$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c39d9547-dd5a-4a73-afb1-3bdaec66866b.roa File: c39d9547-dd5a-4a73-afb1-3bdaec66866b.roa (raw, json) Hash identifier: nwUnA/hXQaXxt/4LnxXy3XcId2ihkHbjnkd7vFG1bb4= Subject key identifier: 65:A8:4C:2B:D0:C9:E7:B3:60:D9:43:26:EE:92:37:A8:FB:E6:89:F8 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7B3A8D0A4DA98BD341F1CF12FC8C4A1B1A35D677 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c39d9547-dd5a-4a73-afb1-3bdaec66866b.roa Signing time: Thu 12 Mar 2026 16:24:54 +0000 ROA not before: Thu 12 Mar 2026 16:24:54 +0000 ROA not after: Wed 10 Jun 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dae9:7040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 13:25:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:3a:8d:0a:4d:a9:8b:d3:41:f1:cf:12:fc:8c:4a:1b:1a:35:d6:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 12 16:24:54 2026 GMT Not After : Jun 10 23:59:59 2026 GMT Subject: serialNumber=51e185dcb3b148853dc2319c6058529c053a0472fc7d63756df4a931a6e58048, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:a1:4b:cc:1a:c9:36:2c:bd:fc:47:35:a4:f7: 32:fa:e7:f4:b9:64:74:4e:14:6f:8a:86:cd:7f:d6: ac:0a:84:c8:f5:c1:f5:35:a9:8c:54:a3:d7:d6:d0: 4b:e9:a1:4f:58:f1:4f:3a:44:29:a0:3a:61:b8:13: 1a:6f:2f:ca:66:c6:e9:14:d1:04:5e:e3:fa:77:9d: ca:84:6b:68:4f:ff:3c:d6:3c:76:78:2e:eb:a3:ec: 08:24:9e:ab:19:69:43:51:c7:9e:c9:97:2f:5e:a8: 8d:72:89:3b:14:bd:b4:40:a1:59:08:07:c8:68:e1: dc:3c:17:e4:9e:14:54:86:91:fc:70:5e:9d:f0:5d: 80:48:48:36:d2:1e:fd:56:4c:32:33:36:92:3d:b0: 14:65:d6:1e:bc:5b:9b:52:71:39:12:22:07:08:19: 4d:e9:f3:a1:27:4a:e6:e5:4f:7f:ab:21:e0:9f:bb: 03:65:34:20:b9:22:f0:de:a5:0d:ea:9c:16:d5:6d: e8:34:c6:b6:40:d0:cb:6f:45:af:3a:0d:0f:7c:bd: 95:ca:1e:02:93:dd:9c:e9:41:76:5b:bd:62:1c:10: d2:11:fa:ac:62:79:6d:25:64:5c:d1:9c:ab:52:2e: 10:d2:83:96:e9:3a:52:db:d3:d1:6f:16:9a:e2:63: 59:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:A8:4C:2B:D0:C9:E7:B3:60:D9:43:26:EE:92:37:A8:FB:E6:89:F8 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c39d9547-dd5a-4a73-afb1-3bdaec66866b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dae9:7040::/48 Signature Algorithm: sha256WithRSAEncryption 9b:27:63:95:dd:55:28:b4:3c:3e:e2:68:b6:93:7a:a7:36:98: bd:c9:7c:2c:d8:b2:68:b0:ae:43:61:6c:fa:26:d4:23:81:71: b2:d4:21:cb:13:27:6a:6a:67:f4:53:9d:41:78:92:1a:ad:fb: 83:72:b2:f5:c8:bf:41:38:00:0f:b4:29:61:22:36:a0:1d:65: 5c:b4:ff:ad:59:51:09:4d:d0:d9:76:f8:89:f3:e9:bb:d9:4c: 3c:e1:c3:85:f2:8c:9e:ff:fe:6e:06:c7:32:56:b4:4f:cd:86: b6:e4:e7:f8:b9:c5:d8:cf:c2:d3:7e:46:99:c6:3c:61:de:41: 41:a3:0a:0f:1e:4a:7b:10:5f:02:c1:51:22:47:4b:4b:d9:d7: d1:19:b7:f8:97:7c:d3:d1:75:52:4b:e9:54:e2:81:92:6e:68: 5f:6b:4d:05:ce:c5:db:5f:da:df:0f:be:9c:38:1e:99:6e:5c: 49:95:0f:26:4d:df:3b:e3:03:68:b7:a5:a2:46:27:a9:b8:6b: 65:27:8a:f1:84:7c:78:53:d5:80:5b:8e:89:3b:e7:e6:59:99: dd:4c:cd:c6:f4:18:3c:5f:e7:7d:7b:8f:fd:9d:d0:d6:00:5f: 62:89:6f:58:88:f7:9a:6f:c6:5e:f3:b2:f3:63:40:e4:b9:4b: ff:37:67:bf -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUezqNCk2pi9NB8c8S/IxKGxo11ncwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDMxMjE2MjQ1NFoX DTI2MDYxMDIzNTk1OVowejFJMEcGA1UEBRNANTFlMTg1ZGNiM2IxNDg4NTNkYzIz MTljNjA1ODUyOWMwNTNhMDQ3MmZjN2Q2Mzc1NmRmNGE5MzFhNmU1ODA0ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6FLzBrJNiy9/Ec1pPcy+uf0uWR0 ThRviobNf9asCoTI9cH1NamMVKPX1tBL6aFPWPFPOkQpoDphuBMaby/KZsbpFNEE XuP6d53KhGtoT/881jx2eC7ro+wIJJ6rGWlDUceeyZcvXqiNcok7FL20QKFZCAfI aOHcPBfknhRUhpH8cF6d8F2ASEg20h79VkwyMzaSPbAUZdYevFubUnE5EiIHCBlN 6fOhJ0rm5U9/qyHgn7sDZTQguSLw3qUN6pwW1W3oNMa2QNDLb0WvOg0PfL2Vyh4C k92c6UF2W71iHBDSEfqsYnltJWRc0ZyrUi4Q0oOW6TpS29PRbxaa4mNZSwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGWoTCvQyeezYNlDJu6SN6j75on4MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MzOWQ5NTQ3LWRkNWEtNGE3My1hZmIxLTNiZGFlYzY2ODY2Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6XBAMA0GCSqGSIb3DQEBCwUAA4IBAQCbJ2OV3VUotDw+4mi2 k3qnNpi9yXws2LJosK5DYWz6JtQjgXGy1CHLEydqamf0U51BeJIarfuDcrL1yL9B OAAPtClhIjagHWVctP+tWVEJTdDZdviJ8+m72Uw84cOF8oye//5uBscyVrRPzYa2 5Of4ucXYz8LTfkaZxjxh3kFBowoPHkp7EF8CwVEiR0tL2dfRGbf4l3zT0XVSS+lU 4oGSbmhfa00FzsXbX9rfD76cOB6ZblxJlQ8mTd874wNot6WiRiepuGtlJ4rxhHx4 U9WAW46JO+fmWZndTM3G9Bg8X+d9e4/9ndDWAF9iiW9YiPeab8Ze87LzY0DkuUv/ N2e/ -----END CERTIFICATE-----Generated at Thu Mar 19 12:27:58 2026 by rpki-client