$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/12ab5f73-e3e2-44b7-b44f-d4cb6369941a.roa File: 12ab5f73-e3e2-44b7-b44f-d4cb6369941a.roa (raw, json) Hash identifier: kGmbDigLS7UEb5tsiuizMGL+FAgAHyycAwbNNwFITUM= Subject key identifier: 60:84:23:8D:F6:18:99:F7:A0:0B:7B:50:E1:95:8C:7D:46:40:42:CA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 017FAFB9551D92E9ABAB73DD078AD842158999E1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/12ab5f73-e3e2-44b7-b44f-d4cb6369941a.roa Signing time: Thu 12 Mar 2026 16:24:47 +0000 ROA not before: Thu 12 Mar 2026 16:24:47 +0000 ROA not after: Wed 10 Jun 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dae9:28c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 13:25:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:7f:af:b9:55:1d:92:e9:ab:ab:73:dd:07:8a:d8:42:15:89:99:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 12 16:24:47 2026 GMT Not After : Jun 10 23:59:59 2026 GMT Subject: serialNumber=72a442abd2143ec2ec9e39d98529c600a150033a455e05446c16a4f75f3026ce, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:a7:b1:f2:5d:a2:8d:1a:41:7f:fd:63:4d:12: c7:27:56:ad:19:3a:2c:37:cc:88:e8:52:c0:a3:ab: 74:0f:76:26:ed:81:c9:89:05:83:93:0d:6d:df:c8: 89:90:d6:16:5f:0c:a7:5c:33:3a:6b:99:54:01:ed: f4:62:9e:81:1f:14:a7:14:59:8d:e8:b2:04:73:b3: 0b:48:5e:76:6d:37:5a:9e:58:85:99:27:83:be:d0: d7:d8:82:38:15:fa:9e:99:bb:ec:05:f5:7c:fe:6e: 7b:4a:53:b1:50:23:3c:bf:d8:98:75:da:33:d9:fd: 52:77:e1:aa:32:cb:09:78:92:c5:87:8f:df:21:a8: 68:18:7c:07:b3:0b:79:6a:e8:f5:af:d6:c7:7c:f6: 3d:bb:e1:71:d0:78:7a:df:49:ab:ce:b0:99:a3:a1: 81:f6:65:ad:e0:45:37:94:06:ec:ce:75:c9:40:9d: 87:ab:ab:45:00:c1:e5:5d:52:c1:85:31:c7:f1:0d: e0:78:e1:4c:3b:f9:86:fc:77:8f:05:3a:b4:cf:51: 0f:55:33:10:58:e0:fd:c2:77:b0:c3:fa:dc:83:8f: 7b:f1:e7:5a:5e:a1:ea:ee:18:76:28:f7:ac:03:c3: 21:77:ba:8a:01:a8:80:1d:7e:aa:3c:03:b4:7c:3b: ea:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:84:23:8D:F6:18:99:F7:A0:0B:7B:50:E1:95:8C:7D:46:40:42:CA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/12ab5f73-e3e2-44b7-b44f-d4cb6369941a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dae9:28c0::/48 Signature Algorithm: sha256WithRSAEncryption 02:94:ba:b5:41:80:80:fd:fd:36:d8:1a:0a:2c:6c:4c:31:01: fb:56:91:dc:7a:d5:4c:b1:e7:91:05:40:e0:aa:b4:a3:c6:54: 46:1f:1a:c3:c4:b3:bb:5c:cd:d9:2a:97:48:fe:d0:e9:fc:fc: e2:b4:ad:06:bd:5a:1c:bb:da:6f:8e:05:b7:24:f7:b8:d6:01: 7f:dd:da:c6:9b:24:63:e1:47:cb:3f:02:b2:01:0d:96:7d:eb: 22:e5:08:98:f2:4c:f8:a4:8e:ae:3d:81:db:0a:8a:ca:bb:73: af:e6:d9:f8:99:77:f6:29:00:be:90:7b:bc:38:02:c3:1c:ad: 0f:78:03:c4:01:d0:9a:4f:b9:8d:d1:0c:28:32:24:15:5e:81: c0:c6:73:51:c1:28:6f:06:5e:99:5f:b6:95:16:cd:66:d5:3d: 91:eb:06:fd:96:ad:ce:74:84:ee:99:2d:0b:b3:38:45:b0:69: 92:ea:39:ea:fb:55:04:28:3a:87:cb:c2:b4:d4:46:7f:2b:46: 0f:95:c9:5b:87:e3:fc:1b:23:34:35:c7:f1:3b:e5:2a:ae:5f: 88:62:3f:49:ca:67:30:0a:2e:4d:b2:1a:80:df:64:db:25:43: 53:44:d8:8e:50:8f:6e:bd:38:ff:a3:4f:a5:a6:00:e6:8b:95: e1:d6:34:d6 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUAX+vuVUdkumrq3PdB4rYQhWJmeEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDMxMjE2MjQ0N1oX DTI2MDYxMDIzNTk1OVowejFJMEcGA1UEBRNANzJhNDQyYWJkMjE0M2VjMmVjOWUz OWQ5ODUyOWM2MDBhMTUwMDMzYTQ1NWUwNTQ0NmMxNmE0Zjc1ZjMwMjZjZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKex8l2ijRpBf/1jTRLHJ1atGTos N8yI6FLAo6t0D3Ym7YHJiQWDkw1t38iJkNYWXwynXDM6a5lUAe30Yp6BHxSnFFmN 6LIEc7MLSF52bTdanliFmSeDvtDX2II4FfqembvsBfV8/m57SlOxUCM8v9iYddoz 2f1Sd+GqMssJeJLFh4/fIahoGHwHswt5auj1r9bHfPY9u+Fx0Hh630mrzrCZo6GB 9mWt4EU3lAbsznXJQJ2Hq6tFAMHlXVLBhTHH8Q3geOFMO/mG/HePBTq0z1EPVTMQ WOD9wneww/rcg4978edaXqHq7hh2KPesA8Mhd7qKAaiAHX6qPAO0fDvqNQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGCEI432GJn3oAt7UOGVjH1GQELKMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzEyYWI1ZjczLWUzZTItNDRiNy1iNDRmLWQ0Y2I2MzY5OTQxYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6SjAMA0GCSqGSIb3DQEBCwUAA4IBAQAClLq1QYCA/f022BoK LGxMMQH7VpHcetVMseeRBUDgqrSjxlRGHxrDxLO7XM3ZKpdI/tDp/PzitK0GvVoc u9pvjgW3JPe41gF/3drGmyRj4UfLPwKyAQ2Wfesi5QiY8kz4pI6uPYHbCorKu3Ov 5tn4mXf2KQC+kHu8OALDHK0PeAPEAdCaT7mN0QwoMiQVXoHAxnNRwShvBl6ZX7aV Fs1m1T2R6wb9lq3OdITumS0LszhFsGmS6jnq+1UEKDqHy8K01EZ/K0YPlclbh+P8 GyM0NcfxO+Uqrl+IYj9JymcwCi5NshqA32TbJUNTRNiOUI9uvTj/o0+lpgDmi5Xh 1jTW -----END CERTIFICATE-----Generated at Thu Mar 19 12:28:07 2026 by rpki-client