$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b577ca53-5cf9-4c87-99d1-58a15f0a438c.roa File: b577ca53-5cf9-4c87-99d1-58a15f0a438c.roa (raw, json) Hash identifier: 2Pyj8kNr6ur4zIFM7unB7BvB8TeitQjRUDYIpsnoVbo= Subject key identifier: 8A:C1:B7:E3:4F:5F:1C:AA:6E:57:09:BC:5A:6C:D4:40:3B:D4:A5:1C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 76FD00905457116F0D4637A1D9995DEBFBD96A51 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b577ca53-5cf9-4c87-99d1-58a15f0a438c.roa Signing time: Mon 09 Mar 2026 13:21:41 +0000 ROA not before: Mon 09 Mar 2026 13:21:41 +0000 ROA not after: Sun 07 Jun 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafe::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 13:25:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76:fd:00:90:54:57:11:6f:0d:46:37:a1:d9:99:5d:eb:fb:d9:6a:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 9 13:21:41 2026 GMT Not After : Jun 7 23:59:59 2026 GMT Subject: serialNumber=b21ffb3c33fa646beeac1cb216b6ce17389960bbd5c51fa619a47e6e762eea40, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:62:c8:22:b8:de:1b:f3:6a:29:96:4f:ca:66: a3:3e:39:ee:97:1e:47:2b:03:96:fb:34:ea:49:24: 65:74:26:b6:a1:8e:2f:90:d4:18:74:45:0a:4f:09: c6:c7:e4:ff:b9:55:1c:36:7f:fb:ad:57:4b:d8:1a: bb:64:86:0d:53:e6:db:76:f4:a5:b2:c1:ab:e9:1b: c4:a1:c3:23:6b:22:57:20:d6:de:cd:3c:77:3f:2a: fe:50:f1:a0:9c:27:8a:4c:72:ee:78:3e:21:f3:e1: 06:50:ba:82:e2:52:7b:48:1c:7d:f9:69:af:99:72: 60:7d:ed:cd:9e:90:37:83:91:76:fe:05:8f:bb:ac: 23:f4:f8:95:7e:15:30:1e:97:ff:5e:fc:c4:44:7c: e4:7f:28:4c:ac:26:bf:24:da:95:12:0a:82:92:5b: 8e:90:7b:b6:6d:3c:6d:32:ab:0f:6f:d3:1e:00:d0: 37:53:04:b1:3d:b0:9b:48:27:54:c8:fc:71:55:b7: f1:e9:09:18:cf:f9:f1:f7:fb:cf:49:29:89:7a:4a: 7b:01:b1:89:d2:e6:0d:a3:94:0c:1a:3e:0e:1b:31: 1f:d9:9a:e4:b9:aa:d2:50:ba:fb:74:e1:10:ac:7d: f1:c3:72:1c:90:bc:18:b5:12:d8:0a:aa:8f:ac:ee: f1:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:C1:B7:E3:4F:5F:1C:AA:6E:57:09:BC:5A:6C:D4:40:3B:D4:A5:1C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b577ca53-5cf9-4c87-99d1-58a15f0a438c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafe::/32 Signature Algorithm: sha256WithRSAEncryption 8e:3f:2c:f9:c4:4c:85:65:98:bd:77:a7:82:14:5a:dd:d4:07: 83:60:38:0d:b3:be:cc:f6:fc:1d:6c:3c:f9:13:28:dc:18:e7: c6:ad:52:8c:da:d0:20:22:9d:3d:a3:b3:d3:f6:dd:79:fe:2a: 6c:20:b5:43:e8:bb:fb:61:91:4a:e8:04:eb:15:ad:12:27:a3: 45:ae:6d:84:13:7b:51:f2:40:c1:95:2d:46:c4:f2:95:f6:66: 32:69:3c:e5:cc:68:63:d9:55:67:5e:5a:84:0e:d0:f8:43:ad: 49:30:42:36:4a:09:a3:db:6b:96:81:ed:61:bf:26:66:83:ac: 92:ee:f9:14:71:cb:3b:98:ec:d7:06:77:74:42:93:cd:37:f0: 30:56:8a:f0:06:36:1f:fd:5f:10:26:24:6b:28:e3:00:bd:dd: 3b:14:ad:df:5a:c3:60:6d:4f:9f:05:b0:21:4e:c5:b0:8d:62: 39:15:ef:70:b2:7c:cc:45:02:d3:be:15:0f:92:3a:dd:17:2e: ef:be:a3:18:9a:a3:95:bf:69:98:67:16:1f:4b:e3:20:75:e3: 7c:04:92:28:35:9d:1f:1d:e7:68:63:10:52:41:14:18:ee:3a: 55:c4:95:7c:6a:fc:31:8c:fd:93:cc:69:85:e7:de:14:09:32: 87:50:ed:fa -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUdv0AkFRXEW8NRjeh2Zld6/vZalEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDMwOTEzMjE0MVoX DTI2MDYwNzIzNTk1OVowejFJMEcGA1UEBRNAYjIxZmZiM2MzM2ZhNjQ2YmVlYWMx Y2IyMTZiNmNlMTczODk5NjBiYmQ1YzUxZmE2MTlhNDdlNmU3NjJlZWE0MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGLIIrjeG/NqKZZPymajPjnulx5H KwOW+zTqSSRldCa2oY4vkNQYdEUKTwnGx+T/uVUcNn/7rVdL2Bq7ZIYNU+bbdvSl ssGr6RvEocMjayJXINbezTx3Pyr+UPGgnCeKTHLueD4h8+EGULqC4lJ7SBx9+Wmv mXJgfe3NnpA3g5F2/gWPu6wj9PiVfhUwHpf/XvzERHzkfyhMrCa/JNqVEgqCkluO kHu2bTxtMqsPb9MeANA3UwSxPbCbSCdUyPxxVbfx6QkYz/nx9/vPSSmJekp7AbGJ 0uYNo5QMGj4OGzEf2ZrkuarSULr7dOEQrH3xw3IckLwYtRLYCqqPrO7xKwIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFIrBt+NPXxyqblcJvFps1EA71KUcMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I1NzdjYTUzLTVjZjktNGM4Ny05OWQxLTU4YTE1ZjBhNDM4Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAba/jANBgkqhkiG9w0BAQsFAAOCAQEAjj8s+cRMhWWYvXenghRa 3dQHg2A4DbO+zPb8HWw8+RMo3Bjnxq1SjNrQICKdPaOz0/bdef4qbCC1Q+i7+2GR SugE6xWtEiejRa5thBN7UfJAwZUtRsTylfZmMmk85cxoY9lVZ15ahA7Q+EOtSTBC NkoJo9trloHtYb8mZoOsku75FHHLO5js1wZ3dEKTzTfwMFaK8AY2H/1fECYkayjj AL3dOxSt31rDYG1PnwWwIU7FsI1iORXvcLJ8zEUC074VD5I63Rcu776jGJqjlb9p mGcWH0vjIHXjfASSKDWdHx3naGMQUkEUGO46VcSVfGr8MYz9k8xphefeFAkyh1Dt +g== -----END CERTIFICATE-----Generated at Thu Mar 19 12:28:03 2026 by rpki-client