$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/28ff52d2-0135-4def-a017-40424079b2a7.roa File: 28ff52d2-0135-4def-a017-40424079b2a7.roa (raw, json) Hash identifier: Wsl9qDzmsUUMSEOO5j+sT4Fi4zFakQvEBzj0Gj5eCIc= Subject key identifier: 02:3C:58:FB:AF:8B:10:C5:31:C7:0D:69:D9:22:F7:8A:BD:72:18:57 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 40B2085C6FB1C8DA3BFAFBD81CDC3652FD1B31B9 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/28ff52d2-0135-4def-a017-40424079b2a7.roa Signing time: Mon 11 May 2026 00:01:20 +0000 ROA not before: Mon 11 May 2026 00:01:20 +0000 ROA not after: Sun 09 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:b2:08:5c:6f:b1:c8:da:3b:fa:fb:d8:1c:dc:36:52:fd:1b:31:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 11 00:01:20 2026 GMT Not After : Aug 9 23:59:59 2026 GMT Subject: serialNumber=e1f8c6d2a9cbc0bf2f9e496906b7fda0daa35398776736485b4a50dc2f5b1a07, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:67:3a:9b:5a:f5:6e:a5:af:59:c7:54:8b:24: d0:56:34:10:70:77:5a:f0:0e:f5:8b:70:d6:d6:13: 08:33:72:23:cc:3c:08:bb:9e:70:26:9c:29:e1:7b: fe:39:bf:c4:1d:49:a0:25:2d:b0:dd:94:a8:fe:f3: c4:72:7d:e3:36:b0:78:aa:27:20:5e:57:24:75:ce: b0:6a:9f:eb:c0:9a:cb:6f:69:5d:23:61:2f:6f:a8: fa:fd:94:7a:2b:d1:d6:a8:14:83:9b:74:23:55:04: cd:4b:8a:c6:94:19:fd:45:0e:57:c8:30:39:cd:c9: 51:50:a2:2e:6d:30:58:f7:b7:ef:a3:b1:99:80:54: cb:84:60:ce:31:f4:29:7f:c0:a3:18:5c:45:08:a5: 14:4c:2a:b8:8c:53:f1:77:41:0a:6b:62:96:fb:ac: 03:cc:e9:1d:ae:5d:86:66:16:bc:06:44:d5:01:40: 25:cd:db:33:65:b5:44:9c:15:56:51:f0:c4:f2:5f: 3c:c6:8e:88:42:e3:2c:bd:37:e8:c6:d3:c3:a5:38: c0:4c:40:8e:84:57:70:b5:e5:28:de:e8:a2:47:3d: 60:36:47:dc:9e:e2:0e:d3:1a:10:8b:a3:2e:34:40: 7e:c6:8b:1e:cd:8b:53:ff:fa:0c:5a:70:80:66:18: f6:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:3C:58:FB:AF:8B:10:C5:31:C7:0D:69:D9:22:F7:8A:BD:72:18:57 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/28ff52d2-0135-4def-a017-40424079b2a7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:880::/48 Signature Algorithm: sha256WithRSAEncryption 9e:aa:cb:3c:74:15:f1:75:2a:ce:08:52:f4:08:ab:c4:09:90: 59:00:63:94:5c:a7:42:26:de:00:e5:0f:c7:0d:b7:52:47:05: d6:46:9f:27:9b:41:29:7d:b5:7d:45:72:05:8d:e4:a8:68:0d: 93:ef:c2:4e:58:6c:dc:ec:38:68:db:20:ec:23:ed:e9:51:66: e4:4d:b2:a7:9e:2a:4b:83:25:20:8a:a0:8a:e8:7e:ce:94:be: fc:5f:b7:51:36:30:bb:c5:aa:53:f4:e8:24:54:6b:16:91:bd: 7f:10:ef:b1:56:c7:3d:95:00:c9:e6:76:f4:12:71:3d:d9:8b: ca:d8:1a:bc:cd:99:b2:ba:06:63:5c:b6:16:b4:f9:89:9f:4b: 81:a0:a3:67:cf:aa:65:55:73:fc:7d:4c:2a:b9:2f:dc:6d:f2: 87:29:ee:4f:a4:f1:f6:0f:5d:91:9d:48:2b:1a:4f:f3:d8:7f: 8a:b0:0e:1d:88:35:08:e0:ae:bb:54:30:18:c6:f3:1b:ed:09: f0:07:2f:53:97:81:66:57:49:5c:1a:8e:a2:26:5b:91:6a:0a: 33:c0:24:16:01:8e:5c:ff:12:59:b7:83:66:4d:38:f3:6f:d1: 6a:79:3a:ec:dc:f3:8b:41:76:92:f4:5c:79:6e:11:ab:e2:08: bc:73:ef:96 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUQLIIXG+xyNo7+vvYHNw2Uv0bMbkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMTAwMDEyMFoX DTI2MDgwOTIzNTk1OVowejFJMEcGA1UEBRNAZTFmOGM2ZDJhOWNiYzBiZjJmOWU0 OTY5MDZiN2ZkYTBkYWEzNTM5ODc3NjczNjQ4NWI0YTUwZGMyZjViMWEwNzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2c6m1r1bqWvWcdUiyTQVjQQcHda 8A71i3DW1hMIM3IjzDwIu55wJpwp4Xv+Ob/EHUmgJS2w3ZSo/vPEcn3jNrB4qicg Xlckdc6wap/rwJrLb2ldI2Evb6j6/ZR6K9HWqBSDm3QjVQTNS4rGlBn9RQ5XyDA5 zclRUKIubTBY97fvo7GZgFTLhGDOMfQpf8CjGFxFCKUUTCq4jFPxd0EKa2KW+6wD zOkdrl2GZha8BkTVAUAlzdszZbVEnBVWUfDE8l88xo6IQuMsvTfoxtPDpTjATECO hFdwteUo3uiiRz1gNkfcnuIO0xoQi6MuNEB+xosezYtT//oMWnCAZhj2+QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAI8WPuvixDFMccNadki94q9chhXMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI4ZmY1MmQyLTAxMzUtNGRlZi1hMDE3LTQwNDI0MDc5YjJhNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/wiAMA0GCSqGSIb3DQEBCwUAA4IBAQCeqss8dBXxdSrOCFL0 CKvECZBZAGOUXKdCJt4A5Q/HDbdSRwXWRp8nm0EpfbV9RXIFjeSoaA2T78JOWGzc 7Dho2yDsI+3pUWbkTbKnnipLgyUgiqCK6H7OlL78X7dRNjC7xapT9OgkVGsWkb1/ EO+xVsc9lQDJ5nb0EnE92YvK2Bq8zZmyugZjXLYWtPmJn0uBoKNnz6plVXP8fUwq uS/cbfKHKe5PpPH2D12RnUgrGk/z2H+KsA4diDUI4K67VDAYxvMb7QnwBy9Tl4Fm V0lcGo6iJluRagozwCQWAY5c/xJZt4NmTTjzb9FqeTrs3POLQXaS9Fx5bhGr4gi8 c++W -----END CERTIFICATE-----Generated at Tue May 12 23:30:47 2026 by rpki-client