$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/18c0c353-8021-483e-a98b-44dbaff4b805.roa File: 18c0c353-8021-483e-a98b-44dbaff4b805.roa (raw, json) Hash identifier: l+8bjYgeLYU6jZTRU9drBHehQUWjFIYecIsw3U+nbjM= Subject key identifier: CC:B7:4E:1F:30:4A:3E:FF:E7:DC:4E:64:F0:D9:4B:7C:24:5E:55:58 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 562817623233651574B471B66F3B5B5966110E64 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/18c0c353-8021-483e-a98b-44dbaff4b805.roa Signing time: Mon 11 May 2026 00:11:02 +0000 ROA not before: Mon 11 May 2026 00:11:02 +0000 ROA not after: Sun 09 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:6080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:28:17:62:32:33:65:15:74:b4:71:b6:6f:3b:5b:59:66:11:0e:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 11 00:11:02 2026 GMT Not After : Aug 9 23:59:59 2026 GMT Subject: serialNumber=24eb7dd857c10e96189d1782d7d9b0d60b7098208cfd90cdfa56b702aa2013a2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:99:af:e2:d6:10:a8:f9:ef:ea:bb:2a:ec:4f: c9:3c:c7:26:51:af:e4:47:a9:51:ee:03:66:6b:57: 19:8b:4c:8f:59:cf:20:46:a5:8d:26:6e:61:06:c8: 64:9c:fd:6e:fb:bb:80:98:35:bb:49:c2:59:fd:32: 2d:8c:cb:d7:92:98:b2:bb:2e:14:6c:b0:5b:62:d0: 50:2e:60:3d:eb:7c:df:a2:18:7a:9f:c5:1e:91:97: 9a:e1:f8:16:6d:56:7d:77:2c:59:c8:8c:46:e5:1e: 49:06:2f:5e:5c:35:e9:7e:6f:20:99:5f:9b:20:89: 6c:7b:75:30:47:d0:c8:c6:2b:d3:48:9f:29:f1:3e: 5c:7c:1a:9a:ca:cb:93:4d:a7:a2:28:e1:40:b2:0e: 70:ab:9b:6d:9d:68:8b:6e:69:63:06:5f:5c:45:fd: ce:85:08:58:2a:9d:f5:fe:42:92:2f:d0:97:61:5c: 00:6e:68:62:53:c8:61:64:df:4d:83:c8:8f:67:91: 4c:aa:05:15:c4:20:e1:0d:91:01:9a:ee:fd:a7:26: 60:46:4d:59:88:89:31:af:2f:b1:7c:e6:87:b8:7c: 6d:b2:a6:09:b7:1b:a5:20:73:c8:ab:7e:63:36:71: 0c:14:45:d3:8d:57:83:ef:de:7b:d0:ed:29:f3:38: 7b:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:B7:4E:1F:30:4A:3E:FF:E7:DC:4E:64:F0:D9:4B:7C:24:5E:55:58 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/18c0c353-8021-483e-a98b-44dbaff4b805.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:6080::/48 Signature Algorithm: sha256WithRSAEncryption c9:5e:59:40:6a:9a:59:52:cf:18:34:53:fb:5a:1b:86:e0:d3: 5b:8d:56:ce:d6:e6:94:4f:7a:41:16:4f:bd:64:33:58:af:e8: 8d:55:d9:27:f9:a4:a8:0d:78:76:17:f5:10:1d:14:99:d7:b1: 3b:cd:29:93:ce:bc:4a:11:29:3f:9c:ab:15:39:bf:b8:60:ef: 7e:69:ce:46:07:55:d8:b3:63:02:aa:5f:57:c8:5d:58:42:58: 28:fe:90:f7:5e:b5:d8:2d:af:44:f5:e3:24:ad:21:80:10:71: 15:ac:9f:a5:be:cb:d4:c5:cd:10:f9:c8:33:41:47:08:5a:1f: 34:6c:0c:a6:e9:04:f1:ca:fc:1d:33:c6:d4:aa:d3:e4:8f:98: 91:3e:32:69:4b:d6:c0:49:c8:87:f4:89:34:39:23:f1:c1:e0: 3b:c6:18:35:dc:ba:7c:1e:7f:b4:63:17:03:0c:f1:6a:5f:95: d5:e9:57:ed:8b:35:4d:30:0a:71:ce:88:e3:5c:b6:fe:44:8e: 91:87:c9:91:ce:05:c9:63:b9:95:7e:4c:3f:e2:18:ec:67:f0: ad:28:1f:ff:44:72:e7:75:50:59:c5:9d:5c:b8:06:41:e7:0a: fc:7f:6a:61:3a:b4:48:03:b8:8d:d1:d3:09:7c:48:ac:e2:15: f5:6c:35:0c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUVigXYjIzZRV0tHG2bztbWWYRDmQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMTAwMTEwMloX DTI2MDgwOTIzNTk1OVowejFJMEcGA1UEBRNAMjRlYjdkZDg1N2MxMGU5NjE4OWQx NzgyZDdkOWIwZDYwYjcwOTgyMDhjZmQ5MGNkZmE1NmI3MDJhYTIwMTNhMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5mv4tYQqPnv6rsq7E/JPMcmUa/k R6lR7gNma1cZi0yPWc8gRqWNJm5hBshknP1u+7uAmDW7ScJZ/TItjMvXkpiyuy4U bLBbYtBQLmA963zfohh6n8UekZea4fgWbVZ9dyxZyIxG5R5JBi9eXDXpfm8gmV+b IIlse3UwR9DIxivTSJ8p8T5cfBqaysuTTaeiKOFAsg5wq5ttnWiLbmljBl9cRf3O hQhYKp31/kKSL9CXYVwAbmhiU8hhZN9Ng8iPZ5FMqgUVxCDhDZEBmu79pyZgRk1Z iIkxry+xfOaHuHxtsqYJtxulIHPIq35jNnEMFEXTjVeD79570O0p8zh7mQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFMy3Th8wSj7/59xOZPDZS3wkXlVYMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE4YzBjMzUzLTgwMjEtNDgzZS1hOThiLTQ0ZGJhZmY0YjgwNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8mCAMA0GCSqGSIb3DQEBCwUAA4IBAQDJXllAappZUs8YNFP7 WhuG4NNbjVbO1uaUT3pBFk+9ZDNYr+iNVdkn+aSoDXh2F/UQHRSZ17E7zSmTzrxK ESk/nKsVOb+4YO9+ac5GB1XYs2MCql9XyF1YQlgo/pD3XrXYLa9E9eMkrSGAEHEV rJ+lvsvUxc0Q+cgzQUcIWh80bAym6QTxyvwdM8bUqtPkj5iRPjJpS9bASciH9Ik0 OSPxweA7xhg13Lp8Hn+0YxcDDPFqX5XV6VftizVNMApxzojjXLb+RI6Rh8mRzgXJ Y7mVfkw/4hjsZ/CtKB//RHLndVBZxZ1cuAZB5wr8f2phOrRIA7iN0dMJfEis4hX1 bDUM -----END CERTIFICATE-----Generated at Wed May 13 00:07:20 2026 by rpki-client