$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e10b881-cc4d-4575-9034-6eacfc118456.roa File: 3e10b881-cc4d-4575-9034-6eacfc118456.roa (raw, json) Hash identifier: m1J0ES6SRzTay2c/AFzcHhxRMYsgmxQlz9+4aM56tRU= Subject key identifier: 95:E2:72:55:CE:45:EE:F0:F7:5B:C4:DF:3C:FE:2A:FF:2E:07:78:74 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 656BBCCF34CA4594E827965C20EE110716FFABFA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e10b881-cc4d-4575-9034-6eacfc118456.roa Signing time: Fri 20 Feb 2026 00:10:56 +0000 ROA not before: Fri 20 Feb 2026 00:10:56 +0000 ROA not after: Thu 21 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:2000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Feb 2026 00:20:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:6b:bc:cf:34:ca:45:94:e8:27:96:5c:20:ee:11:07:16:ff:ab:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 20 00:10:56 2026 GMT Not After : May 21 23:59:59 2026 GMT Subject: serialNumber=6f6dda49060e97ca0ca7be1cfc019171958c1ec857a8ecbfbe2c8120a05d7668, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:2d:08:77:30:9b:14:70:8d:50:63:73:fc:d3: b0:30:ed:e3:c6:a7:9b:30:bd:d7:75:72:c9:54:53: 88:a4:fb:c5:6d:4b:3e:3d:bd:c1:c2:51:8c:79:0b: 31:ec:ce:d5:bb:e7:6f:39:58:1e:b7:e6:fc:22:a0: 15:d9:20:d0:28:b9:10:52:7a:d0:cf:3c:25:dd:26: eb:f9:58:67:b4:5d:7f:c6:7b:2d:24:a2:b5:45:a0: 1e:c4:77:20:86:bc:eb:88:fb:44:07:51:b1:49:75: b8:d0:68:c2:1a:bf:9f:76:ae:0d:55:ed:95:07:9b: c0:5f:26:e0:8d:a4:ee:f1:c3:29:82:4c:98:55:93: b5:99:31:13:3c:fe:df:bc:f6:ef:e0:35:2f:30:fe: e9:64:ff:8c:2a:2c:4d:d0:39:24:89:41:f7:a7:c7: 72:c0:dd:ef:da:3f:de:3e:a2:37:cd:7d:86:59:6a: a7:19:25:a5:3e:28:02:df:e1:3f:39:a6:13:ee:fb: 92:a9:bb:57:7b:a0:cc:c7:b4:ac:e2:98:d2:49:c3: 01:ec:48:c3:ae:ad:5f:98:ef:79:5d:5c:26:8c:0e: 0f:24:19:7a:78:44:f8:4a:3e:25:2a:19:54:3f:8f: cb:74:1c:92:40:00:54:4a:bc:4d:71:71:3b:29:4a: fc:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:E2:72:55:CE:45:EE:F0:F7:5B:C4:DF:3C:FE:2A:FF:2E:07:78:74 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e10b881-cc4d-4575-9034-6eacfc118456.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:2000::/40 Signature Algorithm: sha256WithRSAEncryption c6:4d:b2:8e:db:0e:57:eb:73:ec:a7:8e:3a:87:84:22:c1:a9: 67:b0:63:4f:5d:1f:e7:fd:d7:17:8f:f4:da:b7:52:a9:b3:a8: 0c:46:ae:43:cd:54:2d:ab:e3:e3:b7:7f:66:b3:c8:ad:26:ce: e3:42:fa:98:7b:1d:36:e1:0c:ea:f0:ed:52:d8:33:d4:d8:9d: 2b:c3:1f:3b:a2:ed:e8:f5:13:d2:d3:0c:c0:d2:45:39:a3:03: 79:b8:1f:f0:23:53:5b:69:b3:a0:89:41:21:fa:0d:c9:ba:5d: a3:12:a4:a3:6d:1c:9f:63:74:5f:5f:3b:2f:2b:a5:25:a3:03: fe:7b:9a:e5:ea:a8:df:dc:89:2e:9e:73:81:55:7a:05:d1:94: 6c:f5:39:54:0b:ff:b1:67:eb:b7:f6:e7:29:ff:8d:4e:88:dc: ef:1d:9b:16:06:04:c2:12:22:94:d6:7d:23:29:03:b9:3f:3d: 3c:e2:9b:ae:3c:f3:a0:a3:60:60:4e:3c:ec:63:33:36:4b:59: 5a:4f:cb:41:e4:f8:81:c1:4b:9f:63:8c:08:b6:cc:9b:e9:2d: 68:67:06:c8:35:a1:0a:90:c5:4e:ff:f5:7c:22:c3:2c:85:ae: 42:01:f5:a1:39:ab:93:c7:80:4a:4b:fc:c0:f1:05:34:2a:a4: 40:4b:da:9b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZWu8zzTKRZToJ5ZcIO4RBxb/q/owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMDAwMTA1NloX DTI2MDUyMTIzNTk1OVowejFJMEcGA1UEBRNANmY2ZGRhNDkwNjBlOTdjYTBjYTdi ZTFjZmMwMTkxNzE5NThjMWVjODU3YThlY2JmYmUyYzgxMjBhMDVkNzY2ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoy0IdzCbFHCNUGNz/NOwMO3jxqeb ML3XdXLJVFOIpPvFbUs+Pb3BwlGMeQsx7M7Vu+dvOVget+b8IqAV2SDQKLkQUnrQ zzwl3Sbr+VhntF1/xnstJKK1RaAexHcghrzriPtEB1GxSXW40GjCGr+fdq4NVe2V B5vAXybgjaTu8cMpgkyYVZO1mTETPP7fvPbv4DUvMP7pZP+MKixN0DkkiUH3p8dy wN3v2j/ePqI3zX2GWWqnGSWlPigC3+E/OaYT7vuSqbtXe6DMx7Ss4pjSScMB7EjD rq1fmO95XVwmjA4PJBl6eET4Sj4lKhlUP4/LdBySQABUSrxNcXE7KUr8rQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJXiclXORe7w91vE3zz+Kv8uB3h0MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNlMTBiODgxLWNjNGQtNDU3NS05MDM0LTZlYWNmYzExODQ1Ni5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYSAwDQYJKoZIhvcNAQELBQADggEBAMZNso7bDlfrc+ynjjqH hCLBqWewY09dH+f91xeP9Nq3UqmzqAxGrkPNVC2r4+O3f2azyK0mzuNC+ph7HTbh DOrw7VLYM9TYnSvDHzui7ej1E9LTDMDSRTmjA3m4H/AjU1tps6CJQSH6Dcm6XaMS pKNtHJ9jdF9fOy8rpSWjA/57muXqqN/ciS6ec4FVegXRlGz1OVQL/7Fn67f25yn/ jU6I3O8dmxYGBMISIpTWfSMpA7k/PTzim64886CjYGBOPOxjMzZLWVpPy0Hk+IHB S59jjAi2zJvpLWhnBsg1oQqQxU7/9XwiwyyFrkIB9aE5q5PHgEpL/MDxBTQqpEBL 2ps= -----END CERTIFICATE-----Generated at Sat Feb 21 16:25:08 2026 by rpki-client