$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffd89ff2-4de6-4517-88fc-12345cabb969.roa File: ffd89ff2-4de6-4517-88fc-12345cabb969.roa (raw, json) Hash identifier: 4829XpOPiXodm1QxneVcSWtxYvSdKk9iFxiXqI4ODn0= Subject key identifier: 8C:F3:3A:BC:1C:B1:6B:28:1A:89:14:78:69:51:B5:0F:AE:D9:D7:A0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1B717DE8DF8809D04D1CED269B7F2D49C88596FC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffd89ff2-4de6-4517-88fc-12345cabb969.roa Signing time: Sun 22 Feb 2026 00:10:05 +0000 ROA not before: Sun 22 Feb 2026 00:10:05 +0000 ROA not after: Sat 23 May 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da15::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 02 Mar 2026 00:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:71:7d:e8:df:88:09:d0:4d:1c:ed:26:9b:7f:2d:49:c8:85:96:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Feb 22 00:10:05 2026 GMT Not After : May 23 23:59:59 2026 GMT Subject: serialNumber=2e84b991cf6f294e73478655f434c0632e96326c0da0966c46a24a7f87c3496b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:42:3a:af:c4:f1:d6:b4:67:2a:82:1e:64:31: b0:13:a6:9c:a9:1e:a8:cf:a4:f0:4f:56:71:be:6b: fa:ed:2d:28:15:96:be:58:01:00:e2:7e:2c:49:d7: ae:e7:84:5b:2a:24:7b:9b:ac:48:cb:d1:1a:13:74: cc:58:31:f0:41:8f:a5:68:c1:e2:b9:a6:e3:db:03: b3:8b:e2:a9:3c:6a:5c:38:b7:1f:d9:56:c4:39:ba: 56:ee:20:4c:ff:ee:9f:22:2c:ef:eb:fd:cd:cf:90: 5d:e7:cd:78:70:b9:3e:e4:f7:0b:bc:ea:ff:b5:55: f6:9f:d7:1f:43:0f:f2:a4:ed:dd:88:04:bc:c1:90: fc:b3:c8:f3:d7:0e:24:05:89:85:68:84:37:26:43: c0:c1:81:3b:b9:f2:ec:80:bd:64:75:20:aa:21:81: f0:7c:6e:4c:cf:7a:2d:e3:ca:8b:e4:47:1f:70:4e: 4d:9f:e2:89:e8:8d:64:a9:87:d9:bc:d9:d6:50:a4: ed:a6:5a:96:49:8b:d1:92:c4:af:41:c1:2a:9d:38: cb:66:d1:68:d2:d8:ff:54:32:a7:1c:ba:3b:e3:b3: f6:ce:f0:f5:25:eb:1b:df:f4:ee:24:42:e5:7b:c6: 4e:57:06:5a:99:18:aa:ce:35:b4:b1:a4:48:6a:cf: c8:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:F3:3A:BC:1C:B1:6B:28:1A:89:14:78:69:51:B5:0F:AE:D9:D7:A0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffd89ff2-4de6-4517-88fc-12345cabb969.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da15::/36 Signature Algorithm: sha256WithRSAEncryption 0a:c3:12:f1:04:37:7b:eb:73:8f:bb:92:17:c2:72:31:43:b9: 2a:b7:63:48:00:f0:97:8a:a9:dd:29:63:7d:69:49:ce:4f:41: 14:da:c7:39:8d:d5:72:6b:12:5d:9d:f4:42:81:1d:fd:e9:e8: e5:17:59:ce:a3:6d:fd:52:ef:fb:75:15:76:4e:82:28:56:ca: b1:a9:ee:a3:16:a4:47:bd:7e:36:f1:82:8f:86:69:3b:41:6b: ef:3a:d6:37:ce:71:e5:77:40:c3:4c:a8:6a:5e:7e:63:17:a9: e8:80:a5:24:8f:cd:2a:a5:b3:75:08:13:e0:cd:fc:b6:96:61: c4:ec:e0:be:9d:4f:5d:02:81:5f:78:da:88:1b:e8:25:6f:22: 13:d5:37:7e:25:92:0c:62:8f:aa:3a:09:09:9a:e5:66:26:e2: 00:19:6d:c1:39:f8:89:1e:87:9a:91:ce:dd:1a:b2:6d:fd:c9: b9:d6:2e:d5:b5:4d:21:dd:dd:c1:dc:28:04:9d:1f:43:52:f5: 93:a7:bd:30:dd:b8:03:63:b1:af:da:39:41:fd:b3:ac:f5:bc: 41:30:ea:c3:28:e5:b8:6b:3c:ca:ce:50:17:95:30:c0:b7:5e: a6:fd:2d:19:88:fc:84:e9:87:95:7b:99:2b:2b:5b:e8:35:e5: 07:b1:13:ae -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUG3F96N+ICdBNHO0mm38tSciFlvwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDIyMjAwMTAwNVoX DTI2MDUyMzIzNTk1OVowejFJMEcGA1UEBRNAMmU4NGI5OTFjZjZmMjk0ZTczNDc4 NjU1ZjQzNGMwNjMyZTk2MzI2YzBkYTA5NjZjNDZhMjRhN2Y4N2MzNDk2YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEI6r8Tx1rRnKoIeZDGwE6acqR6o z6TwT1Zxvmv67S0oFZa+WAEA4n4sSdeu54RbKiR7m6xIy9EaE3TMWDHwQY+laMHi uabj2wOzi+KpPGpcOLcf2VbEObpW7iBM/+6fIizv6/3Nz5Bd5814cLk+5PcLvOr/ tVX2n9cfQw/ypO3diAS8wZD8s8jz1w4kBYmFaIQ3JkPAwYE7ufLsgL1kdSCqIYHw fG5Mz3ot48qL5EcfcE5Nn+KJ6I1kqYfZvNnWUKTtplqWSYvRksSvQcEqnTjLZtFo 0tj/VDKnHLo747P2zvD1Jesb3/TuJELle8ZOVwZamRiqzjW0saRIas/IQQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIzzOrwcsWsoGokUeGlRtQ+u2degMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZmZDg5ZmYyLTRkZTYtNDUxNy04OGZjLTEyMzQ1Y2FiYjk2OS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaFQAwDQYJKoZIhvcNAQELBQADggEBAArDEvEEN3vrc4+7khfC cjFDuSq3Y0gA8JeKqd0pY31pSc5PQRTaxzmN1XJrEl2d9EKBHf3p6OUXWc6jbf1S 7/t1FXZOgihWyrGp7qMWpEe9fjbxgo+GaTtBa+861jfOceV3QMNMqGpefmMXqeiA pSSPzSqls3UIE+DN/LaWYcTs4L6dT10CgV942ogb6CVvIhPVN34lkgxij6o6CQma 5WYm4gAZbcE5+Ikeh5qRzt0asm39ybnWLtW1TSHd3cHcKASdH0NS9ZOnvTDduANj sa/aOUH9s6z1vEEw6sMo5bhrPMrOUBeVMMC3Xqb9LRmI/ITph5V7mSsrW+g15Qex E64= -----END CERTIFICATE-----Generated at Thu Feb 26 23:09:56 2026 by rpki-client