$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af6b0407-66be-4076-87b3-370d845449ef.roa File: af6b0407-66be-4076-87b3-370d845449ef.roa (raw, json) Hash identifier: XTtVFMAOTapO8PS2xrCCYkKIBA73p35pTjh0dvz5U8M= Subject key identifier: 42:0D:99:C2:15:27:3C:E2:49:6F:48:90:6C:D8:BB:1B:7B:85:69:0A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3755A180B908510C78BA37F6C97FDA63AB561EF4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af6b0407-66be-4076-87b3-370d845449ef.roa Signing time: Wed 18 Feb 2026 00:01:17 +0000 ROA not before: Wed 18 Feb 2026 00:01:17 +0000 ROA not after: Tue 19 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:6040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Feb 2026 00:20:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:55:a1:80:b9:08:51:0c:78:ba:37:f6:c9:7f:da:63:ab:56:1e:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 18 00:01:17 2026 GMT Not After : May 19 23:59:59 2026 GMT Subject: serialNumber=251db84eb79af660f0fe3907d82bb606e713e2ecbb1526888c577620141a3759, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:54:de:c1:1b:ee:b7:2c:b3:60:af:d0:79:87: 07:2d:55:1f:d9:2e:b6:c9:0a:d1:82:44:e9:f3:cc: 77:76:f8:4a:2e:e8:85:b0:94:38:c7:e3:91:c3:bd: 01:cd:9e:52:e2:da:00:d9:91:ab:3a:89:22:a1:40: 37:de:66:01:af:a1:1a:4e:b7:cd:8b:6a:39:8a:30: b3:7c:6b:f2:86:57:d9:2b:1c:ed:e8:0c:1f:51:49: aa:4e:a5:5f:1c:94:2c:aa:d1:7a:a8:68:e9:54:93: 5c:98:cd:0b:09:91:22:7b:8f:51:e1:d4:72:90:c6: 16:15:75:0c:ae:3a:63:a3:65:10:39:18:0d:51:01: 45:81:5e:7b:07:e5:0b:29:4e:fa:88:8f:38:2c:c3: a1:5b:3d:76:5d:a4:50:81:ff:e6:7b:bc:c1:c2:4e: 39:b2:3f:50:e2:df:e7:df:b3:5a:b1:26:c3:d0:80: 0c:b2:6c:84:d6:7a:e1:6d:e1:97:b3:6d:bf:d0:24: e5:6a:65:57:2c:7a:0d:23:ee:80:65:5b:9f:a9:72: 85:b8:1d:e2:78:f8:b6:18:5c:3f:c2:cc:b2:71:6e: ed:a3:5e:df:66:44:e7:83:aa:0d:17:f2:33:08:54: 1a:a1:26:96:f3:a1:fd:60:19:db:72:f8:4f:d4:50: 35:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:0D:99:C2:15:27:3C:E2:49:6F:48:90:6C:D8:BB:1B:7B:85:69:0A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af6b0407-66be-4076-87b3-370d845449ef.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:6040::/48 Signature Algorithm: sha256WithRSAEncryption 0c:24:de:99:c8:56:0b:00:b7:ef:3a:e7:ea:0c:07:25:80:72: c5:b0:5e:7f:9f:e1:cf:26:b2:9e:9f:0d:63:1b:46:d6:6e:3c: d7:94:9b:f2:17:99:ac:06:4c:1c:09:9b:86:97:64:b2:80:b5: f2:44:dd:ec:63:e9:51:c0:c7:e9:7d:72:cf:c9:04:43:62:76: 3f:c7:36:a9:c3:48:f9:3a:4a:20:36:e5:a4:36:a0:53:4c:f5: 3f:a2:43:1f:4b:ce:b1:df:34:74:50:69:28:69:7a:de:ac:be: e5:01:16:0d:3f:8b:32:c7:3e:ce:89:66:f4:e6:59:84:1f:b8: 55:0e:3e:f2:a3:1f:96:cb:8a:03:49:de:78:d6:ae:64:01:ec: 05:2f:6d:51:b5:95:8d:3f:cf:43:72:31:f5:f7:ff:20:e6:20: 82:c6:ee:4b:cf:f0:a6:1b:c7:e7:de:b9:7e:e8:6f:b0:1b:f5: b5:e5:99:fa:af:2e:6b:ac:ad:45:d6:83:2d:ef:f8:49:b1:be: d2:45:bd:64:08:ee:2f:89:b1:8b:3f:40:94:52:30:2a:da:13: 09:d3:79:a2:11:5a:37:88:08:28:18:e6:26:85:98:38:a1:66: b2:3c:ca:6a:c7:cd:ab:c5:da:4a:8c:7a:b7:64:d6:1f:6b:67: 82:4b:6b:fc -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUN1WhgLkIUQx4ujf2yX/aY6tWHvQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxODAwMDExN1oX DTI2MDUxOTIzNTk1OVowejFJMEcGA1UEBRNAMjUxZGI4NGViNzlhZjY2MGYwZmUz OTA3ZDgyYmI2MDZlNzEzZTJlY2JiMTUyNjg4OGM1Nzc2MjAxNDFhMzc1OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3lTewRvutyyzYK/QeYcHLVUf2S62 yQrRgkTp88x3dvhKLuiFsJQ4x+ORw70BzZ5S4toA2ZGrOokioUA33mYBr6EaTrfN i2o5ijCzfGvyhlfZKxzt6AwfUUmqTqVfHJQsqtF6qGjpVJNcmM0LCZEie49R4dRy kMYWFXUMrjpjo2UQORgNUQFFgV57B+ULKU76iI84LMOhWz12XaRQgf/me7zBwk45 sj9Q4t/n37NasSbD0IAMsmyE1nrhbeGXs22/0CTlamVXLHoNI+6AZVufqXKFuB3i ePi2GFw/wsyycW7to17fZkTng6oNF/IzCFQaoSaW86H9YBnbcvhP1FA1twIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEINmcIVJzziSW9IkGzYuxt7hWkKMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FmNmIwNDA3LTY2YmUtNDA3Ni04N2IzLTM3MGQ4NDU0NDllZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8mBAMA0GCSqGSIb3DQEBCwUAA4IBAQAMJN6ZyFYLALfvOufq DAclgHLFsF5/n+HPJrKenw1jG0bWbjzXlJvyF5msBkwcCZuGl2SygLXyRN3sY+lR wMfpfXLPyQRDYnY/xzapw0j5OkogNuWkNqBTTPU/okMfS86x3zR0UGkoaXrerL7l ARYNP4syxz7OiWb05lmEH7hVDj7yox+Wy4oDSd541q5kAewFL21RtZWNP89DcjH1 9/8g5iCCxu5Lz/CmG8fn3rl+6G+wG/W15Zn6ry5rrK1F1oMt7/hJsb7SRb1kCO4v ibGLP0CUUjAq2hMJ03miEVo3iAgoGOYmhZg4oWayPMpqx82rxdpKjHq3ZNYfa2eC S2v8 -----END CERTIFICATE-----Generated at Sat Feb 21 16:24:48 2026 by rpki-client