$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db480033-32ad-4a4b-b402-07f5d94e4116.roa File: db480033-32ad-4a4b-b402-07f5d94e4116.roa (raw, json) Hash identifier: 9d6dadGVJeBZ0hsxkW7U3gXCAiXH4qeZiz4bGsvczWs= Subject key identifier: B5:E1:5C:E8:CC:D0:94:46:FD:F3:AD:D9:7F:A7:D6:C5:2F:38:16:01 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 63639EBAB9838AB5208A4FBD3D28C4A3F70C82A5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db480033-32ad-4a4b-b402-07f5d94e4116.roa Signing time: Thu 12 Mar 2026 16:26:45 +0000 ROA not before: Thu 12 Mar 2026 16:26:45 +0000 ROA not after: Wed 10 Jun 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dae9:c840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 13:25:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63:63:9e:ba:b9:83:8a:b5:20:8a:4f:bd:3d:28:c4:a3:f7:0c:82:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 12 16:26:45 2026 GMT Not After : Jun 10 23:59:59 2026 GMT Subject: serialNumber=212fb29067210b1c4cb9868038f3a4e57ea6c42a388a22a9bcaff0f5a435bc56, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:f2:da:cd:ae:51:4b:f4:13:5e:c1:07:6c:74: 4a:0a:8e:d4:91:ec:d5:bd:29:c4:19:f0:f1:67:d7: 4e:a6:c1:d2:e0:8e:33:47:50:00:c0:89:b0:b9:0c: 2f:88:79:bb:e4:12:4b:35:7c:9d:75:dd:c7:ee:22: df:02:71:3c:10:98:c0:ab:1f:b3:f6:c1:ac:42:29: a6:2e:7c:1c:52:d5:e0:1f:fe:fe:a2:7c:27:af:0d: ab:ad:07:ff:e6:35:54:72:2a:ee:95:b3:a7:3e:68: 10:40:7e:f4:a2:17:d5:55:f2:53:58:52:67:ee:4b: 21:eb:95:67:0e:fe:1e:32:7f:92:af:c2:6e:5e:48: 0c:83:97:67:eb:6d:9f:a2:f0:50:d9:83:af:e8:21: c7:a7:cc:47:77:8b:81:d8:24:ad:ca:39:99:44:34: 9b:9a:5f:0c:95:aa:01:17:88:97:06:be:6a:e4:b1: b0:57:47:c4:1e:50:60:7f:f5:30:78:b1:29:f2:14: 7d:21:c0:58:95:9c:e4:bd:05:bc:d8:2e:57:a7:93: 82:23:58:ad:02:2b:e0:a3:2b:40:3a:1e:79:ba:23: 8b:55:b6:26:b3:e4:81:42:a2:4c:03:1a:b5:a9:98: 9a:1f:bc:6e:db:55:64:78:46:4b:57:e5:4c:a5:c3: d7:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:E1:5C:E8:CC:D0:94:46:FD:F3:AD:D9:7F:A7:D6:C5:2F:38:16:01 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/db480033-32ad-4a4b-b402-07f5d94e4116.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dae9:c840::/48 Signature Algorithm: sha256WithRSAEncryption a0:d4:23:24:12:39:a9:ed:20:d3:d6:5d:ed:66:3e:8f:1f:dc: 71:0c:d8:97:6d:ca:14:93:99:dc:18:eb:b5:2d:88:db:9f:c7: b6:fb:9e:8d:82:4b:50:f6:c2:4a:96:72:a9:be:34:20:5f:9e: a9:0b:9a:a0:d2:3e:fa:d2:b2:68:66:8d:cc:c7:ef:d6:a7:25: 99:10:d5:89:e4:dd:f0:41:c1:66:d5:d7:87:fe:a3:33:f2:3b: c6:bd:d8:c3:e9:54:39:35:f6:48:08:46:a4:6d:68:08:a9:b9: 77:73:28:af:06:2b:6e:8f:11:5f:54:ab:b2:3e:ab:63:e4:4a: 80:c1:f8:90:3a:c1:dd:03:5e:5f:d6:5e:bd:4c:7d:d3:4f:3e: fd:62:42:a1:78:cc:e3:de:ad:5e:e3:19:00:52:c6:62:f5:a3: 5a:dc:88:2c:67:2a:32:e6:51:4f:b3:77:f2:8c:8f:67:26:fd: a1:75:48:53:b7:17:36:29:a1:7d:9a:0c:5b:b0:17:20:5c:d0: 92:7c:a7:42:00:86:94:8f:0b:ca:c8:0f:2c:60:d8:92:a5:ca: de:27:98:62:36:99:36:31:56:21:ce:5f:dc:0c:1c:0e:0b:d4: 95:72:9b:74:e1:ca:f0:cf:fa:d3:92:b0:4e:9d:f4:11:c2:83: 20:f6:29:8a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUY2OeurmDirUgik+9PSjEo/cMgqUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDMxMjE2MjY0NVoX DTI2MDYxMDIzNTk1OVowejFJMEcGA1UEBRNAMjEyZmIyOTA2NzIxMGIxYzRjYjk4 NjgwMzhmM2E0ZTU3ZWE2YzQyYTM4OGEyMmE5YmNhZmYwZjVhNDM1YmM1NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvLaza5RS/QTXsEHbHRKCo7UkezV vSnEGfDxZ9dOpsHS4I4zR1AAwImwuQwviHm75BJLNXyddd3H7iLfAnE8EJjAqx+z 9sGsQimmLnwcUtXgH/7+onwnrw2rrQf/5jVUcirulbOnPmgQQH70ohfVVfJTWFJn 7ksh65VnDv4eMn+Sr8JuXkgMg5dn622fovBQ2YOv6CHHp8xHd4uB2CStyjmZRDSb ml8MlaoBF4iXBr5q5LGwV0fEHlBgf/UweLEp8hR9IcBYlZzkvQW82C5Xp5OCI1it AivgoytAOh55uiOLVbYms+SBQqJMAxq1qZiaH7xu21VkeEZLV+VMpcPX3wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLXhXOjM0JRG/fOt2X+n1sUvOBYBMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RiNDgwMDMzLTMyYWQtNGE0Yi1iNDAyLTA3ZjVkOTRlNDExNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6chAMA0GCSqGSIb3DQEBCwUAA4IBAQCg1CMkEjmp7SDT1l3t Zj6PH9xxDNiXbcoUk5ncGOu1LYjbn8e2+56NgktQ9sJKlnKpvjQgX56pC5qg0j76 0rJoZo3Mx+/WpyWZENWJ5N3wQcFm1deH/qMz8jvGvdjD6VQ5NfZICEakbWgIqbl3 cyivBitujxFfVKuyPqtj5EqAwfiQOsHdA15f1l69TH3TTz79YkKheMzj3q1e4xkA UsZi9aNa3IgsZyoy5lFPs3fyjI9nJv2hdUhTtxc2KaF9mgxbsBcgXNCSfKdCAIaU jwvKyA8sYNiSpcreJ5hiNpk2MVYhzl/cDBwOC9SVcpt04crwz/rTkrBOnfQRwoMg 9imK -----END CERTIFICATE-----Generated at Thu Mar 19 12:27:59 2026 by rpki-client