$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/08c68094-5359-4e76-9230-1465cd68f373.roa File: 08c68094-5359-4e76-9230-1465cd68f373.roa (raw, json) Hash identifier: Jjyj7gor2kr2NaYaeCHhfttRylroczJ1IgtYBa/LrvU= Subject key identifier: D0:04:5F:C8:01:70:86:E0:15:5F:75:49:77:1F:1B:3E:F4:86:55:4C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 73580BAEB8555B6A41F040B11E52EC7C38C87B2D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/08c68094-5359-4e76-9230-1465cd68f373.roa Signing time: Wed 06 May 2026 00:01:09 +0000 ROA not before: Wed 06 May 2026 00:01:09 +0000 ROA not after: Tue 04 Aug 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2406:da60:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:58:0b:ae:b8:55:5b:6a:41:f0:40:b1:1e:52:ec:7c:38:c8:7b:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 6 00:01:09 2026 GMT Not After : Aug 4 23:59:59 2026 GMT Subject: serialNumber=bd638f15efee16f7647b5ddb21a77b51593e39d21f4b3144181dfad8e21fab02, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:de:69:f0:8a:2e:ba:03:4b:68:c9:b8:69:c1: ed:01:c6:36:32:15:3a:27:e3:ab:88:29:a0:5d:0d: de:9d:07:78:94:5c:0f:1d:ef:6e:dc:6c:27:6a:06: 4d:70:d5:5d:6c:63:8f:2d:bc:d3:e3:0e:79:7c:38: 22:48:df:20:b2:a6:47:af:ae:27:6f:70:22:6a:0c: 16:15:17:d5:b6:72:5d:9f:4b:eb:fd:ab:a2:60:99: c7:55:5e:ea:86:4a:74:1f:d3:b9:69:73:32:36:c5: fa:46:bb:b5:50:be:bf:de:33:fa:11:9f:09:fa:f5: 4b:27:97:27:bf:ed:88:57:36:41:6f:03:86:f0:ce: 04:0a:2a:8e:14:b6:b6:38:86:46:8b:4e:93:cd:bd: 59:70:fa:58:1a:f5:7c:0b:79:f0:0f:04:89:63:f0: 58:b3:13:67:bf:4b:13:4e:ed:dd:6c:b0:c5:59:4c: 40:19:ed:db:41:33:38:51:04:b2:6f:bf:2a:ee:1c: 07:90:0f:25:30:50:12:d9:e2:6f:f9:82:10:79:c9: 57:d3:6d:7a:86:f6:e0:bd:fc:67:55:c2:e8:ad:0a: d9:54:b6:38:96:9a:71:88:70:0f:eb:5b:73:e2:0b: 12:3a:6e:4e:30:95:2f:8d:5a:ac:65:ad:6b:f3:cc: 8b:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:04:5F:C8:01:70:86:E0:15:5F:75:49:77:1F:1B:3E:F4:86:55:4C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/08c68094-5359-4e76-9230-1465cd68f373.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:c000::/40 Signature Algorithm: sha256WithRSAEncryption 29:0a:3a:8b:ff:81:c1:81:31:19:0f:3b:cc:5c:34:bd:ba:05: eb:bb:a8:c0:e9:3f:8d:01:fb:3e:c2:db:b8:75:e5:cf:a7:3b: 6a:0d:41:a2:3f:f1:44:55:11:8d:ea:19:f3:ad:7e:e9:c3:81: f5:21:b2:9e:35:3c:f5:c7:ad:0d:16:2a:67:34:32:a5:ce:1f: 09:72:00:7c:bc:c2:73:d6:f6:bf:91:3f:35:17:ba:11:1b:05: 10:0f:3b:5b:ad:66:f8:f9:68:cf:d0:bd:bb:a7:c2:27:70:1d: 4a:0c:46:5e:79:47:9f:5d:57:34:2b:91:97:1d:31:76:b2:21: 69:d5:38:8a:89:da:37:c2:f7:c3:04:41:c9:2b:8b:84:ec:6e: 52:40:c1:36:d7:a5:d6:7f:b2:64:a8:64:7c:c5:01:a1:34:98: 22:a2:ef:16:7e:f7:9d:8d:f3:8e:a4:82:79:f0:51:f0:62:70: 9c:c8:86:9b:24:42:87:65:8d:92:78:b1:2f:1e:0e:47:6d:6b: 8b:58:c7:74:71:d2:09:7f:45:73:b0:4b:90:63:16:95:93:93: 06:b2:1c:fb:87:02:e6:9a:09:e7:83:d1:a9:f6:90:84:71:af: d1:00:27:02:a9:f8:04:60:37:f3:40:8e:46:92:c4:3e:81:52: 71:e8:70:82 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUc1gLrrhVW2pB8ECxHlLsfDjIey0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwNjAwMDEwOVoX DTI2MDgwNDIzNTk1OVowejFJMEcGA1UEBRNAYmQ2MzhmMTVlZmVlMTZmNzY0N2I1 ZGRiMjFhNzdiNTE1OTNlMzlkMjFmNGIzMTQ0MTgxZGZhZDhlMjFmYWIwMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt95p8IouugNLaMm4acHtAcY2MhU6 J+OriCmgXQ3enQd4lFwPHe9u3GwnagZNcNVdbGOPLbzT4w55fDgiSN8gsqZHr64n b3AiagwWFRfVtnJdn0vr/auiYJnHVV7qhkp0H9O5aXMyNsX6Rru1UL6/3jP6EZ8J +vVLJ5cnv+2IVzZBbwOG8M4ECiqOFLa2OIZGi06Tzb1ZcPpYGvV8C3nwDwSJY/BY sxNnv0sTTu3dbLDFWUxAGe3bQTM4UQSyb78q7hwHkA8lMFAS2eJv+YIQeclX0216 hvbgvfxnVcLorQrZVLY4lppxiHAP61tz4gsSOm5OMJUvjVqsZa1r88yLpQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFNAEX8gBcIbgFV91SXcfGz70hlVMMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzA4YzY4MDk0LTUzNTktNGU3Ni05MjMwLTE0NjVjZDY4ZjM3My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYMAwDQYJKoZIhvcNAQELBQADggEBACkKOov/gcGBMRkPO8xc NL26Beu7qMDpP40B+z7C27h15c+nO2oNQaI/8URVEY3qGfOtfunDgfUhsp41PPXH rQ0WKmc0MqXOHwlyAHy8wnPW9r+RPzUXuhEbBRAPO1utZvj5aM/QvbunwidwHUoM Rl55R59dVzQrkZcdMXayIWnVOIqJ2jfC98MEQckri4TsblJAwTbXpdZ/smSoZHzF AaE0mCKi7xZ+952N846kgnnwUfBicJzIhpskQodljZJ4sS8eDkdta4tYx3Rx0gl/ RXOwS5BjFpWTkwayHPuHAuaaCeeD0an2kIRxr9EAJwKp+ARgN/NAjkaSxD6BUnHo cII= -----END CERTIFICATE-----Generated at Tue May 12 22:17:31 2026 by rpki-client