$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afb42ad5-b968-4d26-b279-708ff2f6820f.roa File: afb42ad5-b968-4d26-b279-708ff2f6820f.roa (raw, json) Hash identifier: O9ZYmTciKqfyxqi1yAfHVHQEQHGhmscW+GU2XMNCrJo= Subject key identifier: B3:7E:50:34:62:A8:70:72:D2:DA:DA:9E:76:6A:48:B8:94:37:E5:7E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6E80BB37F132D51A6C2482EC8CE3021BE17BAC0F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afb42ad5-b968-4d26-b279-708ff2f6820f.roa Signing time: Thu 12 Mar 2026 16:21:50 +0000 ROA not before: Thu 12 Mar 2026 16:21:50 +0000 ROA not after: Wed 10 Jun 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daba:7040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 13:25:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:80:bb:37:f1:32:d5:1a:6c:24:82:ec:8c:e3:02:1b:e1:7b:ac:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 12 16:21:50 2026 GMT Not After : Jun 10 23:59:59 2026 GMT Subject: serialNumber=31455b078ff7dd20a05cab41829bdad5a2ce9acadd66bfac49f7d2f93aeda875, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:f3:da:fe:5d:d2:e2:65:a1:28:eb:a5:66:12: a6:0e:6a:69:4e:62:85:17:76:ab:f6:66:4e:60:3e: b0:e2:80:9e:96:0e:d9:fc:9c:3d:d1:f7:0b:f4:ee: 8a:41:41:17:2f:30:2e:74:15:e0:91:e0:8f:aa:9f: b8:5d:9a:58:dc:cc:dd:fa:e0:4b:d1:22:72:43:ba: 2f:e4:38:48:5d:2b:2b:88:b3:c2:80:d6:ed:dc:f3: 61:e1:71:60:dd:65:72:63:cc:60:91:e6:78:9d:ef: 85:55:09:04:d3:74:1c:91:e3:1e:6b:02:53:dc:0e: a7:be:3f:e8:4a:de:81:fa:54:de:3a:cd:81:41:88: 03:8a:6f:d0:f9:95:78:30:9c:63:0c:99:9f:c7:af: 09:b7:2f:c8:68:d9:67:ce:79:4e:bc:d9:3d:b2:4d: ee:85:5d:95:db:ac:ad:19:a3:88:7c:96:fc:c9:70: fc:bc:fb:25:44:78:61:65:dc:75:34:a1:b4:87:0f: 81:bf:d3:7d:1f:0d:ed:af:2b:54:60:38:d7:23:82: 74:65:fb:2d:4d:f0:1c:23:ce:e2:63:e6:0c:02:fb: 22:0a:ba:0d:36:20:20:b4:aa:26:bd:5d:10:d5:9c: 82:af:20:a0:1b:79:da:af:15:c1:fc:1e:67:40:2e: 53:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:7E:50:34:62:A8:70:72:D2:DA:DA:9E:76:6A:48:B8:94:37:E5:7E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afb42ad5-b968-4d26-b279-708ff2f6820f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daba:7040::/48 Signature Algorithm: sha256WithRSAEncryption 2a:05:59:ee:a7:38:97:26:ae:3f:df:19:48:72:ff:7e:9f:b6: 61:bd:62:5a:8d:7e:d4:7a:3b:df:e8:06:ad:a5:79:34:29:af: 47:f9:87:1c:be:d9:ca:d1:37:ce:6b:d2:94:a9:ef:34:ed:ca: 7e:01:a0:91:1e:d4:cd:8e:b5:76:d8:1e:71:13:3f:32:01:7f: e9:0e:ec:4f:05:08:f1:3f:5b:cc:5b:a3:46:30:6d:d6:82:98: f9:d8:c7:95:92:d6:2c:38:41:0d:ae:f2:4e:ec:ae:26:34:b4: 0b:4a:16:17:9c:29:d1:cc:1c:c3:18:01:f5:2c:85:e6:86:88: 4f:0c:cc:da:b6:95:f1:84:e4:7d:83:41:f8:ac:a6:97:92:90: 1e:de:86:16:a3:f0:a9:6b:0a:5d:a1:23:e6:b0:ae:fe:f4:7f: a0:84:9d:a9:a6:e1:14:3b:46:38:33:91:28:93:ab:6d:55:8c: a9:bc:a9:b4:fb:22:57:84:68:dc:e7:1d:20:e3:11:2b:3a:d2: f8:e4:36:b8:38:16:75:64:4b:99:80:ed:cb:25:88:1b:ce:99: 1a:a5:f9:a9:36:4a:fe:49:2d:81:f0:e1:30:30:43:af:3b:c5: c8:30:85:68:91:5e:b6:3e:e8:c1:e3:2b:c2:42:48:e8:5b:cb: 5e:e1:6d:ba -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUboC7N/Ey1RpsJILsjOMCG+F7rA8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDMxMjE2MjE1MFoX DTI2MDYxMDIzNTk1OVowejFJMEcGA1UEBRNAMzE0NTViMDc4ZmY3ZGQyMGEwNWNh YjQxODI5YmRhZDVhMmNlOWFjYWRkNjZiZmFjNDlmN2QyZjkzYWVkYTg3NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PPa/l3S4mWhKOulZhKmDmppTmKF F3ar9mZOYD6w4oCelg7Z/Jw90fcL9O6KQUEXLzAudBXgkeCPqp+4XZpY3Mzd+uBL 0SJyQ7ov5DhIXSsriLPCgNbt3PNh4XFg3WVyY8xgkeZ4ne+FVQkE03QckeMeawJT 3A6nvj/oSt6B+lTeOs2BQYgDim/Q+ZV4MJxjDJmfx68Jty/IaNlnznlOvNk9sk3u hV2V26ytGaOIfJb8yXD8vPslRHhhZdx1NKG0hw+Bv9N9Hw3trytUYDjXI4J0Zfst TfAcI87iY+YMAvsiCroNNiAgtKomvV0Q1ZyCryCgG3narxXB/B5nQC5TdQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLN+UDRiqHBy0trannZqSLiUN+V+MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FmYjQyYWQ1LWI5NjgtNGQyNi1iMjc5LTcwOGZmMmY2ODIwZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaunBAMA0GCSqGSIb3DQEBCwUAA4IBAQAqBVnupziXJq4/3xlI cv9+n7ZhvWJajX7Uejvf6AatpXk0Ka9H+YccvtnK0TfOa9KUqe807cp+AaCRHtTN jrV22B5xEz8yAX/pDuxPBQjxP1vMW6NGMG3Wgpj52MeVktYsOEENrvJO7K4mNLQL ShYXnCnRzBzDGAH1LIXmhohPDMzatpXxhOR9g0H4rKaXkpAe3oYWo/CpawpdoSPm sK7+9H+ghJ2ppuEUO0Y4M5Eok6ttVYypvKm0+yJXhGjc5x0g4xErOtL45Da4OBZ1 ZEuZgO3LJYgbzpkapfmpNkr+SS2B8OEwMEOvO8XIMIVokV62PujB4yvCQkjoW8te 4W26 -----END CERTIFICATE-----Generated at Thu Mar 19 12:28:01 2026 by rpki-client