$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/87619775-f311-41aa-8c4b-9d0702423e74.roa File: 87619775-f311-41aa-8c4b-9d0702423e74.roa (raw, json) Hash identifier: /r1npthBnfRXgZWs5HAw0PuqfEiwEbdilAAlSPqqTwA= Subject key identifier: 25:35:DD:C9:2E:E6:C8:5C:A5:65:AD:FC:69:4E:7A:82:62:A3:6A:2B Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 289960AFBD31D05E963BE354536811F1F9F261F0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/87619775-f311-41aa-8c4b-9d0702423e74.roa Signing time: Thu 12 Mar 2026 16:27:47 +0000 ROA not before: Thu 12 Mar 2026 16:27:47 +0000 ROA not after: Wed 10 Jun 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daba:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 13:25:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:99:60:af:bd:31:d0:5e:96:3b:e3:54:53:68:11:f1:f9:f2:61:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 12 16:27:47 2026 GMT Not After : Jun 10 23:59:59 2026 GMT Subject: serialNumber=ba310efaf51a4b3bf6318120879aab2af256b54c091d5bc1fdde69b398ef74e7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:28:98:ca:2b:77:33:cd:db:d4:80:cb:86:d9: 5c:68:75:15:3d:00:5b:b3:45:b2:9f:73:20:e0:b0: b8:5e:f6:07:de:a4:65:a6:13:d6:67:7b:df:ac:0a: 24:ca:a6:da:17:b7:67:ad:2f:2a:45:29:34:5d:57: 0e:88:8e:b0:f1:1d:59:ec:d4:d8:ec:9a:19:f9:d1: c5:91:a3:36:c0:7f:f9:68:a0:cb:d7:67:07:d8:b9: 84:8f:11:07:02:4f:05:63:6c:48:ab:d1:32:95:c5: 0e:d9:17:a7:5d:3a:4d:4e:e9:ad:b6:78:98:96:39: 3d:b7:b6:91:88:87:29:3e:68:ec:ee:37:16:fa:f9: 41:86:a1:ee:db:86:f4:95:42:8a:8a:cb:47:1d:a7: f1:82:8f:a0:d1:b8:7f:39:20:94:78:22:03:25:be: 29:c9:51:ba:c2:40:7d:77:25:26:b0:05:8d:42:0e: 07:6b:8e:a3:25:17:9e:ce:19:a9:c2:cb:c6:64:79: fa:1b:c9:fc:9b:b9:7f:ab:29:5d:e6:5c:05:99:d4: e0:4e:63:54:91:76:3a:c8:b2:a7:a2:3f:0f:3e:74: a4:1e:89:78:af:df:af:57:b0:ae:df:85:15:42:bf: 2a:47:84:2b:2f:ed:3d:2b:3b:f4:b0:ab:29:a9:db: 0a:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:35:DD:C9:2E:E6:C8:5C:A5:65:AD:FC:69:4E:7A:82:62:A3:6A:2B X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/87619775-f311-41aa-8c4b-9d0702423e74.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daba:a000::/40 Signature Algorithm: sha256WithRSAEncryption 50:f3:5d:19:6f:09:44:d9:0d:53:8c:d4:d0:d9:4d:31:a9:7c: c2:5e:73:b9:cd:a3:60:08:83:f3:a7:19:91:52:7e:df:fe:45: 8f:04:9c:8c:42:17:85:68:0e:5a:0a:9c:73:26:88:c8:d8:14: 90:ca:85:55:3b:44:ee:c1:ae:27:5e:8e:40:ad:fb:f7:fa:e4: b0:45:90:e4:34:51:62:39:8f:35:99:b9:96:ef:0d:b8:cb:2b: bd:94:8a:37:c6:9e:1d:b2:88:8b:e8:07:0c:d6:01:29:ed:20: 46:d3:66:e4:b9:9c:9a:a0:d6:48:32:98:8f:3d:24:e1:ca:d6: 43:7a:64:b3:d4:44:b1:4c:77:fc:2f:50:7c:37:be:9a:8e:eb: ac:a4:62:38:6c:80:3d:8d:df:0b:5e:d2:a8:b8:c0:a7:f8:3c: 5e:67:24:fb:f1:69:b8:19:7d:b6:36:f5:09:ba:74:a0:d3:86: 81:87:23:0e:87:1c:0e:28:37:0e:45:94:cf:13:39:27:fa:86: 12:30:d1:ca:b7:0c:56:62:04:ae:29:70:ce:9e:4c:23:1b:40: e3:38:5d:c6:27:9c:1b:80:60:8a:3d:8b:e5:56:d7:a2:7e:6f: 67:b0:be:f1:72:e5:fa:d6:11:92:c2:2f:4b:bb:8f:66:02:c2: cb:c4:79:6c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUKJlgr70x0F6WO+NUU2gR8fnyYfAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDMxMjE2Mjc0N1oX DTI2MDYxMDIzNTk1OVowejFJMEcGA1UEBRNAYmEzMTBlZmFmNTFhNGIzYmY2MzE4 MTIwODc5YWFiMmFmMjU2YjU0YzA5MWQ1YmMxZmRkZTY5YjM5OGVmNzRlNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3iiYyit3M83b1IDLhtlcaHUVPQBb s0Wyn3Mg4LC4XvYH3qRlphPWZ3vfrAokyqbaF7dnrS8qRSk0XVcOiI6w8R1Z7NTY 7JoZ+dHFkaM2wH/5aKDL12cH2LmEjxEHAk8FY2xIq9EylcUO2RenXTpNTumttniY ljk9t7aRiIcpPmjs7jcW+vlBhqHu24b0lUKKistHHafxgo+g0bh/OSCUeCIDJb4p yVG6wkB9dyUmsAWNQg4Ha46jJReezhmpwsvGZHn6G8n8m7l/qyld5lwFmdTgTmNU kXY6yLKnoj8PPnSkHol4r9+vV7Cu34UVQr8qR4QrL+09Kzv0sKspqdsKJwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCU13cku5shcpWWt/GlOeoJio2orMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg3NjE5Nzc1LWYzMTEtNDFhYS04YzRiLTlkMDcwMjQyM2U3NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauqAwDQYJKoZIhvcNAQELBQADggEBAFDzXRlvCUTZDVOM1NDZ TTGpfMJec7nNo2AIg/OnGZFSft/+RY8EnIxCF4VoDloKnHMmiMjYFJDKhVU7RO7B ridejkCt+/f65LBFkOQ0UWI5jzWZuZbvDbjLK72UijfGnh2yiIvoBwzWASntIEbT ZuS5nJqg1kgymI89JOHK1kN6ZLPURLFMd/wvUHw3vpqO66ykYjhsgD2N3wte0qi4 wKf4PF5nJPvxabgZfbY29Qm6dKDThoGHIw6HHA4oNw5FlM8TOSf6hhIw0cq3DFZi BK4pcM6eTCMbQOM4XcYnnBuAYIo9i+VW16J+b2ewvvFy5frWEZLCL0u7j2YCwsvE eWw= -----END CERTIFICATE-----Generated at Thu Mar 19 12:24:03 2026 by rpki-client