$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91606af-f23b-41f1-a5e0-9c946ffa3ce0.roa File: a91606af-f23b-41f1-a5e0-9c946ffa3ce0.roa (raw, json) Hash identifier: RkV2WLzev2fdUBtZwuFVPLkuuqWuCpLW+ZgRPTGhoaA= Subject key identifier: 38:7E:D7:5C:4A:B5:29:04:53:44:C7:9F:AA:54:AE:57:62:6B:6D:55 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2ECF0C0D4F01385559237DBEE9E0FA50F30C8C15 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91606af-f23b-41f1-a5e0-9c946ffa3ce0.roa Signing time: Sun 22 Feb 2026 00:10:42 +0000 ROA not before: Sun 22 Feb 2026 00:10:42 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf8:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Feb 2026 00:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:cf:0c:0d:4f:01:38:55:59:23:7d:be:e9:e0:fa:50:f3:0c:8c:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:10:42 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=531ed71f8aaea72af8700f287c051018af77aa55c4dd09e6c2dd4bda75c60cad, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:aa:e3:d0:4e:8c:55:f9:cc:31:47:72:f6:b1: 0c:8f:62:e9:43:1f:de:d6:9c:9a:ef:4b:0f:7e:df: 68:c4:5d:34:3b:93:91:e4:e2:36:60:68:f7:c3:db: 1f:4c:61:ee:96:2f:f8:73:70:ae:f9:c5:bb:55:3c: 00:24:7b:1b:72:a8:22:2d:6e:21:21:2c:43:95:53: 50:13:7e:13:4d:4d:57:d8:bd:e9:01:37:31:a0:67: d1:af:8f:51:33:04:28:a1:b8:95:6a:39:3e:87:e0: b9:a6:33:a2:f2:71:71:5d:80:e8:5c:bd:3f:e9:67: b7:18:99:c5:78:97:d9:cc:0c:e8:98:bd:de:71:46: 8e:83:f5:4c:bd:cd:5a:f1:71:8f:1d:c5:08:5f:67: 4b:98:c1:0c:0b:10:c9:f5:ab:85:e3:41:e0:d0:e7: 57:6f:fe:d2:bb:31:76:23:b0:79:66:55:d6:e8:c3: 5d:a9:f6:3e:49:f6:79:f0:9f:5c:00:9c:18:26:86: 84:aa:f5:0a:1c:d0:8d:74:a5:fa:33:0a:5d:de:a4: 1c:63:63:90:6b:a9:eb:a8:f8:27:79:e0:81:3c:a1: e2:26:4f:7b:91:62:de:5c:f7:d4:0b:c2:ea:cc:e7: 63:ef:dd:2d:33:87:ff:1b:2d:fc:d7:39:fe:11:45: 37:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:7E:D7:5C:4A:B5:29:04:53:44:C7:9F:AA:54:AE:57:62:6B:6D:55 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91606af-f23b-41f1-a5e0-9c946ffa3ce0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf8:8000::/40 Signature Algorithm: sha256WithRSAEncryption c1:1d:25:14:b0:73:5c:77:bd:3f:6a:1e:c4:c3:76:bd:45:0a: 8b:94:0d:49:ce:88:9e:e1:be:30:26:dc:87:f3:42:fc:88:22: 68:b0:38:16:11:f7:08:9c:e3:6c:c6:dd:b0:87:a8:99:f4:c8: 0f:48:2f:45:c3:0c:c3:10:b4:56:ad:fb:28:fa:c2:fc:cd:5b: 2f:30:e6:e8:f6:c0:b1:bf:af:fc:68:9e:39:6c:27:12:4f:3e: 1b:8c:47:3f:fe:85:7f:51:cc:98:80:13:ed:6c:7d:34:49:c0: d3:02:b2:f6:44:e6:cd:db:11:d3:be:13:1a:af:00:8e:17:45: 33:a3:25:24:8c:92:cf:20:d6:3b:26:42:f2:2c:53:83:00:4e: 6d:e2:a0:6e:39:77:5c:a9:2e:0d:0e:38:87:7b:af:73:3c:a6: b5:ed:58:9c:63:67:05:a4:b9:67:27:fa:2d:bf:9e:a4:bf:9e: a6:af:b2:d6:c9:e9:23:e0:b3:54:62:7e:ab:16:d7:5a:77:4b: 21:a6:58:d7:6c:65:6a:9f:4d:09:7f:cb:cc:c4:97:02:55:15: f0:de:58:2d:5a:be:a6:c4:3b:1e:b9:c6:bd:56:23:a9:c6:ab: 43:03:a4:b5:80:84:d0:e5:d5:25:39:73:6d:6a:27:a1:f9:50: 0b:3a:8b:c8 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIULs8MDU8BOFVZI32+6eD6UPMMjBUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMTA0MloX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNANTMxZWQ3MWY4YWFlYTcyYWY4NzAw ZjI4N2MwNTEwMThhZjc3YWE1NWM0ZGQwOWU2YzJkZDRiZGE3NWM2MGNhZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6qrj0E6MVfnMMUdy9rEMj2LpQx/e 1pya70sPft9oxF00O5OR5OI2YGj3w9sfTGHuli/4c3Cu+cW7VTwAJHsbcqgiLW4h ISxDlVNQE34TTU1X2L3pATcxoGfRr49RMwQoobiVajk+h+C5pjOi8nFxXYDoXL0/ 6We3GJnFeJfZzAzomL3ecUaOg/VMvc1a8XGPHcUIX2dLmMEMCxDJ9auF40Hg0OdX b/7SuzF2I7B5ZlXW6MNdqfY+SfZ58J9cAJwYJoaEqvUKHNCNdKX6Mwpd3qQcY2OQ a6nrqPgneeCBPKHiJk97kWLeXPfUC8LqzOdj790tM4f/Gy381zn+EUU3YQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDh+11xKtSkEU0THn6pUrldia21VMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E5MTYwNmFmLWYyM2ItNDFmMS1hNWUwLTljOTQ2ZmZhM2NlMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+IAwDQYJKoZIhvcNAQELBQADggEBAMEdJRSwc1x3vT9qHsTD dr1FCouUDUnOiJ7hvjAm3IfzQvyIImiwOBYR9wic42zG3bCHqJn0yA9IL0XDDMMQ tFat+yj6wvzNWy8w5uj2wLG/r/xonjlsJxJPPhuMRz/+hX9RzJiAE+1sfTRJwNMC svZE5s3bEdO+ExqvAI4XRTOjJSSMks8g1jsmQvIsU4MATm3ioG45d1ypLg0OOId7 r3M8prXtWJxjZwWkuWcn+i2/nqS/nqavstbJ6SPgs1RifqsW11p3SyGmWNdsZWqf TQl/y8zElwJVFfDeWC1avqbEOx65xr1WI6nGq0MDpLWAhNDl1SU5c21qJ6H5UAs6 i8g= -----END CERTIFICATE-----Generated at Mon Feb 23 11:01:11 2026 by rpki-client