$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f4dd3582-5d36-4e1a-a292-3fb2bab21519.roa File: f4dd3582-5d36-4e1a-a292-3fb2bab21519.roa (raw, json) Hash identifier: hyUSqzBUh8Dpm3haehgaY4nbo3wi6vV45iaLUcqggC4= Subject key identifier: 7A:D4:4D:00:B3:0F:76:78:92:86:5F:D0:3A:BD:D5:57:1E:1F:97:B9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3E9C654D5E649DF0A3844AE0894775D9D4A0FE84 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f4dd3582-5d36-4e1a-a292-3fb2bab21519.roa Signing time: Thu 12 Mar 2026 16:21:47 +0000 ROA not before: Thu 12 Mar 2026 16:21:47 +0000 ROA not after: Wed 10 Jun 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daba:4880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 13:25:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:9c:65:4d:5e:64:9d:f0:a3:84:4a:e0:89:47:75:d9:d4:a0:fe:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 12 16:21:47 2026 GMT Not After : Jun 10 23:59:59 2026 GMT Subject: serialNumber=14191e7e262acfbafd5f1f04ad4dc5626e160b6b198df948903a935a369c77f2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:82:d7:5d:48:56:71:32:6a:f8:c9:f6:10:cb: ad:7b:38:d9:47:98:04:68:44:16:44:17:01:b9:e3: 56:c3:0c:f6:21:b1:ca:b8:e9:0e:53:8f:19:af:e4: 77:29:14:55:31:80:5e:35:19:7e:78:d7:2f:9c:a2: f7:d4:3b:68:53:6d:44:c2:2f:0d:b4:43:85:bb:22: b8:e1:f3:20:f1:41:e7:6b:c1:ae:32:5d:e4:a2:a2: bf:cb:83:a7:2f:8b:bb:c0:b1:4a:f7:23:cc:05:11: b9:f4:1b:13:df:ff:38:a6:90:95:99:35:4d:b6:b8: 70:c3:93:9c:92:42:8d:d4:de:99:cd:88:6f:3f:54: 25:f8:b0:b4:94:57:1f:b4:34:50:bb:c3:cf:1f:a0: a2:28:2f:5d:9a:c6:24:bf:ab:9c:37:2e:3f:c5:52: 06:73:23:5d:af:c5:7e:0d:9a:ec:bf:f6:40:09:ca: 25:c1:f6:f2:dd:4f:36:81:3b:dc:cf:69:a5:91:f6: bd:37:4f:25:06:84:c9:29:d1:20:53:6e:ee:db:a3: 0e:c7:23:07:30:6d:3a:3c:22:54:4c:cf:88:35:84: 29:78:88:89:30:ec:25:04:fe:c2:9b:63:c0:a7:e7: 6e:4d:27:e7:dd:1c:86:98:7f:08:32:35:06:52:0c: ef:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:D4:4D:00:B3:0F:76:78:92:86:5F:D0:3A:BD:D5:57:1E:1F:97:B9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f4dd3582-5d36-4e1a-a292-3fb2bab21519.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daba:4880::/48 Signature Algorithm: sha256WithRSAEncryption bc:53:89:33:ca:a0:d4:1c:71:1a:ac:68:61:ee:b6:eb:4e:7f: 24:c9:df:f9:c2:bf:ef:22:d3:ae:4e:2d:0a:b1:cf:07:8f:b3: a0:62:93:89:73:5f:c9:2a:5f:fb:81:e4:02:0e:d8:58:18:f1: 3e:d2:a0:b8:3b:28:0f:cb:6f:94:32:93:ed:ae:8c:7d:20:68: 55:f1:63:40:17:f3:d5:3c:f7:87:51:fd:1d:60:9c:37:5a:66: c7:f6:75:1d:14:8a:a4:07:7e:16:27:9d:ca:74:af:8b:e9:1e: 04:ce:2b:d7:28:2a:bb:1d:e3:5d:5a:d9:d0:6a:5f:17:40:a3: 35:89:60:45:df:d3:1d:9d:9a:d9:3c:96:09:d8:01:41:4b:52: 21:23:a0:34:35:7e:b3:a5:87:ce:78:b0:2d:f5:d9:10:c6:fc: 0c:3f:da:76:4f:24:ed:cb:5e:74:dc:54:1c:a9:4e:58:80:01: 67:03:cd:64:b9:d9:ea:d0:aa:4c:f1:6d:0e:ec:0a:33:8e:85: f4:da:fb:ba:5e:84:a2:57:ed:be:0f:48:28:fe:48:5a:9c:25: 03:c7:b3:76:e1:62:b0:03:2a:84:dd:dd:58:37:87:ca:43:c6: 34:55:13:1c:5b:94:9f:3a:1c:79:70:d7:09:da:8f:3f:b6:00: 27:a4:d2:62 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUPpxlTV5knfCjhErgiUd12dSg/oQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDMxMjE2MjE0N1oX DTI2MDYxMDIzNTk1OVowejFJMEcGA1UEBRNAMTQxOTFlN2UyNjJhY2ZiYWZkNWYx ZjA0YWQ0ZGM1NjI2ZTE2MGI2YjE5OGRmOTQ4OTAzYTkzNWEzNjljNzdmMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYLXXUhWcTJq+Mn2EMutezjZR5gE aEQWRBcBueNWwwz2IbHKuOkOU48Zr+R3KRRVMYBeNRl+eNcvnKL31DtoU21Ewi8N tEOFuyK44fMg8UHna8GuMl3koqK/y4OnL4u7wLFK9yPMBRG59BsT3/84ppCVmTVN trhww5OckkKN1N6ZzYhvP1Ql+LC0lFcftDRQu8PPH6CiKC9dmsYkv6ucNy4/xVIG cyNdr8V+DZrsv/ZACcolwfby3U82gTvcz2mlkfa9N08lBoTJKdEgU27u26MOxyMH MG06PCJUTM+INYQpeIiJMOwlBP7Cm2PAp+duTSfn3RyGmH8IMjUGUgzvfwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFHrUTQCzD3Z4koZf0Dq91VceH5e5MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y0ZGQzNTgyLTVkMzYtNGUxYS1hMjkyLTNmYjJiYWIyMTUxOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaukiAMA0GCSqGSIb3DQEBCwUAA4IBAQC8U4kzyqDUHHEarGhh 7rbrTn8kyd/5wr/vItOuTi0Ksc8Hj7OgYpOJc1/JKl/7geQCDthYGPE+0qC4OygP y2+UMpPtrox9IGhV8WNAF/PVPPeHUf0dYJw3WmbH9nUdFIqkB34WJ53KdK+L6R4E zivXKCq7HeNdWtnQal8XQKM1iWBF39MdnZrZPJYJ2AFBS1IhI6A0NX6zpYfOeLAt 9dkQxvwMP9p2TyTty1503FQcqU5YgAFnA81kudnq0KpM8W0O7AozjoX02vu6XoSi V+2+D0go/khanCUDx7N24WKwAyqE3d1YN4fKQ8Y0VRMcW5SfOhx5cNcJ2o8/tgAn pNJi -----END CERTIFICATE-----Generated at Thu Mar 19 12:28:06 2026 by rpki-client