$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d874a882-7cd5-41b7-aeff-555ab68043f0.roa File: d874a882-7cd5-41b7-aeff-555ab68043f0.roa (raw, json) Hash identifier: Y/t7J8d3LkNs46SrKCoszOCnuxtr2loIt9lsX3XH1bQ= Subject key identifier: E6:2F:23:81:12:E8:AC:64:91:33:65:8E:9B:AE:1E:62:AC:FC:2E:27 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 65B7EBFC5CD8B1CA32A23E8684C90ED07D61E972 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d874a882-7cd5-41b7-aeff-555ab68043f0.roa Signing time: Sun 22 Feb 2026 00:10:46 +0000 ROA not before: Sun 22 Feb 2026 00:10:46 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf8:e000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 01 Mar 2026 00:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65:b7:eb:fc:5c:d8:b1:ca:32:a2:3e:86:84:c9:0e:d0:7d:61:e9:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:10:46 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=74fac606efc74c75a2aedd9df53738ae74c533be7823cffc2cb3ada1d18bf885, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f9:e6:c0:7e:02:0f:3d:5c:fc:ca:b6:e0:4c:a5: b7:e6:0f:75:fe:d8:be:11:94:7b:80:ea:78:ae:de: d9:f9:09:a2:93:6b:cb:c0:7d:a5:7e:0e:67:8a:2d: 8b:34:1f:d0:0c:a1:e9:d8:67:42:17:b9:a1:14:97: 60:3b:6f:b4:55:5d:dd:fd:e5:25:ea:09:3b:b7:fe: 0f:b8:a4:e7:a0:96:3d:35:87:b9:75:f0:95:ce:48: 19:5f:d1:ec:ed:86:16:ea:0b:21:45:81:62:36:b5: dd:42:11:2b:4c:d8:05:f1:2c:6f:0f:72:86:ac:2c: 20:94:f0:7c:0d:54:0d:ba:85:b4:c5:37:52:5c:b2: 8f:a6:62:6d:e1:cc:15:c3:76:e2:a0:f8:66:d4:82: 84:71:7c:96:3e:a0:49:26:ab:1a:22:5c:af:73:50: 8f:0e:c5:10:6f:c6:c8:7b:c8:32:8c:9a:da:aa:ef: 7f:05:83:6c:a3:50:c9:d8:73:59:9a:70:53:f5:66: fb:f5:68:09:b8:f8:34:d2:11:6a:1e:25:fb:1e:66: e0:83:95:76:db:13:34:0b:d0:a5:57:14:07:34:45: f8:b0:fe:68:c4:c7:ae:cc:83:84:f4:89:3a:63:5c: 01:6e:4c:38:ed:5b:86:3a:92:b3:ee:28:f2:8b:c1: 92:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:2F:23:81:12:E8:AC:64:91:33:65:8E:9B:AE:1E:62:AC:FC:2E:27 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d874a882-7cd5-41b7-aeff-555ab68043f0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf8:e000::/40 Signature Algorithm: sha256WithRSAEncryption b6:e9:59:c6:6f:a7:ea:77:d5:5e:7e:bd:29:24:16:20:21:9d: 65:8f:4c:f5:82:86:0e:0e:3c:18:e2:c3:d2:8a:64:1b:9c:fb: 23:87:1b:c0:80:b6:8e:ec:23:69:ce:0d:ff:41:81:66:ca:bd: 14:cc:07:d4:d1:17:bd:0d:3c:ce:19:09:fe:43:a7:bd:18:86: 8d:9a:48:ee:dd:f2:6e:03:f0:87:ec:cf:60:c5:f4:b4:83:e6: b3:20:8b:b9:82:68:ed:3e:4e:09:f0:10:b4:fb:e1:2d:37:e3: 72:7f:70:00:a3:59:f7:c5:ca:b1:ea:a2:14:31:51:a2:8d:89: 48:ca:64:c8:89:48:dd:7e:98:7f:d8:d9:4d:a1:e1:8e:6c:0d: 8e:d8:37:5c:83:ae:95:f7:f3:68:76:39:b0:f9:6c:69:de:73: 4b:84:8c:41:a6:fa:c0:45:ec:0c:b7:d1:99:d3:d7:d8:c8:dc: a2:d6:bb:35:81:d4:66:ae:31:6c:f7:a1:84:0b:25:5d:89:0a: 2b:8f:f0:a8:93:6e:78:c9:ae:05:5e:53:12:66:66:8b:6f:53: 11:7d:b1:75:4c:96:03:fd:ce:cb:07:a3:14:21:d4:66:12:c2: 31:c1:12:aa:65:32:06:e2:f3:c5:89:56:0f:59:14:f7:b0:73: ed:9d:e0:65 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUZbfr/FzYscoyoj6GhMkO0H1h6XIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMTA0NloX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNANzRmYWM2MDZlZmM3NGM3NWEyYWVk ZDlkZjUzNzM4YWU3NGM1MzNiZTc4MjNjZmZjMmNiM2FkYTFkMThiZjg4NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+ebAfgIPPVz8yrbgTKW35g91/ti+ EZR7gOp4rt7Z+Qmik2vLwH2lfg5nii2LNB/QDKHp2GdCF7mhFJdgO2+0VV3d/eUl 6gk7t/4PuKTnoJY9NYe5dfCVzkgZX9Hs7YYW6gshRYFiNrXdQhErTNgF8SxvD3KG rCwglPB8DVQNuoW0xTdSXLKPpmJt4cwVw3bioPhm1IKEcXyWPqBJJqsaIlyvc1CP DsUQb8bIe8gyjJraqu9/BYNso1DJ2HNZmnBT9Wb79WgJuPg00hFqHiX7Hmbgg5V2 2xM0C9ClVxQHNEX4sP5oxMeuzIOE9Ik6Y1wBbkw47VuGOpKz7ijyi8GSmwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOYvI4ES6KxkkTNljpuuHmKs/C4nMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q4NzRhODgyLTdjZDUtNDFiNy1hZWZmLTU1NWFiNjgwNDNmMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+OAwDQYJKoZIhvcNAQELBQADggEBALbpWcZvp+p31V5+vSkk FiAhnWWPTPWChg4OPBjiw9KKZBuc+yOHG8CAto7sI2nODf9BgWbKvRTMB9TRF70N PM4ZCf5Dp70Yho2aSO7d8m4D8Ifsz2DF9LSD5rMgi7mCaO0+TgnwELT74S0343J/ cACjWffFyrHqohQxUaKNiUjKZMiJSN1+mH/Y2U2h4Y5sDY7YN1yDrpX382h2ObD5 bGnec0uEjEGm+sBF7Ay30ZnT19jI3KLWuzWB1GauMWz3oYQLJV2JCiuP8KiTbnjJ rgVeUxJmZotvUxF9sXVMlgP9zssHoxQh1GYSwjHBEqplMgbi88WJVg9ZFPewc+2d 4GU= -----END CERTIFICATE-----Generated at Wed Feb 25 16:45:21 2026 by rpki-client