$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/05bbbc0b-36fc-4ef2-bea1-e2c46167fbb2.roa File: 05bbbc0b-36fc-4ef2-bea1-e2c46167fbb2.roa (raw, json) Hash identifier: P+38cl5k8H5UM391I4cth+x9U65CFQTfiW/pdHoNLpc= Subject key identifier: 07:F3:BD:8F:74:11:4F:A1:D3:C8:1C:01:AE:B7:3C:CF:2E:17:EE:07 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7B97588BC7E0C7D7002BFA7EACD691063869B309 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/05bbbc0b-36fc-4ef2-bea1-e2c46167fbb2.roa Signing time: Thu 12 Mar 2026 16:21:43 +0000 ROA not before: Thu 12 Mar 2026 16:21:43 +0000 ROA not after: Wed 10 Jun 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daba:2080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 13:25:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:97:58:8b:c7:e0:c7:d7:00:2b:fa:7e:ac:d6:91:06:38:69:b3:09 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 12 16:21:43 2026 GMT Not After : Jun 10 23:59:59 2026 GMT Subject: serialNumber=4e0ee92aaf144ea43dd32ae9206a90ca0fe89873f0cc70ceb42c54fd2aee6099, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:f8:11:be:df:ea:f1:35:e5:f8:bd:f0:81:24: f3:7c:93:5b:1d:2a:6a:53:b5:cf:4c:a6:70:f4:cd: 84:14:7e:55:25:86:7e:8b:20:11:59:cc:08:c3:15: 01:ea:d2:5c:cd:2e:c1:f8:51:73:9c:b8:61:62:17: b8:0d:e4:a2:9e:42:92:7d:c3:9d:b1:6f:6e:3f:d5: 40:02:63:8a:47:40:e2:68:99:23:a6:a1:5d:85:bc: 9a:b9:6c:a6:a5:d5:69:4c:b5:8f:dd:65:8a:6c:69: b3:7a:e6:40:01:0e:56:a2:c4:d9:01:70:5f:07:e7: 20:e3:6d:5b:f5:a3:3c:7a:d4:f9:66:2f:9b:ed:45: 31:e8:94:64:a7:cf:d6:6c:0c:49:1a:61:01:54:f4: 08:69:b7:18:35:3b:2f:5a:0e:4c:44:26:42:1f:5a: 0a:f9:79:60:19:a8:34:76:0f:6d:9b:da:0c:f5:dc: 7e:53:54:00:d2:14:a0:48:df:d4:99:3b:c5:f2:e4: bd:82:29:e6:e1:d0:81:bc:d4:ba:40:8c:e6:4c:e6: b1:de:f3:9d:a2:c9:8e:90:b2:55:41:de:37:13:00: 2d:57:ef:82:b2:41:c8:49:bb:ef:5b:95:cb:97:6a: 57:fe:32:01:1f:37:b3:27:5d:12:e9:77:75:f4:92: 05:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:F3:BD:8F:74:11:4F:A1:D3:C8:1C:01:AE:B7:3C:CF:2E:17:EE:07 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/05bbbc0b-36fc-4ef2-bea1-e2c46167fbb2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daba:2080::/48 Signature Algorithm: sha256WithRSAEncryption b2:d6:79:a0:80:c7:68:fa:93:cf:6a:31:4b:79:99:41:f6:69: 5e:0d:e3:40:0d:41:6f:d0:d8:98:2d:89:53:a1:e9:ec:2b:28: 9f:45:ba:3c:a3:38:4f:cd:87:63:d0:61:41:c6:bc:7b:ca:c6: ce:30:98:c8:94:c8:20:bf:e8:96:38:85:d7:4a:8e:33:ac:96: cd:f4:04:98:50:56:95:98:51:b6:b0:6e:53:ef:79:37:d0:eb: 17:6c:b5:82:62:51:b5:62:4a:68:60:1a:4f:e8:ac:db:fa:c2: be:f1:c6:9e:0f:45:74:8e:d8:2d:a4:77:2d:b2:ee:d6:ce:aa: 79:2e:80:af:25:52:bb:09:3b:e0:01:5c:01:1a:63:fe:37:0c: 5d:43:46:3a:a9:4f:45:f5:1e:78:e7:24:ea:df:8d:f2:e5:d6: d7:1a:e1:66:7f:87:5a:15:5a:64:af:a4:fe:29:ad:a9:aa:18: d5:61:a2:48:b7:6c:7f:b1:55:c6:af:e3:bd:35:7b:aa:69:f5: 1e:e3:ba:1f:6f:9d:9f:b4:60:17:e7:e6:6a:d2:e4:40:d3:3d: db:b2:df:af:67:66:88:17:ca:f6:f9:ef:07:ee:bb:44:12:0a: c6:f0:19:1b:d0:ea:6a:96:1b:4b:80:97:cb:59:f2:4f:59:93: 0d:09:ba:2d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUe5dYi8fgx9cAK/p+rNaRBjhpswkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDMxMjE2MjE0M1oX DTI2MDYxMDIzNTk1OVowejFJMEcGA1UEBRNANGUwZWU5MmFhZjE0NGVhNDNkZDMy YWU5MjA2YTkwY2EwZmU4OTg3M2YwY2M3MGNlYjQyYzU0ZmQyYWVlNjA5OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvgRvt/q8TXl+L3wgSTzfJNbHSpq U7XPTKZw9M2EFH5VJYZ+iyARWcwIwxUB6tJczS7B+FFznLhhYhe4DeSinkKSfcOd sW9uP9VAAmOKR0DiaJkjpqFdhbyauWympdVpTLWP3WWKbGmzeuZAAQ5WosTZAXBf B+cg421b9aM8etT5Zi+b7UUx6JRkp8/WbAxJGmEBVPQIabcYNTsvWg5MRCZCH1oK +XlgGag0dg9tm9oM9dx+U1QA0hSgSN/UmTvF8uS9ginm4dCBvNS6QIzmTOax3vOd osmOkLJVQd43EwAtV++CskHISbvvW5XLl2pX/jIBHzezJ10S6Xd19JIFfwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAfzvY90EU+h08gcAa63PM8uF+4HMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA1YmJiYzBiLTM2ZmMtNGVmMi1iZWExLWUyYzQ2MTY3ZmJiMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbauiCAMA0GCSqGSIb3DQEBCwUAA4IBAQCy1nmggMdo+pPPajFL eZlB9mleDeNADUFv0NiYLYlToensKyifRbo8ozhPzYdj0GFBxrx7ysbOMJjIlMgg v+iWOIXXSo4zrJbN9ASYUFaVmFG2sG5T73k30OsXbLWCYlG1YkpoYBpP6Kzb+sK+ 8caeD0V0jtgtpHctsu7Wzqp5LoCvJVK7CTvgAVwBGmP+NwxdQ0Y6qU9F9R545yTq 343y5dbXGuFmf4daFVpkr6T+Ka2pqhjVYaJIt2x/sVXGr+O9NXuqafUe47ofb52f tGAX5+Zq0uRA0z3bst+vZ2aIF8r2+e8H7rtEEgrG8Bkb0OpqlhtLgJfLWfJPWZMN Cbot -----END CERTIFICATE-----Generated at Thu Mar 19 12:28:09 2026 by rpki-client