$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1608d804-974f-4707-85cf-540b359a4e74.roa File: 1608d804-974f-4707-85cf-540b359a4e74.roa (raw, json) Hash identifier: 852sgDyjL8IpmZ4RS/JRNsjXrQafAWYvYa3JkyJkips= Subject key identifier: 42:82:C1:35:E4:7E:90:4F:0B:22:BF:89:2C:9B:4F:B6:40:36:B4:03 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4EBA34FEBA70D96ED0C75D92418A5190B637A299 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1608d804-974f-4707-85cf-540b359a4e74.roa Signing time: Thu 12 Mar 2026 16:23:26 +0000 ROA not before: Thu 12 Mar 2026 16:23:26 +0000 ROA not after: Wed 10 Jun 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daba:c040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 13:25:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:ba:34:fe:ba:70:d9:6e:d0:c7:5d:92:41:8a:51:90:b6:37:a2:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 12 16:23:26 2026 GMT Not After : Jun 10 23:59:59 2026 GMT Subject: serialNumber=ffbcf74b03bcaed82dc091c3fb57cfe5e1d6b74bac891f487e915748cc1469a3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:76:0b:e8:48:cd:13:06:a1:ea:e5:b9:8d:f5: bc:42:a9:63:30:a0:81:99:26:f0:f1:c1:0f:b6:b9: c4:f7:b8:bc:ce:90:44:59:26:70:b1:55:72:23:5e: 12:32:63:85:01:87:1c:65:69:4c:2e:10:9e:fe:22: 70:0f:ae:11:bb:64:dd:61:c4:4e:50:3b:ca:78:f2: 92:a7:50:15:01:65:7b:de:2a:04:c6:35:24:34:df: ec:4f:42:b1:c6:59:dd:2d:fe:d5:d7:c6:ad:87:a6: 79:47:8f:b7:f2:c4:2e:91:16:22:d8:9a:53:7b:9e: 35:fa:db:b9:e1:2f:86:ea:64:d5:ff:a5:2f:cc:ca: ca:d7:19:e6:73:74:4e:f8:b5:73:10:23:7b:f4:23: 1c:c7:b1:c5:41:e9:ae:bf:4b:e2:cd:1d:89:ff:8e: 03:c1:a0:e9:1a:38:3a:2b:ec:23:bd:d3:c4:3d:60: e3:20:e0:44:8d:87:2e:d4:3e:cc:49:6c:6c:3e:91: 7f:c8:4e:40:40:50:ac:d1:2c:35:c8:64:bd:93:5a: 62:57:1f:8a:50:6e:be:f5:f6:20:ce:75:73:d0:da: ae:d6:40:19:95:38:b6:e4:1c:40:2a:39:18:d3:87: 06:1f:94:48:f8:e5:93:c9:ef:f2:c5:8c:d7:1f:9a: 12:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:82:C1:35:E4:7E:90:4F:0B:22:BF:89:2C:9B:4F:B6:40:36:B4:03 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1608d804-974f-4707-85cf-540b359a4e74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daba:c040::/48 Signature Algorithm: sha256WithRSAEncryption 6e:38:f8:f9:3d:df:47:38:47:ed:da:ae:c9:36:3e:71:85:ed: d1:4a:ac:f5:0e:ed:76:0a:2f:c9:77:00:06:ae:3a:0f:03:37: 20:e6:e6:7a:a1:c1:ca:52:92:07:43:88:69:3f:d0:76:4b:49: 74:df:d9:50:ff:c6:a1:f7:f6:93:42:f0:c1:b6:ea:94:02:ef: d6:0e:9c:84:38:2d:1b:55:f8:8f:02:4e:5a:11:d6:ce:4a:01: 21:2f:95:48:ef:82:3b:27:cc:ed:92:e7:ff:ee:d1:fd:12:60: 19:12:03:66:03:b2:3b:77:58:0e:46:65:f1:40:ac:d4:28:de: d5:ed:8d:1e:9d:a2:53:3f:9e:d5:e2:d5:01:cc:13:4f:8c:e6: dc:19:c2:cf:5b:a4:61:85:f9:98:c3:2d:c2:db:a9:5f:17:fd: 2e:1d:42:a6:31:51:f7:f4:e4:aa:c0:71:9f:4b:a4:74:64:f7: 4a:55:06:cd:1e:5d:bf:67:fa:42:94:23:5a:fb:9f:6f:aa:0e: 3c:49:7c:c3:8b:fd:25:a4:42:b2:76:06:8b:e0:60:b3:ca:b0: df:fb:48:6e:c1:6f:1e:38:bc:5e:28:83:cb:9e:39:5f:6b:0a: 56:19:77:eb:94:98:c4:b4:49:ba:65:38:6e:17:ad:2a:66:61: a5:7b:cd:f2 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUTro0/rpw2W7Qx12SQYpRkLY3opkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDMxMjE2MjMyNloX DTI2MDYxMDIzNTk1OVowejFJMEcGA1UEBRNAZmZiY2Y3NGIwM2JjYWVkODJkYzA5 MWMzZmI1N2NmZTVlMWQ2Yjc0YmFjODkxZjQ4N2U5MTU3NDhjYzE0NjlhMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXYL6EjNEwah6uW5jfW8QqljMKCB mSbw8cEPtrnE97i8zpBEWSZwsVVyI14SMmOFAYccZWlMLhCe/iJwD64Ru2TdYcRO UDvKePKSp1AVAWV73ioExjUkNN/sT0KxxlndLf7V18ath6Z5R4+38sQukRYi2JpT e541+tu54S+G6mTV/6UvzMrK1xnmc3RO+LVzECN79CMcx7HFQemuv0vizR2J/44D waDpGjg6K+wjvdPEPWDjIOBEjYcu1D7MSWxsPpF/yE5AQFCs0Sw1yGS9k1piVx+K UG6+9fYgznVz0Nqu1kAZlTi25BxAKjkY04cGH5RI+OWTye/yxYzXH5oSOQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEKCwTXkfpBPCyK/iSybT7ZANrQDMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE2MDhkODA0LTk3NGYtNDcwNy04NWNmLTU0MGIzNTlhNGU3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbausBAMA0GCSqGSIb3DQEBCwUAA4IBAQBuOPj5Pd9HOEft2q7J Nj5xhe3RSqz1Du12Ci/JdwAGrjoPAzcg5uZ6ocHKUpIHQ4hpP9B2S0l039lQ/8ah 9/aTQvDBtuqUAu/WDpyEOC0bVfiPAk5aEdbOSgEhL5VI74I7J8ztkuf/7tH9EmAZ EgNmA7I7d1gORmXxQKzUKN7V7Y0enaJTP57V4tUBzBNPjObcGcLPW6RhhfmYwy3C 26lfF/0uHUKmMVH39OSqwHGfS6R0ZPdKVQbNHl2/Z/pClCNa+59vqg48SXzDi/0l pEKydgaL4GCzyrDf+0huwW8eOLxeKIPLnjlfawpWGXfrlJjEtEm6ZThuF60qZmGl e83y -----END CERTIFICATE-----Generated at Thu Mar 19 12:27:56 2026 by rpki-client