$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4070042d-6cc3-4a2b-9157-871d35a2be7c.roa File: 4070042d-6cc3-4a2b-9157-871d35a2be7c.roa (raw, json) Hash identifier: jqKi42ApIWG+R3tFS6a761zzgLiIf2AxE8mv6qOAVtA= Subject key identifier: A3:6D:CA:A4:06:37:FF:1C:92:41:70:4A:66:E4:8B:F1:DF:39:CD:9A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 689887CA51A542BE3B0A63AAE41D59326D30347A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4070042d-6cc3-4a2b-9157-871d35a2be7c.roa Signing time: Thu 12 Mar 2026 16:21:54 +0000 ROA not before: Thu 12 Mar 2026 16:21:54 +0000 ROA not after: Wed 10 Jun 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daba:840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 13:25:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:98:87:ca:51:a5:42:be:3b:0a:63:aa:e4:1d:59:32:6d:30:34:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 12 16:21:54 2026 GMT Not After : Jun 10 23:59:59 2026 GMT Subject: serialNumber=96a4b39b1069e2eecf6e0eaa7e460ee31d3ae5553d429be871f19a3a0d649621, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:be:dc:57:87:ec:e8:97:9f:5e:fa:7b:de:d1: 55:06:41:ff:35:54:38:ae:bd:f1:74:7b:4b:fc:b5: f8:92:17:ce:7e:68:22:77:ae:ba:f1:7f:1e:c0:20: 5f:bb:6a:be:5b:f4:03:5d:98:cf:d5:95:57:43:76: 36:fd:87:11:9d:87:ad:61:76:57:35:c8:c6:38:92: 8c:d8:5d:33:d9:e3:24:b7:f9:de:29:cb:ec:ff:28: e1:16:8a:dd:9b:a3:3e:8d:db:8e:01:7d:44:fb:8a: 02:d4:63:87:95:19:84:18:63:b4:6b:ba:4d:27:25: d3:2f:2f:25:b3:75:fd:16:ea:51:2f:ea:92:f9:92: b5:b7:05:d3:17:21:35:39:5f:51:34:ff:d8:65:0a: 59:85:bb:ec:fd:dd:ba:b8:22:ef:60:2d:c4:56:b5: 74:d0:a3:ff:9b:64:e8:38:91:79:3e:1f:e7:e4:08: 17:bb:d7:26:a0:1c:1c:6d:2f:bc:e5:45:ec:d2:fd: 7b:c0:91:c5:f5:ca:a1:de:55:69:dd:4b:5e:b3:f2: 48:53:c3:ec:cb:8c:db:1e:0a:c5:1f:54:43:2a:f7: bc:7d:2c:23:fd:47:70:6b:fa:0f:9c:5e:75:ed:99: c8:77:6d:d9:32:34:38:7c:ad:69:fb:e8:65:2a:87: d4:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:6D:CA:A4:06:37:FF:1C:92:41:70:4A:66:E4:8B:F1:DF:39:CD:9A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4070042d-6cc3-4a2b-9157-871d35a2be7c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daba:840::/48 Signature Algorithm: sha256WithRSAEncryption 5d:4a:84:2e:64:1f:56:21:0e:75:e4:72:5c:09:39:ff:7d:16: 2b:b0:ba:fc:c1:81:6f:83:6d:53:87:fa:d6:c7:45:ba:28:ee: bf:44:e7:fd:aa:df:33:38:b3:82:6f:a4:f2:df:be:25:3c:84: a8:4d:4a:2f:ea:01:5e:50:57:b6:2f:60:b1:a7:3f:2f:67:d8: 73:63:2d:98:21:f6:42:c5:78:6b:6c:99:57:ed:0f:d4:cb:66: f0:0b:bf:1b:f2:e6:87:cd:86:7d:0e:15:76:61:13:d1:6c:5c: dd:c4:66:5b:d3:c2:e0:87:b7:85:ff:e8:af:13:fd:35:c8:f6: 66:77:11:93:df:7f:40:32:71:08:f6:5f:d5:75:5e:6d:7d:3f: ec:b8:65:8d:4d:15:8c:bc:05:2f:8d:e7:1c:e4:eb:9f:ab:98: 58:df:8b:93:b7:6d:ca:51:9a:d8:3a:b1:ac:1b:e7:1c:62:23: fa:bd:91:35:a1:08:28:78:66:71:ac:88:7d:5e:ba:a7:b4:33: 47:de:c2:66:e6:2e:45:0f:f8:e7:da:03:e1:4f:ef:5b:86:01: 0b:fe:3c:84:b2:32:3d:f1:fc:3f:16:04:bd:70:ac:54:71:a7: 01:60:cd:5c:15:a3:e4:54:c5:19:3e:a1:14:49:43:23:e8:83: 82:db:a6:df -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUaJiHylGlQr47CmOq5B1ZMm0wNHowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDMxMjE2MjE1NFoX DTI2MDYxMDIzNTk1OVowejFJMEcGA1UEBRNAOTZhNGIzOWIxMDY5ZTJlZWNmNmUw ZWFhN2U0NjBlZTMxZDNhZTU1NTNkNDI5YmU4NzFmMTlhM2EwZDY0OTYyMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxL7cV4fs6JefXvp73tFVBkH/NVQ4 rr3xdHtL/LX4khfOfmgid6668X8ewCBfu2q+W/QDXZjP1ZVXQ3Y2/YcRnYetYXZX NcjGOJKM2F0z2eMkt/neKcvs/yjhFordm6M+jduOAX1E+4oC1GOHlRmEGGO0a7pN JyXTLy8ls3X9FupRL+qS+ZK1twXTFyE1OV9RNP/YZQpZhbvs/d26uCLvYC3EVrV0 0KP/m2ToOJF5Ph/n5AgXu9cmoBwcbS+85UXs0v17wJHF9cqh3lVp3Utes/JIU8Ps y4zbHgrFH1RDKve8fSwj/Udwa/oPnF517ZnId23ZMjQ4fK1p++hlKofUWwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKNtyqQGN/8ckkFwSmbki/HfOc2aMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQwNzAwNDJkLTZjYzMtNGEyYi05MTU3LTg3MWQzNWEyYmU3Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaughAMA0GCSqGSIb3DQEBCwUAA4IBAQBdSoQuZB9WIQ515HJc CTn/fRYrsLr8wYFvg21Th/rWx0W6KO6/ROf9qt8zOLOCb6Ty374lPISoTUov6gFe UFe2L2Cxpz8vZ9hzYy2YIfZCxXhrbJlX7Q/Uy2bwC78b8uaHzYZ9DhV2YRPRbFzd xGZb08Lgh7eF/+ivE/01yPZmdxGT339AMnEI9l/VdV5tfT/suGWNTRWMvAUvjecc 5Oufq5hY34uTt23KUZrYOrGsG+ccYiP6vZE1oQgoeGZxrIh9XrqntDNH3sJm5i5F D/jn2gPhT+9bhgEL/jyEsjI98fw/FgS9cKxUcacBYM1cFaPkVMUZPqEUSUMj6IOC 26bf -----END CERTIFICATE-----Generated at Thu Mar 19 12:28:02 2026 by rpki-client