$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f6c0acde-6391-436e-b3cd-0e9dc63a1f6b.roa File: f6c0acde-6391-436e-b3cd-0e9dc63a1f6b.roa (raw, json) Hash identifier: mce/Q0j5Kmvopx33DswIyow41PXdGnWH3mxSdcFd94o= Subject key identifier: C3:BE:A8:AB:D8:50:84:87:30:F2:59:89:E1:48:84:D1:FE:86:37:3A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0DEB0563F4201AB10907DFF3745041B59C42D3BC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f6c0acde-6391-436e-b3cd-0e9dc63a1f6b.roa Signing time: Thu 12 Mar 2026 16:36:33 +0000 ROA not before: Thu 12 Mar 2026 16:36:33 +0000 ROA not after: Wed 10 Jun 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dae9:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Mar 2026 13:25:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:eb:05:63:f4:20:1a:b1:09:07:df:f3:74:50:41:b5:9c:42:d3:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Mar 12 16:36:33 2026 GMT Not After : Jun 10 23:59:59 2026 GMT Subject: serialNumber=67ec4ba3fcb602e550ce57c6c2d01c51785af292b9d05ae73d0691faa9a4ebbb, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:5f:f6:d4:16:0b:30:3c:3c:06:48:cc:95:43: 13:07:19:f6:0e:68:e1:e2:50:df:90:3d:37:fa:d5: 59:68:fb:2c:e5:fb:0b:e7:bb:fb:0a:cc:c4:23:e3: 7c:79:fd:10:4a:38:02:ec:06:4e:f2:23:2c:3a:8a: 61:44:5e:43:52:fe:cf:54:f1:06:77:ad:fe:a0:f1: 08:bb:c4:c5:50:de:16:b9:fd:04:0b:3e:e4:75:de: 01:b8:11:29:0b:6f:07:fe:cf:76:39:a8:50:fb:21: 81:1d:83:98:4a:8d:09:d5:76:35:85:b4:3a:8e:71: 97:30:46:cd:72:01:2a:8b:3c:8d:4b:6a:b1:d8:69: da:f0:c1:2c:5e:6f:03:dd:44:8c:99:4c:7a:08:0f: 52:ba:89:fe:b3:9f:5c:b5:4b:ba:4d:6b:2f:a3:99: 84:ff:b3:1a:bc:e5:ff:7a:b1:57:68:f9:d3:04:0c: f5:3a:cc:91:1c:81:74:c7:75:ec:6b:e5:e8:36:66: 01:33:e3:40:43:be:b9:79:a1:38:dd:91:5c:7d:cc: 50:2d:b9:d9:8f:7a:b0:7d:0b:3a:9f:0e:ba:95:3f: de:34:27:4c:7f:d3:b1:c7:7e:d6:d7:bd:7e:20:c9: 08:9e:75:fe:ec:7a:70:e4:19:62:37:2e:83:a9:d3: 04:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:BE:A8:AB:D8:50:84:87:30:F2:59:89:E1:48:84:D1:FE:86:37:3A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f6c0acde-6391-436e-b3cd-0e9dc63a1f6b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dae9:e000::/40 Signature Algorithm: sha256WithRSAEncryption 1c:fb:f9:70:13:d2:e7:7e:44:2f:60:00:e3:21:e0:05:d6:64: ad:3d:5b:b1:04:89:c9:5d:80:67:79:c0:7e:85:ea:b5:77:e5: ff:ee:6b:a3:1f:ea:57:28:f5:e3:f2:4a:c2:27:b1:24:ad:8b: a1:43:0e:ef:3c:82:a4:71:3d:5d:0d:59:ee:c4:ca:b7:c4:75: 40:e1:11:3d:28:d1:cb:ee:3e:ff:b0:c0:11:3c:03:5c:88:d5: 9f:2f:a7:ce:b5:7a:2e:3c:c7:ce:2a:c8:09:a4:5b:51:61:d0: ff:69:1c:e1:96:11:8f:f7:91:8b:5e:77:76:d4:ef:c8:70:6b: 69:50:28:b9:10:0d:d8:ec:6d:5d:ee:a1:a4:c5:cc:76:97:db: 8f:4c:57:e7:35:d1:2a:53:c2:70:31:ad:32:16:cf:50:26:54: ca:25:c9:4b:e4:41:4a:1d:30:c9:50:a3:98:49:77:47:7d:81: 35:8f:6b:84:e0:d1:30:c1:d2:12:1e:49:ea:61:49:c3:34:0e: 00:aa:bc:5b:af:29:f0:28:9e:11:2a:50:4c:c5:08:e4:c0:56: 39:e4:40:de:02:cf:4a:97:56:b5:a5:ca:5a:d4:2b:dd:91:98: c1:da:8b:c8:90:8e:34:c9:40:8b:00:ba:a0:35:39:1e:34:0e: 7f:cd:7c:0d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDesFY/QgGrEJB9/zdFBBtZxC07wwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDMxMjE2MzYzM1oX DTI2MDYxMDIzNTk1OVowejFJMEcGA1UEBRNANjdlYzRiYTNmY2I2MDJlNTUwY2U1 N2M2YzJkMDFjNTE3ODVhZjI5MmI5ZDA1YWU3M2QwNjkxZmFhOWE0ZWJiYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArl/21BYLMDw8BkjMlUMTBxn2Dmjh 4lDfkD03+tVZaPss5fsL57v7CszEI+N8ef0QSjgC7AZO8iMsOophRF5DUv7PVPEG d63+oPEIu8TFUN4Wuf0ECz7kdd4BuBEpC28H/s92OahQ+yGBHYOYSo0J1XY1hbQ6 jnGXMEbNcgEqizyNS2qx2Gna8MEsXm8D3USMmUx6CA9Suon+s59ctUu6TWsvo5mE /7MavOX/erFXaPnTBAz1OsyRHIF0x3Xsa+XoNmYBM+NAQ765eaE43ZFcfcxQLbnZ j3qwfQs6nw66lT/eNCdMf9Oxx37W171+IMkInnX+7Hpw5BliNy6DqdMEsQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMO+qKvYUISHMPJZieFIhNH+hjc6MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y2YzBhY2RlLTYzOTEtNDM2ZS1iM2NkLTBlOWRjNjNhMWY2Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba6eAwDQYJKoZIhvcNAQELBQADggEBABz7+XAT0ud+RC9gAOMh 4AXWZK09W7EEicldgGd5wH6F6rV35f/ua6Mf6lco9ePySsInsSSti6FDDu88gqRx PV0NWe7EyrfEdUDhET0o0cvuPv+wwBE8A1yI1Z8vp861ei48x84qyAmkW1Fh0P9p HOGWEY/3kYted3bU78hwa2lQKLkQDdjsbV3uoaTFzHaX249MV+c10SpTwnAxrTIW z1AmVMolyUvkQUodMMlQo5hJd0d9gTWPa4Tg0TDB0hIeSephScM0DgCqvFuvKfAo nhEqUEzFCOTAVjnkQN4Cz0qXVrWlylrUK92RmMHai8iQjjTJQIsAuqA1OR40Dn/N fA0= -----END CERTIFICATE-----Generated at Thu Mar 19 12:28:02 2026 by rpki-client