$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bec9465b-b7fc-4cce-998f-69c2159f9d1a.roa File: bec9465b-b7fc-4cce-998f-69c2159f9d1a.roa (raw, json) Hash identifier: tT7/3WNEgP+V3d5RMcMBhvttNKHJc/8GnNYPdBHzDSQ= Subject key identifier: 47:01:7F:D3:7A:ED:CD:A9:C1:46:7C:6D:15:64:B5:F4:FC:D2:C4:A6 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5F9C936DE0072BFB97A0918B5E99F063CDABAEC8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bec9465b-b7fc-4cce-998f-69c2159f9d1a.roa Signing time: Wed 11 Feb 2026 00:21:00 +0000 ROA not before: Wed 11 Feb 2026 00:21:00 +0000 ROA not after: Tue 12 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daea:7040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Feb 2026 00:20:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:9c:93:6d:e0:07:2b:fb:97:a0:91:8b:5e:99:f0:63:cd:ab:ae:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 11 00:21:00 2026 GMT Not After : May 12 23:59:59 2026 GMT Subject: serialNumber=4ef25884110968df7e88ec80665e030346d1995f6db6d6fa4879b514ca56fca0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:09:35:45:09:16:07:fc:07:ab:10:22:ac:9d: 14:1e:d4:63:66:5f:03:f5:5f:c1:6f:c1:e2:5a:ec: a1:84:e6:fd:41:cd:ec:08:e1:5b:3b:00:c1:fd:1a: 85:85:44:33:ce:6a:18:f0:d2:38:e8:63:ca:2e:c7: 01:04:d8:7c:cb:97:72:d8:ad:d8:bd:d5:35:57:67: 10:b1:87:42:8c:11:6e:60:24:36:da:e0:a0:ee:ef: db:2a:27:3f:7c:da:4d:49:4d:7c:72:4f:b4:e6:7b: 87:ee:47:2d:a7:10:70:d3:58:8f:3f:17:57:bc:36: ff:7b:d6:91:7a:90:c0:f2:8e:12:f5:b9:94:88:1a: f3:0a:0b:1b:96:be:1c:5b:eb:28:eb:a3:be:f6:f4: 70:ea:58:13:68:6d:d2:86:e8:38:82:eb:aa:c8:97: e7:c7:e7:12:45:ae:f1:c4:3e:40:fa:d9:c0:3d:32: ea:ed:90:65:f1:e1:12:4e:a3:7e:3a:30:f8:5e:58: bd:d2:ad:2a:e0:cc:6a:52:ce:3d:f9:28:a5:5d:38: f5:b7:39:d1:f3:ed:0f:1e:74:b2:4c:02:a5:03:cc: 3f:e0:7d:41:78:03:76:5d:d1:30:fe:91:32:b2:29: f9:2a:44:d6:df:df:c4:af:97:3e:de:eb:9d:ec:d1: d1:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:01:7F:D3:7A:ED:CD:A9:C1:46:7C:6D:15:64:B5:F4:FC:D2:C4:A6 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bec9465b-b7fc-4cce-998f-69c2159f9d1a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daea:7040::/48 Signature Algorithm: sha256WithRSAEncryption 41:b5:2f:dd:8b:a1:e0:01:a6:74:b0:26:98:23:fa:55:8a:c2: 88:ac:a2:dd:ce:92:8d:fb:1f:94:be:28:83:7b:54:43:16:77: ba:4b:5f:70:8b:a7:c9:96:23:5b:2e:4b:a6:9c:ff:34:95:05: 89:df:cd:bf:39:db:3f:f3:88:9c:3d:ab:9c:3e:63:22:9b:41: 3b:2d:7c:f3:cb:b6:72:c7:b1:0d:d2:77:3c:4b:7c:98:3e:6d: 45:c9:f6:11:fa:2a:e1:c4:6a:e0:cc:7c:31:d7:2c:22:47:1a: c7:b0:85:b0:23:e6:81:a9:04:07:6d:2f:6f:5c:92:dc:53:92: 78:3e:9a:b0:61:48:d3:4d:8e:40:6c:dc:d2:c1:92:aa:4b:a3: 4c:cb:f3:b0:2c:cc:8c:5e:51:1c:d0:97:a7:23:af:27:f5:81: ab:1f:d0:e5:5f:68:a6:7c:4f:86:c8:1f:61:d5:b3:2b:87:36: 15:39:7f:3a:5c:92:30:11:01:17:cf:24:a6:2e:c8:fb:10:b5: cd:f4:88:31:60:1a:5e:43:4b:c0:7e:a0:7c:28:fb:97:1f:22: be:69:59:72:54:c9:f1:4b:85:ff:eb:9f:39:a1:0f:91:fa:7d: 27:4c:b9:d2:45:5e:cf:5b:d3:1d:60:4d:23:69:f6:b5:1b:5a: 6c:50:7a:04 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUX5yTbeAHK/uXoJGLXpnwY82rrsgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIxMTAwMjEwMFoX DTI2MDUxMjIzNTk1OVowejFJMEcGA1UEBRNANGVmMjU4ODQxMTA5NjhkZjdlODhl YzgwNjY1ZTAzMDM0NmQxOTk1ZjZkYjZkNmZhNDg3OWI1MTRjYTU2ZmNhMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAk1RQkWB/wHqxAirJ0UHtRjZl8D 9V/Bb8HiWuyhhOb9Qc3sCOFbOwDB/RqFhUQzzmoY8NI46GPKLscBBNh8y5dy2K3Y vdU1V2cQsYdCjBFuYCQ22uCg7u/bKic/fNpNSU18ck+05nuH7kctpxBw01iPPxdX vDb/e9aRepDA8o4S9bmUiBrzCgsblr4cW+so66O+9vRw6lgTaG3Shug4guuqyJfn x+cSRa7xxD5A+tnAPTLq7ZBl8eESTqN+OjD4Xli90q0q4MxqUs49+SilXTj1tznR 8+0PHnSyTAKlA8w/4H1BeAN2XdEw/pEysin5KkTW39/Er5c+3uud7NHRAQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEcBf9N67c2pwUZ8bRVktfT80sSmMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JlYzk0NjViLWI3ZmMtNGNjZS05OThmLTY5YzIxNTlmOWQxYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6nBAMA0GCSqGSIb3DQEBCwUAA4IBAQBBtS/di6HgAaZ0sCaY I/pVisKIrKLdzpKN+x+UviiDe1RDFne6S19wi6fJliNbLkumnP80lQWJ382/Ods/ 84icPaucPmMim0E7LXzzy7Zyx7EN0nc8S3yYPm1FyfYR+irhxGrgzHwx1ywiRxrH sIWwI+aBqQQHbS9vXJLcU5J4PpqwYUjTTY5AbNzSwZKqS6NMy/OwLMyMXlEc0Jen I68n9YGrH9DlX2imfE+GyB9h1bMrhzYVOX86XJIwEQEXzySmLsj7ELXN9IgxYBpe Q0vAfqB8KPuXHyK+aVlyVMnxS4X/6585oQ+R+n0nTLnSRV7PW9MdYE0jafa1G1ps UHoE -----END CERTIFICATE-----Generated at Sat Feb 21 16:22:06 2026 by rpki-client