$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afbe1056-0341-49e6-8523-fbc4dc370520.roa File: afbe1056-0341-49e6-8523-fbc4dc370520.roa (raw, json) Hash identifier: VcklLykPgzbtyETfoAgT2HO0RWQzDsJVUcu4MulnYZY= Subject key identifier: 29:DA:56:2C:61:CE:1F:93:CD:95:FB:5E:CE:99:F9:AD:26:A3:0E:D0 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1FB6940BDA5EB605ECCC74D2218EB0E41BBDD4C6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afbe1056-0341-49e6-8523-fbc4dc370520.roa Signing time: Thu 12 Mar 2026 16:27:43 +0000 ROA not before: Thu 12 Mar 2026 16:27:43 +0000 ROA not after: Wed 10 Jun 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daba:1000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 13:25:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:b6:94:0b:da:5e:b6:05:ec:cc:74:d2:21:8e:b0:e4:1b:bd:d4:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 12 16:27:43 2026 GMT Not After : Jun 10 23:59:59 2026 GMT Subject: serialNumber=9c3079b3506224a21756efe6e6b2cb12476612e6325f9357586ed3a000f46531, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:9d:ee:d0:fd:ac:2a:73:e2:f8:ba:79:2b:da: 0f:22:54:ce:02:20:48:04:c1:3a:ea:77:54:cd:89: 29:f1:21:8a:4d:1f:85:5c:57:2b:ee:d3:37:cd:ff: 64:f3:2b:a8:02:08:0a:fa:6e:fc:3a:88:6b:04:b6: 1a:2f:62:fa:e7:1e:f0:4d:db:03:e2:ea:d0:76:27: dc:93:e2:e5:2c:95:c3:00:30:73:76:88:8e:04:1e: d4:14:b4:d1:05:c6:1a:22:ef:01:de:d6:9a:9a:bb: f3:fc:be:6c:5d:16:94:ae:39:1a:88:7e:07:2c:1b: c2:66:24:e1:56:a4:e3:32:6d:eb:5c:1d:9a:3f:8e: f0:8c:e6:e2:6b:b2:38:2e:2d:8e:2d:7e:54:18:27: 1e:b8:fa:e1:79:d7:78:2a:8b:9c:0e:d0:09:f6:2e: 0e:75:e3:96:22:f3:c7:4a:b9:2a:eb:a2:9d:fd:b6: fc:00:c8:92:bf:ab:d0:9c:53:b5:5c:05:4d:fd:fb: 08:fe:41:f1:52:f2:1e:6e:7b:ce:8a:b8:8d:64:20: da:ab:1b:af:40:f4:e9:64:7c:95:f8:ac:29:e2:ed: b2:20:dc:fd:4e:25:bb:b5:81:dc:ef:0f:27:75:7c: 46:a1:18:a5:1c:c7:a0:3a:72:8b:18:28:f6:cd:60: b6:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:DA:56:2C:61:CE:1F:93:CD:95:FB:5E:CE:99:F9:AD:26:A3:0E:D0 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afbe1056-0341-49e6-8523-fbc4dc370520.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daba:1000::/40 Signature Algorithm: sha256WithRSAEncryption 3f:a3:8e:3f:23:b9:d6:b9:63:b5:5c:ac:f9:f9:57:4c:39:2f: b4:c1:32:4d:97:f9:56:b2:12:c3:c8:94:a2:f7:c3:54:85:11: 0a:ce:bf:0a:af:10:65:b1:b6:d5:c1:7e:46:3a:39:c1:30:7a: 62:16:77:e0:6c:a5:8a:82:c5:49:69:80:62:40:4b:12:ec:08: 89:44:56:58:ad:ed:4d:1f:66:ac:0e:42:52:61:13:40:77:de: 9a:30:63:e7:8b:a8:dd:d9:e4:72:97:37:dc:03:95:f0:3e:3f: 50:3e:5c:80:5d:6d:17:35:85:52:b8:d7:c4:e8:95:10:13:d0: f4:06:6a:bc:6b:65:5d:1d:18:88:32:1c:b6:94:fd:81:e1:50: 9d:12:71:b3:01:1d:21:83:44:4e:7c:0b:db:79:2c:08:3e:86: 6c:15:4f:f7:60:84:74:56:53:9c:31:c8:07:66:a9:65:ed:a9: c7:7b:9a:c1:3b:04:80:7b:33:30:eb:c5:5b:8d:f4:39:59:b5: e0:b3:8c:2a:5d:c3:8d:03:35:39:db:25:32:dd:91:06:5b:00: d7:78:ce:71:83:0a:b4:85:a4:5b:be:57:ea:62:59:e4:4f:52: 0e:72:fb:0f:bd:c7:d0:e1:8c:57:da:d6:6f:52:41:dc:d6:2b: 34:32:78:29 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUH7aUC9petgXszHTSIY6w5Bu91MYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDMxMjE2Mjc0M1oX DTI2MDYxMDIzNTk1OVowejFJMEcGA1UEBRNAOWMzMDc5YjM1MDYyMjRhMjE3NTZl ZmU2ZTZiMmNiMTI0NzY2MTJlNjMyNWY5MzU3NTg2ZWQzYTAwMGY0NjUzMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJ3u0P2sKnPi+Lp5K9oPIlTOAiBI BME66ndUzYkp8SGKTR+FXFcr7tM3zf9k8yuoAggK+m78OohrBLYaL2L65x7wTdsD 4urQdifck+LlLJXDADBzdoiOBB7UFLTRBcYaIu8B3taamrvz/L5sXRaUrjkaiH4H LBvCZiThVqTjMm3rXB2aP47wjObia7I4Li2OLX5UGCceuPrhedd4KoucDtAJ9i4O deOWIvPHSrkq66Kd/bb8AMiSv6vQnFO1XAVN/fsI/kHxUvIebnvOiriNZCDaqxuv QPTpZHyV+Kwp4u2yINz9TiW7tYHc7w8ndXxGoRilHMegOnKLGCj2zWC2FwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCnaVixhzh+TzZX7Xs6Z+a0mow7QMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FmYmUxMDU2LTAzNDEtNDllNi04NTIzLWZiYzRkYzM3MDUyMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauhAwDQYJKoZIhvcNAQELBQADggEBAD+jjj8juda5Y7VcrPn5 V0w5L7TBMk2X+VayEsPIlKL3w1SFEQrOvwqvEGWxttXBfkY6OcEwemIWd+BspYqC xUlpgGJASxLsCIlEVlit7U0fZqwOQlJhE0B33powY+eLqN3Z5HKXN9wDlfA+P1A+ XIBdbRc1hVK418TolRAT0PQGarxrZV0dGIgyHLaU/YHhUJ0ScbMBHSGDRE58C9t5 LAg+hmwVT/dghHRWU5wxyAdmqWXtqcd7msE7BIB7MzDrxVuN9DlZteCzjCpdw40D NTnbJTLdkQZbANd4znGDCrSFpFu+V+piWeRPUg5y+w+9x9DhjFfa1m9SQdzWKzQy eCk= -----END CERTIFICATE-----Generated at Thu Mar 19 12:24:13 2026 by rpki-client