$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a57b4c9a-cc25-4f0b-b618-f68a75f6e503.roa File: a57b4c9a-cc25-4f0b-b618-f68a75f6e503.roa (raw, json) Hash identifier: Gq/7x8WtQvmPnUuo4Yid5Txwc+En9UM/DnciuDnmpYE= Subject key identifier: 70:32:7A:6B:23:49:FC:4C:6C:BD:03:4D:DA:71:90:9B:DD:82:77:53 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 733EB0F9620469542F90F426336892604B3A9E4D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a57b4c9a-cc25-4f0b-b618-f68a75f6e503.roa Signing time: Thu 12 Mar 2026 16:27:54 +0000 ROA not before: Thu 12 Mar 2026 16:27:54 +0000 ROA not after: Wed 10 Jun 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dae9:a000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 13:25:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:3e:b0:f9:62:04:69:54:2f:90:f4:26:33:68:92:60:4b:3a:9e:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 12 16:27:54 2026 GMT Not After : Jun 10 23:59:59 2026 GMT Subject: serialNumber=6fab5c4f4ff6278a15e9d9b0e2318dc10f5e8a4935cc00631c02f22bda4164be, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:0f:f3:74:63:41:ab:13:b5:f8:3e:a6:88:f0: fb:93:83:69:43:4d:3e:36:6b:bc:be:43:c0:17:9d: 16:06:3a:b3:8a:0c:1f:a8:a2:90:d7:fb:14:be:9a: 81:1b:e2:cc:07:7b:52:af:5e:59:23:33:f9:10:43: 2d:71:1e:fe:3e:84:79:96:e9:2a:36:33:db:66:19: 85:23:1b:0e:28:0b:86:18:2b:4a:c3:2d:76:96:af: 90:13:30:30:94:0e:17:f8:90:2b:04:0d:7e:50:63: 08:7a:a5:f7:7f:3d:39:fc:4d:b6:73:ee:05:67:c2: 41:1c:13:7e:ec:5e:43:ee:fb:ed:6b:90:80:50:95: 09:e0:6d:b8:09:6b:6e:e3:5a:6e:5c:c8:ff:76:63: 93:d7:a1:59:f2:84:b6:93:b1:3e:4f:ea:1a:8c:7a: 8f:97:1a:0d:79:13:04:ec:f3:08:f3:91:be:ac:6e: 49:3c:d2:52:34:c9:b9:16:96:d4:96:8b:26:51:c1: c0:97:b0:07:6c:b6:e6:6c:dc:79:59:16:9e:27:76: 89:14:77:4c:69:90:58:1c:ef:a7:55:0f:96:46:8d: 3f:bf:04:9d:a9:22:13:a1:44:8a:19:16:a4:56:a2: 54:d9:63:77:f6:22:c5:1c:74:9b:7d:06:00:cd:ea: f1:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:32:7A:6B:23:49:FC:4C:6C:BD:03:4D:DA:71:90:9B:DD:82:77:53 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a57b4c9a-cc25-4f0b-b618-f68a75f6e503.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dae9:a000::/40 Signature Algorithm: sha256WithRSAEncryption 77:34:74:83:e9:4e:fc:54:46:3a:3b:8f:01:e7:7a:00:4f:23: ec:2e:35:d1:1b:32:5c:0c:6b:e8:77:f0:c6:aa:c6:e0:16:e0: 90:38:67:3c:ec:18:78:e9:9e:4e:7a:57:29:3a:89:90:78:14: 50:73:74:e5:25:62:19:d7:d9:fe:c4:4e:c7:13:2e:41:af:e0: 03:7e:40:02:a1:e7:04:5e:1d:f4:5f:b2:8a:ff:26:75:fb:a5: d3:fa:f7:6e:5c:a0:02:2e:4f:43:32:ec:f7:f1:46:6e:81:67: 05:71:69:9c:1d:7a:16:6e:81:b9:dd:7a:70:c2:ca:24:5b:cc: 7a:51:7c:2d:64:21:0a:4e:a0:5d:d4:fd:9b:14:77:99:18:3c: 49:2a:a5:5e:9b:df:d6:bc:53:d7:9b:d3:27:ad:be:c0:69:ad: d9:7d:95:20:66:4e:35:0c:0b:17:2d:36:de:48:c6:b0:93:0c: 23:96:8c:2d:dc:37:09:10:ac:fb:22:af:dd:c3:b3:88:46:50: 50:96:0a:f0:f2:ce:a5:a4:10:c5:36:24:e6:63:72:d9:be:0c: 10:b3:38:24:da:5e:9a:a5:63:c1:ec:f3:0d:37:de:8d:b6:25: fd:e6:0f:68:5e:39:7b:ea:87:fc:01:ec:cc:cb:66:aa:58:a7: 5f:df:d2:1b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUcz6w+WIEaVQvkPQmM2iSYEs6nk0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDMxMjE2Mjc1NFoX DTI2MDYxMDIzNTk1OVowejFJMEcGA1UEBRNANmZhYjVjNGY0ZmY2Mjc4YTE1ZTlk OWIwZTIzMThkYzEwZjVlOGE0OTM1Y2MwMDYzMWMwMmYyMmJkYTQxNjRiZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5g/zdGNBqxO1+D6miPD7k4NpQ00+ Nmu8vkPAF50WBjqzigwfqKKQ1/sUvpqBG+LMB3tSr15ZIzP5EEMtcR7+PoR5lukq NjPbZhmFIxsOKAuGGCtKwy12lq+QEzAwlA4X+JArBA1+UGMIeqX3fz05/E22c+4F Z8JBHBN+7F5D7vvta5CAUJUJ4G24CWtu41puXMj/dmOT16FZ8oS2k7E+T+oajHqP lxoNeRME7PMI85G+rG5JPNJSNMm5FpbUlosmUcHAl7AHbLbmbNx5WRaeJ3aJFHdM aZBYHO+nVQ+WRo0/vwSdqSIToUSKGRakVqJU2WN39iLFHHSbfQYAzerxKQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHAyemsjSfxMbL0DTdpxkJvdgndTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E1N2I0YzlhLWNjMjUtNGYwYi1iNjE4LWY2OGE3NWY2ZTUwMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba6aAwDQYJKoZIhvcNAQELBQADggEBAHc0dIPpTvxURjo7jwHn egBPI+wuNdEbMlwMa+h38MaqxuAW4JA4ZzzsGHjpnk56Vyk6iZB4FFBzdOUlYhnX 2f7ETscTLkGv4AN+QAKh5wReHfRfsor/JnX7pdP6925coAIuT0My7PfxRm6BZwVx aZwdehZugbndenDCyiRbzHpRfC1kIQpOoF3U/ZsUd5kYPEkqpV6b39a8U9eb0yet vsBprdl9lSBmTjUMCxctNt5IxrCTDCOWjC3cNwkQrPsir93Ds4hGUFCWCvDyzqWk EMU2JOZjctm+DBCzOCTaXpqlY8Hs8w033o22Jf3mD2heOXvqh/wB7MzLZqpYp1/f 0hs= -----END CERTIFICATE-----Generated at Thu Mar 19 12:24:20 2026 by rpki-client