$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9fb21f9c-8f1d-4700-a451-c61be1e670a2.roa File: 9fb21f9c-8f1d-4700-a451-c61be1e670a2.roa (raw, json) Hash identifier: 1JTxXq10JVc+H5Yok90R7+1R7iG58qZn3VCZzLrhTho= Subject key identifier: CB:F4:41:BE:DD:07:CC:48:19:3A:11:D9:EB:43:4F:CC:DD:34:7A:C8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 341AA2318AA78166211DEF9ACDD71F147F5E6A4B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9fb21f9c-8f1d-4700-a451-c61be1e670a2.roa Signing time: Thu 12 Mar 2026 16:24:50 +0000 ROA not before: Thu 12 Mar 2026 16:24:50 +0000 ROA not after: Wed 10 Jun 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dae9:4880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 13:25:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:1a:a2:31:8a:a7:81:66:21:1d:ef:9a:cd:d7:1f:14:7f:5e:6a:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 12 16:24:50 2026 GMT Not After : Jun 10 23:59:59 2026 GMT Subject: serialNumber=ae1745db22bd84df0748509b36a48d7169b7a8fbc19cbbd187b23bd533a962db, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:e7:d5:c7:fe:ef:44:d7:d7:76:39:a9:98:f1: 34:01:b7:78:0f:52:3b:30:92:b5:f8:6b:e2:88:71: 52:4a:a8:78:28:ca:25:eb:79:4b:59:bc:d6:d3:b6: b2:5b:7b:2e:2a:31:31:a2:c3:ee:cf:e3:e9:f7:a1: 5b:61:03:cd:61:46:0a:d0:6d:66:ee:a0:c3:9f:8d: 8e:68:b3:38:41:bb:28:43:c8:82:6c:49:2c:00:02: 48:8c:1e:ba:c1:7e:b7:3f:60:0a:e9:e4:14:df:f9: 9d:48:6d:b7:a2:2b:27:98:71:0e:a3:c4:9f:59:87: 2f:cf:6b:89:58:b6:82:46:0d:1d:72:31:db:ab:df: be:18:49:cb:31:73:df:a4:83:dc:cd:c1:cb:4b:48: 32:e8:ae:6f:44:49:d0:63:0c:eb:e0:81:a2:12:bc: 04:7a:6c:c6:8e:c4:34:b8:e2:f7:fc:64:4a:0e:d8: 5a:7a:77:1e:a0:31:4b:8d:ee:5c:99:f0:43:70:79: 60:c4:e5:2e:3b:e9:25:f9:20:87:6e:92:97:e1:18: 6f:99:97:4b:b5:b8:0e:3d:2c:f6:bd:a0:cb:30:5c: b4:5e:3d:b8:da:f0:47:0d:cd:4a:9f:a1:2b:8e:bd: 3a:c6:6d:6d:7b:45:42:bd:a7:00:09:00:1c:89:52: 07:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:F4:41:BE:DD:07:CC:48:19:3A:11:D9:EB:43:4F:CC:DD:34:7A:C8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9fb21f9c-8f1d-4700-a451-c61be1e670a2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dae9:4880::/48 Signature Algorithm: sha256WithRSAEncryption 7b:1b:61:76:1d:ab:8c:bd:e6:ef:5b:fa:a5:e1:be:27:d5:52: 1f:f2:0d:ee:4e:71:f8:a8:4b:0c:bd:99:92:e4:77:71:78:d1: 5b:71:e3:95:04:9c:ca:3c:89:83:fd:9a:e9:47:d8:27:04:6d: 69:f8:5c:c8:26:9a:a8:45:4e:3d:3d:b3:dd:ae:24:d6:13:e3: 4d:0d:5b:0b:2d:f3:35:2b:0c:10:70:88:bd:28:70:a8:98:17: 1d:b0:d2:0e:ff:14:91:bb:86:af:41:ca:46:d5:4e:23:51:24: 4f:61:1d:41:0c:6f:da:e1:e2:d0:c3:ef:37:4d:7c:d6:72:06: 37:f6:96:1f:c1:a1:d4:e5:1c:be:24:cd:0d:9f:fc:8c:0e:b1: 2a:ca:e8:f4:61:61:15:ab:60:a8:65:6c:15:d9:08:79:1f:89: c9:12:e6:c1:df:fa:2b:e0:76:22:3a:e9:84:44:06:42:8c:c8: 95:fa:1f:b2:54:b3:f7:76:01:9b:ef:72:8e:e9:1f:5d:75:93: 1c:e8:6e:f2:55:9d:c6:b3:cd:df:35:76:23:0e:4a:69:ef:29: f3:ba:58:fa:5d:b0:ec:21:25:26:fa:ae:f9:48:a8:d0:b6:01: fb:94:cb:c3:47:8a:ae:3f:d2:65:0a:01:51:01:5d:ff:14:27: 2b:07:9d:57 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUNBqiMYqngWYhHe+azdcfFH9eakswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDMxMjE2MjQ1MFoX DTI2MDYxMDIzNTk1OVowejFJMEcGA1UEBRNAYWUxNzQ1ZGIyMmJkODRkZjA3NDg1 MDliMzZhNDhkNzE2OWI3YThmYmMxOWNiYmQxODdiMjNiZDUzM2E5NjJkYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArufVx/7vRNfXdjmpmPE0Abd4D1I7 MJK1+GviiHFSSqh4KMol63lLWbzW07ayW3suKjExosPuz+Pp96FbYQPNYUYK0G1m 7qDDn42OaLM4QbsoQ8iCbEksAAJIjB66wX63P2AK6eQU3/mdSG23oisnmHEOo8Sf WYcvz2uJWLaCRg0dcjHbq9++GEnLMXPfpIPczcHLS0gy6K5vREnQYwzr4IGiErwE emzGjsQ0uOL3/GRKDthaenceoDFLje5cmfBDcHlgxOUuO+kl+SCHbpKX4RhvmZdL tbgOPSz2vaDLMFy0Xj242vBHDc1Kn6Erjr06xm1te0VCvacACQAciVIHLQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMv0Qb7dB8xIGToR2etDT8zdNHrIMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzlmYjIxZjljLThmMWQtNDcwMC1hNDUxLWM2MWJlMWU2NzBhMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6UiAMA0GCSqGSIb3DQEBCwUAA4IBAQB7G2F2HauMvebvW/ql 4b4n1VIf8g3uTnH4qEsMvZmS5HdxeNFbceOVBJzKPImD/ZrpR9gnBG1p+FzIJpqo RU49PbPdriTWE+NNDVsLLfM1KwwQcIi9KHComBcdsNIO/xSRu4avQcpG1U4jUSRP YR1BDG/a4eLQw+83TXzWcgY39pYfwaHU5Ry+JM0Nn/yMDrEqyuj0YWEVq2CoZWwV 2Qh5H4nJEubB3/or4HYiOumERAZCjMiV+h+yVLP3dgGb73KO6R9ddZMc6G7yVZ3G s83fNXYjDkpp7ynzulj6XbDsISUm+q75SKjQtgH7lMvDR4quP9JlCgFRAV3/FCcr B51X -----END CERTIFICATE-----Generated at Thu Mar 19 12:27:58 2026 by rpki-client