$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/026b0654-22bf-4c16-a975-9a92215db72c.roa File: 026b0654-22bf-4c16-a975-9a92215db72c.roa (raw, json) Hash identifier: oab3LGbeeqBkx96uY6yAnSSVBuPj+IPC11K69SM/XoE= Subject key identifier: 39:33:18:7C:3A:F7:45:40:BC:A9:7C:42:0A:9D:55:02:3B:EC:94:01 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3FC7985F7DCCBB51F1F6B839A46A8F89F877BAA5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/026b0654-22bf-4c16-a975-9a92215db72c.roa Signing time: Thu 12 Mar 2026 16:36:34 +0000 ROA not before: Thu 12 Mar 2026 16:36:34 +0000 ROA not after: Wed 10 Jun 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dae9:f000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 13:25:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:c7:98:5f:7d:cc:bb:51:f1:f6:b8:39:a4:6a:8f:89:f8:77:ba:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 12 16:36:34 2026 GMT Not After : Jun 10 23:59:59 2026 GMT Subject: serialNumber=63dde72cf98777b5524ec42e90c83d2712494d0257b30389b0be13e37cd3d250, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:60:fa:54:ba:cb:16:18:14:ac:7c:12:85:96: 31:ce:57:42:6e:7b:06:3a:dc:58:2e:5f:ed:aa:9c: 52:b2:1b:af:27:6d:5e:c5:04:00:a3:f0:36:76:85: 84:3d:80:21:bf:94:aa:42:72:a0:40:c4:b0:26:22: bd:4c:b9:8e:2e:8e:49:04:1f:1a:44:d9:c3:98:cc: 03:97:fb:aa:0d:5e:e6:e9:84:63:3a:49:0e:0e:86: 41:39:56:e9:43:c3:e4:35:26:18:e0:fb:db:37:9f: 0c:80:5d:16:7b:6c:99:a3:bb:dd:70:72:58:6c:65: 4d:23:43:0f:d1:93:2e:20:62:ff:d7:d3:2a:26:e4: 2a:67:07:90:08:5b:24:6e:f3:47:93:a9:e7:5c:1e: 29:6b:f8:1d:58:55:de:6c:58:5f:52:be:31:1d:4e: 6a:7a:da:3e:bb:29:e6:8b:c9:0c:04:6e:16:fc:e3: 15:1d:93:de:5e:c1:7d:73:72:57:df:e5:3e:53:3b: bc:05:d5:d9:1c:87:d2:8a:a8:f4:78:8e:de:37:a4: df:0f:3b:d2:d4:f4:a4:23:85:51:6b:2d:80:25:8a: 79:13:40:4d:8b:2f:47:97:01:97:33:f5:10:88:c0: 08:09:31:5d:91:97:9d:06:bc:a7:b1:0d:47:c3:6a: a2:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:33:18:7C:3A:F7:45:40:BC:A9:7C:42:0A:9D:55:02:3B:EC:94:01 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/026b0654-22bf-4c16-a975-9a92215db72c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dae9:f000::/40 Signature Algorithm: sha256WithRSAEncryption 3b:6f:12:07:7b:a8:8d:88:ab:2b:77:3a:1b:79:40:7b:1e:0d: d9:e8:59:6e:39:70:95:a8:96:cd:14:84:1f:d7:b8:77:a3:05: 96:00:8f:3e:c8:48:ff:b5:45:39:47:16:6a:2b:dd:f1:dd:5f: ca:46:13:bd:4f:1c:62:e3:07:55:37:0d:d5:de:6a:9d:34:b7: 1e:48:e5:1a:87:8b:f8:ad:0c:93:2c:77:99:d8:ee:b6:0c:74: db:5d:d1:fa:bd:ad:a5:a9:e3:84:fb:c0:b7:eb:00:d7:4c:ba: 0b:80:4b:c1:07:c6:75:04:73:91:4e:aa:77:66:6a:5d:49:3f: cb:97:f6:5c:b8:07:d3:41:06:cb:a3:bf:9b:65:be:21:01:00: f0:96:d4:4f:4d:58:c5:a6:ff:d7:cf:9a:c7:11:4d:e9:65:9f: cc:88:d5:28:b8:b5:1b:28:9c:f3:66:a3:8f:ee:71:fd:ac:28: 01:47:e7:2b:91:95:4d:6c:21:54:98:80:cf:16:5a:66:45:05: e8:ca:f8:c5:82:64:76:40:e5:71:2c:44:a3:70:f1:64:9a:19: dd:4a:61:42:ff:81:ec:70:9a:29:60:d8:81:78:54:5e:8a:da: 23:3b:fc:c7:62:7e:f1:d7:50:10:9c:e4:94:d7:5e:0e:db:92: 93:ba:75:92 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUP8eYX33Mu1Hx9rg5pGqPifh3uqUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDMxMjE2MzYzNFoX DTI2MDYxMDIzNTk1OVowejFJMEcGA1UEBRNANjNkZGU3MmNmOTg3NzdiNTUyNGVj NDJlOTBjODNkMjcxMjQ5NGQwMjU3YjMwMzg5YjBiZTEzZTM3Y2QzZDI1MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWD6VLrLFhgUrHwShZYxzldCbnsG OtxYLl/tqpxSshuvJ21exQQAo/A2doWEPYAhv5SqQnKgQMSwJiK9TLmOLo5JBB8a RNnDmMwDl/uqDV7m6YRjOkkODoZBOVbpQ8PkNSYY4PvbN58MgF0We2yZo7vdcHJY bGVNI0MP0ZMuIGL/19MqJuQqZweQCFskbvNHk6nnXB4pa/gdWFXebFhfUr4xHU5q eto+uynmi8kMBG4W/OMVHZPeXsF9c3JX3+U+Uzu8BdXZHIfSiqj0eI7eN6TfDzvS 1PSkI4VRay2AJYp5E0BNiy9HlwGXM/UQiMAICTFdkZedBrynsQ1Hw2qi9QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDkzGHw690VAvKl8QgqdVQI77JQBMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAyNmIwNjU0LTIyYmYtNGMxNi1hOTc1LTlhOTIyMTVkYjcyYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba6fAwDQYJKoZIhvcNAQELBQADggEBADtvEgd7qI2Iqyt3Oht5 QHseDdnoWW45cJWols0UhB/XuHejBZYAjz7ISP+1RTlHFmor3fHdX8pGE71PHGLj B1U3DdXeap00tx5I5RqHi/itDJMsd5nY7rYMdNtd0fq9raWp44T7wLfrANdMuguA S8EHxnUEc5FOqndmal1JP8uX9ly4B9NBBsujv5tlviEBAPCW1E9NWMWm/9fPmscR Telln8yI1Si4tRsonPNmo4/ucf2sKAFH5yuRlU1sIVSYgM8WWmZFBejK+MWCZHZA 5XEsRKNw8WSaGd1KYUL/gexwmilg2IF4VF6K2iM7/MdifvHXUBCc5JTXXg7bkpO6 dZI= -----END CERTIFICATE-----Generated at Thu Mar 19 12:27:54 2026 by rpki-client