$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/036dddcb-4f0b-406f-9899-f83b4c0da917.roa File: 036dddcb-4f0b-406f-9899-f83b4c0da917.roa (raw, json) Hash identifier: bN5MXmKK+M0bj9PBkqL0P8Or4ryrg+Wfnfh8vnkvZ1o= Subject key identifier: D7:DC:66:41:34:68:84:EF:27:56:EE:A4:A6:AA:0A:5C:78:EC:99:13 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4D4520C06BC8DF6FCD39DCB72A287D8B568B45E1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/036dddcb-4f0b-406f-9899-f83b4c0da917.roa Signing time: Mon 11 May 2026 00:10:48 +0000 ROA not before: Mon 11 May 2026 00:10:48 +0000 ROA not after: Sun 09 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:7080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:45:20:c0:6b:c8:df:6f:cd:39:dc:b7:2a:28:7d:8b:56:8b:45:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 11 00:10:48 2026 GMT Not After : Aug 9 23:59:59 2026 GMT Subject: serialNumber=c7a317cbc51174135f13c8d664b732fe027b5f29c3bb8d30c353cbbe3e9a6331, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:b7:47:51:48:3c:8b:f9:7c:c3:a2:1f:9d:16: 83:0a:ef:95:74:53:3a:e2:d2:93:26:23:59:41:b8: 9d:5d:17:de:06:22:90:e4:40:39:ef:f8:e6:b2:1b: c3:ac:d8:13:b3:18:9f:ad:fb:b4:f7:61:10:ef:9f: 03:b0:20:fd:7e:ba:e5:de:26:1a:f5:90:8c:76:99: 1a:58:23:6a:cb:42:cb:ea:e4:aa:d6:f3:6d:ee:2c: 49:a6:fa:bf:73:aa:e0:4e:1f:29:94:f4:64:c9:3e: fe:52:79:00:7a:3f:8b:c1:0d:66:3a:0a:dd:54:ce: 8e:7f:d1:5d:2a:89:fa:64:36:dc:ac:61:80:8f:0b: bd:20:f9:fb:bd:e0:db:4c:85:15:32:01:d3:22:5b: e3:56:02:83:0a:f6:c8:3a:3d:65:7e:69:74:30:be: 0c:47:99:1f:37:6b:eb:2e:ad:ad:c7:f2:55:61:69: 70:c5:16:a7:78:c9:7e:a1:f5:3b:29:ae:cc:a2:9b: 55:46:05:f8:1f:2b:86:c3:05:39:82:10:5c:46:0a: 27:dd:cb:fe:01:c9:a9:0a:6e:34:92:8b:18:8a:98: cf:c9:ca:b1:69:79:9a:3c:63:d9:c7:47:5c:db:7a: f8:b6:15:09:2e:e0:0f:35:8f:b9:35:35:4b:d6:4a: 63:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:DC:66:41:34:68:84:EF:27:56:EE:A4:A6:AA:0A:5C:78:EC:99:13 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/036dddcb-4f0b-406f-9899-f83b4c0da917.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:7080::/48 Signature Algorithm: sha256WithRSAEncryption 4f:dd:81:ea:00:ac:00:dd:b0:61:05:48:e4:9b:55:e9:e0:f0: bf:6c:ca:84:03:3b:f9:1b:b4:94:0d:c3:1e:79:73:02:e4:72: dc:aa:b0:f9:e1:44:2d:fb:8a:18:5f:40:cb:7a:3c:30:d3:25: c8:7a:5f:3a:0e:6c:1a:3d:1d:13:84:64:f9:8f:99:97:e1:4e: 52:74:e2:22:14:a5:48:ae:81:a0:2a:69:ea:aa:87:a2:36:e3: ce:d1:c9:17:57:42:d1:e3:cf:69:c8:8d:7c:31:9d:5a:c8:a4: 9a:90:6a:e0:83:a2:85:c5:ec:90:46:1a:b0:b4:5d:93:00:6f: 09:9a:c3:38:a4:ef:b4:bf:1c:fb:42:c6:dc:80:12:0f:b8:c4: 82:93:64:b8:03:1d:48:59:5b:63:53:3a:70:84:39:5e:73:fb: be:c9:3d:e1:06:9a:0d:2f:fb:7c:38:64:19:9d:3f:b4:b5:88: 9b:a0:8d:f1:4d:40:04:36:e3:63:98:46:54:41:2d:0a:d8:9d: c5:dc:77:93:75:ed:eb:de:6d:48:50:0c:1f:23:58:57:a6:1e: 6a:ce:4d:09:e8:9b:6e:89:4b:5f:72:5c:b8:32:fb:e1:1a:a5: 40:c7:44:9b:a9:64:33:b7:97:63:59:45:5b:81:e9:2f:27:0c: 2b:7f:4f:d0 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUTUUgwGvI32/NOdy3Kih9i1aLReEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMTAwMTA0OFoX DTI2MDgwOTIzNTk1OVowejFJMEcGA1UEBRNAYzdhMzE3Y2JjNTExNzQxMzVmMTNj OGQ2NjRiNzMyZmUwMjdiNWYyOWMzYmI4ZDMwYzM1M2NiYmUzZTlhNjMzMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLdHUUg8i/l8w6IfnRaDCu+VdFM6 4tKTJiNZQbidXRfeBiKQ5EA57/jmshvDrNgTsxifrfu092EQ758DsCD9frrl3iYa 9ZCMdpkaWCNqy0LL6uSq1vNt7ixJpvq/c6rgTh8plPRkyT7+UnkAej+LwQ1mOgrd VM6Of9FdKon6ZDbcrGGAjwu9IPn7veDbTIUVMgHTIlvjVgKDCvbIOj1lfml0ML4M R5kfN2vrLq2tx/JVYWlwxRaneMl+ofU7Ka7MoptVRgX4HyuGwwU5ghBcRgon3cv+ AcmpCm40kosYipjPycqxaXmaPGPZx0dc23r4thUJLuAPNY+5NTVL1kpjUwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNfcZkE0aITvJ1bupKaqClx47JkTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzAzNmRkZGNiLTRmMGItNDA2Zi05ODk5LWY4M2I0YzBkYTkxNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYXCAMA0GCSqGSIb3DQEBCwUAA4IBAQBP3YHqAKwA3bBhBUjk m1Xp4PC/bMqEAzv5G7SUDcMeeXMC5HLcqrD54UQt+4oYX0DLejww0yXIel86Dmwa PR0ThGT5j5mX4U5SdOIiFKVIroGgKmnqqoeiNuPO0ckXV0LR489pyI18MZ1ayKSa kGrgg6KFxeyQRhqwtF2TAG8JmsM4pO+0vxz7QsbcgBIPuMSCk2S4Ax1IWVtjUzpw hDlec/u+yT3hBpoNL/t8OGQZnT+0tYiboI3xTUAENuNjmEZUQS0K2J3F3HeTde3r 3m1IUAwfI1hXph5qzk0J6JtuiUtfcly4MvvhGqVAx0SbqWQzt5djWUVbgekvJwwr f0/Q -----END CERTIFICATE-----Generated at Wed May 13 00:01:51 2026 by rpki-client