$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/56cecdf0-d939-4f36-a536-da8aacae2529.roa File: 56cecdf0-d939-4f36-a536-da8aacae2529.roa (raw, json) Hash identifier: LbIASLQvLHgqJ/Kc6u/uCBd2qXCSAUHw53PiXVg7KlE= Subject key identifier: 39:F5:A8:7E:CE:E1:56:31:49:86:29:C1:58:41:ED:05:EA:34:A7:31 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 71F67C02DA844103A8E7AB9EA5329C9E69A4F6C5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/56cecdf0-d939-4f36-a536-da8aacae2529.roa Signing time: Thu 12 Mar 2026 16:27:43 +0000 ROA not before: Thu 12 Mar 2026 16:27:43 +0000 ROA not after: Wed 10 Jun 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daba:2800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 13:25:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 71:f6:7c:02:da:84:41:03:a8:e7:ab:9e:a5:32:9c:9e:69:a4:f6:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 12 16:27:43 2026 GMT Not After : Jun 10 23:59:59 2026 GMT Subject: serialNumber=d7c8888dff6ea52430dac6b0d121846e3af9708193d25ebcc18c08bed47139f3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:e4:5a:fb:c3:56:19:0d:4e:73:88:62:ef:a2: e0:97:cf:df:2a:5e:dc:30:d4:e8:11:3a:56:79:c8: 0a:05:3a:33:b0:77:32:53:e9:b5:43:92:19:d1:44: 6e:76:52:cd:d7:94:05:d1:58:54:49:46:1d:ff:91: b0:9c:bd:80:20:aa:94:22:31:3a:dc:78:68:60:50: bb:1c:86:bf:eb:c8:d1:54:b7:7e:c0:22:95:26:ca: 4b:2f:df:5c:f6:bf:0e:31:4e:30:80:f4:f9:90:31: 48:06:9c:da:ed:b1:35:f8:8e:a0:c1:76:f4:c4:93: 7a:13:ce:da:6e:ca:86:d8:7a:85:54:3a:93:e1:85: 71:d9:fa:dd:0d:16:d0:d6:4d:e7:65:c4:d2:89:b2: b6:a7:11:ec:c6:14:98:9b:40:f2:f8:14:9d:4c:d4: ca:bf:43:99:60:0d:75:fc:49:bf:c9:29:52:51:8a: c8:32:b7:e3:04:cf:b0:a7:5e:f4:ec:0a:2a:4d:cd: f2:b2:1d:48:fc:55:a2:2a:34:1d:6c:5d:fd:19:f1: e5:f9:63:5c:c4:2a:bd:8b:fc:08:ad:7a:7c:4d:ff: c6:c9:55:a7:fa:09:fa:63:8b:1d:c5:9a:58:4e:52: cc:66:76:50:86:56:9c:50:b1:8b:76:40:bc:05:b4: 21:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:F5:A8:7E:CE:E1:56:31:49:86:29:C1:58:41:ED:05:EA:34:A7:31 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/56cecdf0-d939-4f36-a536-da8aacae2529.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daba:2800::/40 Signature Algorithm: sha256WithRSAEncryption af:a2:f7:aa:ec:eb:87:d1:f7:08:95:8e:b5:ab:83:b9:f6:ea: 88:e4:cb:de:0d:1e:e4:b8:98:e8:71:15:88:f3:26:42:86:eb: f9:d7:29:45:ee:63:e8:e8:dd:16:e8:8f:29:68:c7:d3:31:74: 75:fd:94:e3:c3:cd:ac:10:61:ca:5e:56:7f:bb:67:39:ed:a0: 77:cc:e0:06:c3:1c:31:54:e1:97:e5:29:51:b6:6d:c2:c7:a5: 8d:69:79:f6:c3:94:a6:89:59:70:ce:81:dc:66:bc:3b:92:23: 12:41:1d:21:2f:73:10:76:d0:50:83:d6:16:17:66:4e:5c:b7: 3f:b0:db:12:e4:72:47:83:5d:d2:b2:e1:77:1f:22:5e:43:14: d3:f2:22:c1:de:4a:a3:da:47:f9:f8:aa:ea:f5:f7:6a:49:f2: 85:2b:c8:87:2f:df:e5:fd:bf:96:2a:35:d0:e9:14:2b:b2:53: 69:7b:a8:71:8e:9d:99:4e:4f:1e:17:7a:c9:41:5c:b9:d3:72: f7:64:91:23:2c:68:71:bf:13:ab:f3:18:d0:5c:d7:17:d1:6e: be:dd:b1:cc:d4:64:29:ec:7f:82:a9:ae:d1:62:31:f6:9c:8f: 13:40:3f:78:ca:8c:48:30:a6:5f:fa:67:f5:ea:60:39:c0:9f: 82:a7:28:b7 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcfZ8AtqEQQOo56uepTKcnmmk9sUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDMxMjE2Mjc0M1oX DTI2MDYxMDIzNTk1OVowejFJMEcGA1UEBRNAZDdjODg4OGRmZjZlYTUyNDMwZGFj NmIwZDEyMTg0NmUzYWY5NzA4MTkzZDI1ZWJjYzE4YzA4YmVkNDcxMzlmMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7+Ra+8NWGQ1Oc4hi76Lgl8/fKl7c MNToETpWecgKBTozsHcyU+m1Q5IZ0URudlLN15QF0VhUSUYd/5GwnL2AIKqUIjE6 3HhoYFC7HIa/68jRVLd+wCKVJspLL99c9r8OMU4wgPT5kDFIBpza7bE1+I6gwXb0 xJN6E87absqG2HqFVDqT4YVx2frdDRbQ1k3nZcTSibK2pxHsxhSYm0Dy+BSdTNTK v0OZYA11/Em/ySlSUYrIMrfjBM+wp1707AoqTc3ysh1I/FWiKjQdbF39GfHl+WNc xCq9i/wIrXp8Tf/GyVWn+gn6Y4sdxZpYTlLMZnZQhlacULGLdkC8BbQhlwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDn1qH7O4VYxSYYpwVhB7QXqNKcxMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzU2Y2VjZGYwLWQ5MzktNGYzNi1hNTM2LWRhOGFhY2FlMjUyOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauigwDQYJKoZIhvcNAQELBQADggEBAK+i96rs64fR9wiVjrWr g7n26ojky94NHuS4mOhxFYjzJkKG6/nXKUXuY+jo3Rbojylox9MxdHX9lOPDzawQ YcpeVn+7ZzntoHfM4AbDHDFU4ZflKVG2bcLHpY1pefbDlKaJWXDOgdxmvDuSIxJB HSEvcxB20FCD1hYXZk5ctz+w2xLkckeDXdKy4XcfIl5DFNPyIsHeSqPaR/n4qur1 92pJ8oUryIcv3+X9v5YqNdDpFCuyU2l7qHGOnZlOTx4XeslBXLnTcvdkkSMsaHG/ E6vzGNBc1xfRbr7dsczUZCnsf4KprtFiMfacjxNAP3jKjEgwpl/6Z/XqYDnAn4Kn KLc= -----END CERTIFICATE-----Generated at Thu Mar 19 12:28:03 2026 by rpki-client