$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d5f74125-db8b-4584-80cb-ea57db1765ad.roa File: d5f74125-db8b-4584-80cb-ea57db1765ad.roa (raw, json) Hash identifier: GFYAmOycdz0iyG2/UwBrsj8eIQ9SgKwDrxuwvEoTHDM= Subject key identifier: 58:CC:27:E3:3D:04:4F:C9:B5:62:3C:0F:98:41:4B:68:17:06:86:EA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0CB4B484FF2C75F810A721D75A09679A46E2409F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d5f74125-db8b-4584-80cb-ea57db1765ad.roa Signing time: Thu 12 Mar 2026 16:26:45 +0000 ROA not before: Thu 12 Mar 2026 16:26:45 +0000 ROA not after: Wed 10 Jun 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dae9:c0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 13:25:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:b4:b4:84:ff:2c:75:f8:10:a7:21:d7:5a:09:67:9a:46:e2:40:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 12 16:26:45 2026 GMT Not After : Jun 10 23:59:59 2026 GMT Subject: serialNumber=48da0cbd9be34fed64c1e488a2a84b5afb69df680de75d377b08315b14f822de, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:70:53:03:cc:24:ad:52:7d:3e:6c:7e:dd:4c: f8:e1:d9:2b:83:6c:2e:d6:71:c1:8b:e2:e6:f5:40: 83:41:12:11:1d:3c:25:8f:f9:ba:58:b9:2f:76:d6: 3e:12:c7:17:ca:f8:04:32:34:29:41:eb:81:33:08: 7b:83:7e:a9:54:78:05:7e:8f:ba:d1:5d:d7:96:08: dd:d4:25:c2:88:f8:1e:6f:6c:40:6c:1d:21:59:2c: c8:74:e3:74:d7:21:57:87:7a:47:cd:3c:f2:79:f0: 95:4f:38:d1:2c:a2:bb:2d:13:38:e0:bf:eb:93:2f: b5:af:fa:06:c6:29:8e:c1:a8:39:99:7f:13:87:0a: 2b:1c:04:bd:e3:70:e8:d7:f8:ed:b3:d7:55:bb:73: 67:95:63:37:b4:9f:2c:ce:e3:7f:33:66:f0:03:ed: e2:9c:35:b7:dd:c0:fc:a5:86:fb:b8:4e:5a:4d:b8: 45:61:cc:90:63:37:25:6d:20:2d:8e:44:d1:b3:07: 59:25:0c:34:da:4a:46:32:97:a7:0f:92:1b:61:2c: c7:4f:c9:5a:7a:75:fd:9b:c9:e8:d6:1b:b8:cb:fa: 67:d1:6c:d9:3c:6d:a6:c4:63:5b:e0:d5:65:a6:5a: 36:9a:ea:71:79:22:e6:42:b8:9e:69:6a:ca:61:19: 1b:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:CC:27:E3:3D:04:4F:C9:B5:62:3C:0F:98:41:4B:68:17:06:86:EA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d5f74125-db8b-4584-80cb-ea57db1765ad.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dae9:c0c0::/48 Signature Algorithm: sha256WithRSAEncryption 06:00:4b:70:08:61:74:1f:0e:00:3c:f5:0f:d9:c1:7b:b4:e2: 8b:d0:8b:7e:92:4b:10:0a:35:f8:00:bd:bf:5c:5b:11:45:d7: 07:ff:8d:89:c7:15:92:2f:5c:2f:ac:33:22:f8:c4:ff:cc:98: 90:96:24:a7:04:18:d8:be:0c:49:6b:1b:32:27:6a:2a:8e:78: 36:12:c4:34:dd:04:fb:d5:d8:f1:ed:8e:8d:51:8f:5c:81:b4: e7:f6:b2:e7:b7:11:a6:53:72:32:11:ea:68:e9:95:6b:00:13: c4:ef:0b:a6:b6:6e:23:50:de:b6:ab:1c:72:d5:27:26:df:f1: 75:28:d4:56:55:55:5e:c3:59:c0:51:75:ae:93:a9:01:fc:04: f8:f8:c0:91:35:ae:1e:10:bf:a3:da:24:34:7d:5b:f7:ee:fb: 89:1f:b2:f1:c2:6a:a3:fe:f4:3e:90:e0:f6:0d:3b:92:90:75: 2c:c2:20:50:65:77:6a:ce:d1:b6:45:62:55:07:b7:33:33:19: 9c:25:e6:cb:5f:2a:60:f7:c7:69:6a:7c:72:b8:48:d3:5a:6a: b8:b1:80:aa:df:b9:dc:7e:a7:34:9c:ba:e6:a2:86:71:80:9b: 6f:1e:9a:a5:ef:9f:48:79:94:ab:c5:80:73:62:4a:53:9d:22: 22:e6:03:3e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUDLS0hP8sdfgQpyHXWglnmkbiQJ8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDMxMjE2MjY0NVoX DTI2MDYxMDIzNTk1OVowejFJMEcGA1UEBRNANDhkYTBjYmQ5YmUzNGZlZDY0YzFl NDg4YTJhODRiNWFmYjY5ZGY2ODBkZTc1ZDM3N2IwODMxNWIxNGY4MjJkZTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA53BTA8wkrVJ9Pmx+3Uz44dkrg2wu 1nHBi+Lm9UCDQRIRHTwlj/m6WLkvdtY+EscXyvgEMjQpQeuBMwh7g36pVHgFfo+6 0V3Xlgjd1CXCiPgeb2xAbB0hWSzIdON01yFXh3pHzTzyefCVTzjRLKK7LRM44L/r ky+1r/oGximOwag5mX8ThworHAS943Do1/jts9dVu3NnlWM3tJ8szuN/M2bwA+3i nDW33cD8pYb7uE5aTbhFYcyQYzclbSAtjkTRswdZJQw02kpGMpenD5IbYSzHT8la enX9m8no1hu4y/pn0WzZPG2mxGNb4NVlplo2mupxeSLmQrieaWrKYRkblwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFFjMJ+M9BE/JtWI8D5hBS2gXBobqMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q1Zjc0MTI1LWRiOGItNDU4NC04MGNiLWVhNTdkYjE3NjVhZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6cDAMA0GCSqGSIb3DQEBCwUAA4IBAQAGAEtwCGF0Hw4APPUP 2cF7tOKL0It+kksQCjX4AL2/XFsRRdcH/42JxxWSL1wvrDMi+MT/zJiQliSnBBjY vgxJaxsyJ2oqjng2EsQ03QT71djx7Y6NUY9cgbTn9rLntxGmU3IyEepo6ZVrABPE 7wumtm4jUN62qxxy1Scm3/F1KNRWVVVew1nAUXWuk6kB/AT4+MCRNa4eEL+j2iQ0 fVv37vuJH7Lxwmqj/vQ+kOD2DTuSkHUswiBQZXdqztG2RWJVB7czMxmcJebLXypg 98dpanxyuEjTWmq4sYCq37ncfqc0nLrmooZxgJtvHpql759IeZSrxYBzYkpTnSIi 5gM+ -----END CERTIFICATE-----Generated at Thu Mar 19 12:28:01 2026 by rpki-client