$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/021ee8fd-6180-486e-85e0-4bc27fe7889f.roa File: 021ee8fd-6180-486e-85e0-4bc27fe7889f.roa (raw, json) Hash identifier: uuck9GDZYtMktljdPm2oqOsmItjrYdzsMUB2pReKtqA= Subject key identifier: 6C:56:85:0B:9D:5A:3E:16:C4:FB:4F:CE:9E:29:B8:20:B1:39:7D:FF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7641B6B1F92CB4FBDC9BA76E641F0F3BBF58E180 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/021ee8fd-6180-486e-85e0-4bc27fe7889f.roa Signing time: Thu 12 Mar 2026 16:24:49 +0000 ROA not before: Thu 12 Mar 2026 16:24:49 +0000 ROA not after: Wed 10 Jun 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dae9:40c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 13:25:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:41:b6:b1:f9:2c:b4:fb:dc:9b:a7:6e:64:1f:0f:3b:bf:58:e1:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 12 16:24:49 2026 GMT Not After : Jun 10 23:59:59 2026 GMT Subject: serialNumber=376801cf630449d8f7d763bf651df789f311c0492ce5b98789a11f1ff3b745b6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:1c:c2:58:7a:80:f8:10:7c:a7:ab:ee:16:36: 97:27:f8:fd:a3:2e:d7:f8:c7:32:60:2d:e8:c2:45: c6:ce:a1:6f:ed:4b:23:45:5f:27:b6:93:b1:5b:c5: 7d:58:b2:8c:c0:89:fd:1d:38:ec:d5:ec:98:a6:e8: f7:0f:56:e2:20:1b:5d:0b:d1:a5:7b:10:45:42:20: 2e:90:0f:3b:6a:e9:e0:8d:b6:01:30:ff:2d:79:6f: bc:82:69:12:75:ad:83:9f:6f:3f:c5:72:5d:64:7a: 1b:bd:de:20:4a:18:72:55:15:6a:3c:e3:19:1f:1b: 6a:3a:48:39:9d:b8:87:ef:2f:c7:d6:80:74:d2:d0: 29:d1:62:5d:4e:a3:82:05:e6:51:6d:2d:88:4c:a8: 5e:a5:70:00:f7:82:28:77:bc:de:51:98:8c:4c:4d: 09:ca:5c:3a:89:bb:2c:dd:b3:ae:f2:c2:47:fa:40: ec:5e:5c:04:01:df:f1:b2:64:1d:50:29:0a:c3:1b: 8c:c1:e8:32:6c:ba:9d:c2:63:d7:24:d1:6b:b3:59: a9:e5:2b:e8:b5:4d:36:7f:30:15:39:49:b6:a2:09: 19:76:ea:a5:a9:aa:a7:99:c1:06:d6:2f:2c:07:1c: 9a:24:8c:ea:9c:58:9b:ee:90:b5:eb:b8:0e:e4:9c: 29:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:56:85:0B:9D:5A:3E:16:C4:FB:4F:CE:9E:29:B8:20:B1:39:7D:FF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/021ee8fd-6180-486e-85e0-4bc27fe7889f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dae9:40c0::/48 Signature Algorithm: sha256WithRSAEncryption 8e:7b:31:08:01:05:f3:46:39:f9:c1:a1:71:54:cc:6e:9b:4b: d4:45:e1:05:3b:01:8c:19:f2:5c:bb:c5:ca:2c:9a:4e:a4:1b: c5:af:11:34:d4:92:50:4e:15:50:31:ef:60:a9:34:84:5c:7b: 1f:02:65:3c:25:d4:1b:70:af:5b:28:e8:2a:74:72:f4:85:88: cd:0b:7a:25:c4:16:f2:f0:68:e3:a8:49:c8:c9:4d:58:1d:01: 05:e9:06:5f:0e:26:ce:14:8b:d5:9d:42:61:94:a2:c0:53:f5: cf:1c:e8:63:5d:67:7d:d0:82:6d:64:00:e3:55:d3:fa:72:af: 78:bb:1d:3c:f9:ce:4c:11:5b:c5:da:f0:a2:10:51:91:a5:4f: a9:f1:82:35:14:ac:a0:cc:05:9a:91:3f:2d:d5:19:fd:0b:7f: ca:69:57:a5:94:56:65:dd:97:14:d7:7a:7e:41:91:35:dc:24: cc:66:1a:5c:bb:9e:e1:59:03:4c:c6:c8:9b:28:43:75:96:4a: 1b:b3:e0:12:70:b6:85:d5:10:6e:bb:36:00:03:7b:7c:56:f5: 76:48:2c:fd:0f:88:02:76:3c:31:ff:30:22:61:e6:d5:ef:1f: a5:22:b6:9d:df:83:9f:ea:b4:ff:29:cb:de:93:88:fa:6b:87: 41:fa:33:ac -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUdkG2sfkstPvcm6duZB8PO79Y4YAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDMxMjE2MjQ0OVoX DTI2MDYxMDIzNTk1OVowejFJMEcGA1UEBRNAMzc2ODAxY2Y2MzA0NDlkOGY3ZDc2 M2JmNjUxZGY3ODlmMzExYzA0OTJjZTViOTg3ODlhMTFmMWZmM2I3NDViNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1RzCWHqA+BB8p6vuFjaXJ/j9oy7X +McyYC3owkXGzqFv7UsjRV8ntpOxW8V9WLKMwIn9HTjs1eyYpuj3D1biIBtdC9Gl exBFQiAukA87aungjbYBMP8teW+8gmkSda2Dn28/xXJdZHobvd4gShhyVRVqPOMZ HxtqOkg5nbiH7y/H1oB00tAp0WJdTqOCBeZRbS2ITKhepXAA94Iod7zeUZiMTE0J ylw6ibss3bOu8sJH+kDsXlwEAd/xsmQdUCkKwxuMwegybLqdwmPXJNFrs1mp5Svo tU02fzAVOUm2ogkZduqlqaqnmcEG1i8sBxyaJIzqnFib7pC167gO5JwpGwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGxWhQudWj4WxPtPzp4puCCxOX3/MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAyMWVlOGZkLTYxODAtNDg2ZS04NWUwLTRiYzI3ZmU3ODg5Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6UDAMA0GCSqGSIb3DQEBCwUAA4IBAQCOezEIAQXzRjn5waFx VMxum0vUReEFOwGMGfJcu8XKLJpOpBvFrxE01JJQThVQMe9gqTSEXHsfAmU8JdQb cK9bKOgqdHL0hYjNC3olxBby8GjjqEnIyU1YHQEF6QZfDibOFIvVnUJhlKLAU/XP HOhjXWd90IJtZADjVdP6cq94ux08+c5MEVvF2vCiEFGRpU+p8YI1FKygzAWakT8t 1Rn9C3/KaVellFZl3ZcU13p+QZE13CTMZhpcu57hWQNMxsibKEN1lkobs+AScLaF 1RBuuzYAA3t8VvV2SCz9D4gCdjwx/zAiYebV7x+lIrad34Of6rT/Kcvek4j6a4dB +jOs -----END CERTIFICATE-----Generated at Thu Mar 19 12:28:04 2026 by rpki-client