnB+RF1qo1Yi41uSzBOOc3oxugBHQvnWKcML11RwWcre80k2zFwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFL9lioI2E667q3m7PVUZd6QaYTEkMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJiMGNlNWRkLWI4MTQtNDA0ZC04MzRmLWNiNGZmNmU2OWM3My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaoBAwDQYJKoZIhvcNAQELBQADggEBAFXvHYfAp02Cqmnxpjx7 3BLGJMi9n/X/fREHN2Xx+OXAftkXHztd7NBzPPj7mgFTZnGJla+faHPeyshQRPZx vIK1wx0Jiuv88ZgdIIKNg1F26Jwk7BveERGSizUAfxc3+Rg1WCaTfVV/8p2nHHnh 3Pyj/u9OSyH4J3eBlJKbwucoNr7BYUeVlSkBKfod5y3evkT2CtU1R11CRpyDg0KR 1l1/R8G49/Z78CUAvYqHdP7YfR7qxHRpBnMqak3ZyEJmGQhB6l9OweoSDuBEKIA5 XWH+GNoLAquhBYUO2NSQjZ/iFtJSKkDNNV3FIxsMC99uU+7/vIorucsdOZ7SjNKt 17U= -----END CERTIFICATE-----Generated at Sun Mar 1 09:52:47 2026 by rpki-client