$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d0dab319-1497-4989-924e-dd19e3fe7519.roa File: d0dab319-1497-4989-924e-dd19e3fe7519.roa (raw, json) Hash identifier: t6fBKpFzpmRWrW1e0HTljJYc4DA7N8i/m7fdFKnuaVo= Subject key identifier: 71:73:72:67:5A:40:70:20:85:B4:79:56:20:1B:0E:7B:A8:2E:47:CD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3E149A75BA2B1899055848FA6DF26D615B52A5E5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d0dab319-1497-4989-924e-dd19e3fe7519.roa Signing time: Thu 12 Mar 2026 16:23:28 +0000 ROA not before: Thu 12 Mar 2026 16:23:28 +0000 ROA not after: Wed 10 Jun 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daba:c840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 13:25:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:14:9a:75:ba:2b:18:99:05:58:48:fa:6d:f2:6d:61:5b:52:a5:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 12 16:23:28 2026 GMT Not After : Jun 10 23:59:59 2026 GMT Subject: serialNumber=531ada7d1fe53a24f1095426272aa728715ebb300e6e00a99c772b496ff1a490, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:4a:73:63:dd:da:3e:bb:96:95:95:6a:4a:4b: 8a:33:49:cb:ac:08:54:33:9a:77:62:21:cb:ab:6e: 66:7d:50:f5:de:27:26:74:dd:9d:80:14:d4:4e:d5: 1d:a2:ee:f1:fd:16:8f:a3:0d:90:e1:d2:5b:64:55: ae:85:05:17:8e:8c:0c:3e:b3:00:6d:12:4c:74:8e: 23:88:76:63:25:b4:99:1c:89:80:df:d3:ad:cf:80: 49:d1:49:7c:ed:04:d6:56:7a:7a:f3:b0:d9:f0:d0: 72:9e:dd:c5:95:de:4a:37:eb:34:05:47:26:be:ff: 91:76:e6:c0:a8:00:31:d6:1d:42:39:7f:5b:6e:13: a1:92:bd:6e:fa:2d:1d:37:43:cc:82:ec:96:ac:54: 8a:da:85:a0:77:c7:98:5c:f6:b1:97:9a:0a:22:60: dd:1e:76:99:5b:2e:ac:37:37:61:97:a0:2f:00:76: 18:5f:04:db:e6:5d:78:db:22:23:dd:15:4f:fb:0e: ae:c9:7f:95:26:11:23:7a:de:1e:58:5f:e9:6f:8b: 7f:30:2a:c7:83:ae:b7:f0:de:16:16:7b:da:32:21: 85:52:5a:0c:77:97:93:bc:f4:84:95:26:e9:ac:81: 56:ed:e6:30:d6:76:74:9a:06:97:31:7c:d2:20:16: fa:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:73:72:67:5A:40:70:20:85:B4:79:56:20:1B:0E:7B:A8:2E:47:CD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d0dab319-1497-4989-924e-dd19e3fe7519.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daba:c840::/48 Signature Algorithm: sha256WithRSAEncryption 09:f5:48:c2:e6:7d:63:63:a6:f4:1f:49:c3:3a:44:57:4a:95: 32:6e:b6:43:26:e3:6e:ef:b4:c0:b6:e0:14:96:b3:c5:d9:d2: 56:dc:f7:d1:c8:42:06:05:27:00:d6:f5:45:e3:62:49:58:45: e9:b8:76:93:80:33:4a:94:31:67:5d:60:93:e9:23:c9:80:aa: a9:9b:97:85:4f:6e:2c:3f:66:ed:b4:cc:11:27:76:92:43:de: 4a:e8:e0:da:e1:a0:9e:0e:a8:f5:20:c9:1d:c4:54:7c:26:3d: 27:07:bd:05:81:81:65:4c:c0:f5:35:b9:86:cf:9b:c8:a7:8f: ef:ed:57:92:d6:51:3c:13:10:93:0e:ec:73:71:42:df:08:db: b2:8c:7f:0d:42:a4:91:94:2e:e0:9a:4c:f4:05:64:30:b0:bd: 40:09:f0:c2:3a:e3:9f:16:30:5a:08:77:f6:b8:9a:e3:ec:33: d6:38:81:d9:a0:30:e2:2c:a5:dc:1c:e8:68:28:7a:12:74:54: 32:c9:72:47:49:7a:c7:7f:74:1c:d9:75:3f:fb:be:fb:e2:2e: b0:a4:83:66:31:4f:8e:bd:b8:88:5c:3d:eb:7c:9e:30:a1:fe: 8a:74:35:a7:c5:c0:56:0d:f7:f7:26:b9:c6:a4:e4:c0:94:6b: d6:80:11:12 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUPhSadborGJkFWEj6bfJtYVtSpeUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDMxMjE2MjMyOFoX DTI2MDYxMDIzNTk1OVowejFJMEcGA1UEBRNANTMxYWRhN2QxZmU1M2EyNGYxMDk1 NDI2MjcyYWE3Mjg3MTVlYmIzMDBlNmUwMGE5OWM3NzJiNDk2ZmYxYTQ5MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0pzY93aPruWlZVqSkuKM0nLrAhU M5p3YiHLq25mfVD13icmdN2dgBTUTtUdou7x/RaPow2Q4dJbZFWuhQUXjowMPrMA bRJMdI4jiHZjJbSZHImA39Otz4BJ0Ul87QTWVnp687DZ8NBynt3Fld5KN+s0BUcm vv+RdubAqAAx1h1COX9bbhOhkr1u+i0dN0PMguyWrFSK2oWgd8eYXPaxl5oKImDd HnaZWy6sNzdhl6AvAHYYXwTb5l142yIj3RVP+w6uyX+VJhEjet4eWF/pb4t/MCrH g6638N4WFnvaMiGFUloMd5eTvPSElSbprIFW7eYw1nZ0mgaXMXzSIBb6EQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFHFzcmdaQHAghbR5ViAbDnuoLkfNMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QwZGFiMzE5LTE0OTctNDk4OS05MjRlLWRkMTllM2ZlNzUxOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaushAMA0GCSqGSIb3DQEBCwUAA4IBAQAJ9UjC5n1jY6b0H0nD OkRXSpUybrZDJuNu77TAtuAUlrPF2dJW3PfRyEIGBScA1vVF42JJWEXpuHaTgDNK lDFnXWCT6SPJgKqpm5eFT24sP2bttMwRJ3aSQ95K6ODa4aCeDqj1IMkdxFR8Jj0n B70FgYFlTMD1NbmGz5vIp4/v7VeS1lE8ExCTDuxzcULfCNuyjH8NQqSRlC7gmkz0 BWQwsL1ACfDCOuOfFjBaCHf2uJrj7DPWOIHZoDDiLKXcHOhoKHoSdFQyyXJHSXrH f3Qc2XU/+7774i6wpINmMU+OvbiIXD3rfJ4wof6KdDWnxcBWDff3JrnGpOTAlGvW gBES -----END CERTIFICATE-----Generated at Thu Mar 19 12:27:54 2026 by rpki-client