$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b428aa7c-4279-43c6-818e-46905afe9d3b.roa File: b428aa7c-4279-43c6-818e-46905afe9d3b.roa (raw, json) Hash identifier: lnNvxlZmxlPm7hKP6friU59cBNPPanvGXidA0/eeawk= Subject key identifier: 2A:13:17:12:F4:D7:C5:79:6E:15:9A:11:EB:E6:49:CA:27:5C:F0:4E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 47544538D0740EA40E7195AA44FB4E4E81562DEB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b428aa7c-4279-43c6-818e-46905afe9d3b.roa Signing time: Thu 12 Mar 2026 16:26:55 +0000 ROA not before: Thu 12 Mar 2026 16:26:55 +0000 ROA not after: Wed 10 Jun 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da33:9000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 13:25:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:54:45:38:d0:74:0e:a4:0e:71:95:aa:44:fb:4e:4e:81:56:2d:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 12 16:26:55 2026 GMT Not After : Jun 10 23:59:59 2026 GMT Subject: serialNumber=55b57e2c9a4d202996ba6b5ade745498896d88ebcdbaa3860ef0a354404575f3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:e4:d2:8b:16:d0:07:a5:16:b5:03:86:96:f8: 6d:20:eb:40:f5:09:d0:c4:d5:df:7d:4f:6e:1f:66: c9:de:5c:2c:ba:17:50:51:00:e7:05:d6:60:59:02: a1:9b:e2:36:51:ea:4e:a4:ee:dc:1d:10:0a:fe:e8: f1:37:91:2b:79:af:c1:bb:9c:ce:bd:d7:dd:73:2d: 56:1e:31:12:1e:89:59:24:80:b6:2e:46:d0:6f:67: 33:4d:c2:ec:c8:77:fb:0b:0e:27:09:0f:47:af:86: d8:f1:e1:b3:4b:1b:d3:0a:b8:0b:15:c8:de:41:5f: fc:27:c6:6e:1c:1b:43:4d:f9:0f:47:5d:f7:9c:c9: fb:a9:ed:ed:f6:4c:9c:5a:f4:f4:ad:9b:98:af:37: 41:70:6d:3c:5d:b5:c9:c9:5a:00:b3:b3:23:eb:10: 9c:d6:be:32:e3:05:93:da:bf:8c:6d:a7:a5:79:cf: 86:90:83:6b:0b:c6:7e:8a:5e:69:0a:92:f8:28:82: f6:80:88:bf:9a:30:c4:d2:60:73:94:13:24:64:30: 1b:3c:0b:17:c2:d4:e6:d8:8e:f7:78:ed:83:41:aa: 9e:e4:ce:76:ec:3f:98:51:0a:97:e6:4a:5b:19:64: 1a:32:d3:6e:5a:51:9c:b6:8e:b7:ca:b9:d1:78:77: d6:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:13:17:12:F4:D7:C5:79:6E:15:9A:11:EB:E6:49:CA:27:5C:F0:4E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b428aa7c-4279-43c6-818e-46905afe9d3b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da33:9000::/40 Signature Algorithm: sha256WithRSAEncryption ca:d0:90:b0:38:55:62:27:62:0b:ed:21:df:c6:55:fa:d9:ce: 6b:9a:66:b6:b0:0a:4e:56:aa:2b:d9:55:cf:62:6a:74:c2:ca: 00:19:e5:d1:db:d5:4f:de:67:06:01:ec:de:34:40:46:a1:a4: 9f:eb:7e:0d:ea:40:bf:2a:5a:19:c2:11:4b:0c:bb:56:a6:f6: 04:d4:9a:35:25:3a:ba:89:29:e2:75:8a:33:93:85:52:99:8a: 3e:0e:9b:3b:9c:52:22:f0:87:65:8c:c0:96:ed:b7:85:9e:37: f2:f6:c1:f2:58:2c:36:b0:42:73:36:47:d9:fa:a2:2a:ee:92: 9d:04:b2:05:9b:2a:35:17:72:ca:e8:7b:b4:37:aa:bb:04:b2: b9:08:9c:71:e2:55:47:f9:c3:ac:22:b8:b5:dd:dd:f0:d1:5a: 9f:cc:6c:e1:65:84:4d:01:30:8e:e0:6d:06:31:d3:ab:91:a8: 98:9d:da:5f:f8:24:88:81:95:66:c0:7e:2d:51:ce:d4:6a:2b: 68:81:a2:bf:7f:93:40:f6:96:f6:85:cf:32:60:93:4c:c9:c7: df:bd:cf:fb:28:72:65:e8:21:68:57:f4:3c:c7:ad:6e:9d:ff: 39:2a:48:3a:91:6c:05:b9:bc:cf:7b:59:3f:bb:ab:2d:55:10: 16:a8:33:c2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUR1RFONB0DqQOcZWqRPtOToFWLeswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDMxMjE2MjY1NVoX DTI2MDYxMDIzNTk1OVowejFJMEcGA1UEBRNANTViNTdlMmM5YTRkMjAyOTk2YmE2 YjVhZGU3NDU0OTg4OTZkODhlYmNkYmFhMzg2MGVmMGEzNTQ0MDQ1NzVmMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuTSixbQB6UWtQOGlvhtIOtA9QnQ xNXffU9uH2bJ3lwsuhdQUQDnBdZgWQKhm+I2UepOpO7cHRAK/ujxN5Erea/Bu5zO vdfdcy1WHjESHolZJIC2LkbQb2czTcLsyHf7Cw4nCQ9Hr4bY8eGzSxvTCrgLFcje QV/8J8ZuHBtDTfkPR133nMn7qe3t9kycWvT0rZuYrzdBcG08XbXJyVoAs7Mj6xCc 1r4y4wWT2r+Mbaelec+GkINrC8Z+il5pCpL4KIL2gIi/mjDE0mBzlBMkZDAbPAsX wtTm2I73eO2DQaqe5M527D+YUQqX5kpbGWQaMtNuWlGcto63yrnReHfWnQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCoTFxL018V5bhWaEevmSconXPBOMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I0MjhhYTdjLTQyNzktNDNjNi04MThlLTQ2OTA1YWZlOWQzYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaM5AwDQYJKoZIhvcNAQELBQADggEBAMrQkLA4VWInYgvtId/G VfrZzmuaZrawCk5WqivZVc9ianTCygAZ5dHb1U/eZwYB7N40QEahpJ/rfg3qQL8q WhnCEUsMu1am9gTUmjUlOrqJKeJ1ijOThVKZij4OmzucUiLwh2WMwJbtt4WeN/L2 wfJYLDawQnM2R9n6oirukp0EsgWbKjUXcsroe7Q3qrsEsrkInHHiVUf5w6wiuLXd 3fDRWp/MbOFlhE0BMI7gbQYx06uRqJid2l/4JIiBlWbAfi1RztRqK2iBor9/k0D2 lvaFzzJgk0zJx9+9z/socmXoIWhX9DzHrW6d/zkqSDqRbAW5vM97WT+7qy1VEBao M8I= -----END CERTIFICATE-----Generated at Thu Mar 19 12:27:49 2026 by rpki-client