$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2c5cdd49-e98b-4e3d-8a61-094f381d2fae.roa File: 2c5cdd49-e98b-4e3d-8a61-094f381d2fae.roa (raw, json) Hash identifier: 2AncqAThcv/fHQgj2OwVMZIX8e59jDQ7uPuXltHzt58= Subject key identifier: 75:15:FD:7E:77:80:45:0B:9D:38:C8:4B:00:B5:06:BE:3A:4A:2A:EC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7225CF1C6CC97010E8EA0414C9E5B1EBB35DC623 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2c5cdd49-e98b-4e3d-8a61-094f381d2fae.roa Signing time: Sat 09 May 2026 00:01:31 +0000 ROA not before: Sat 09 May 2026 00:01:31 +0000 ROA not after: Fri 07 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:9040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:25:cf:1c:6c:c9:70:10:e8:ea:04:14:c9:e5:b1:eb:b3:5d:c6:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 9 00:01:31 2026 GMT Not After : Aug 7 23:59:59 2026 GMT Subject: serialNumber=fb83f647237083de2d0ae2f94a571946f607c8263eacad97799c37bb37db142b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:06:92:4c:68:5b:8a:07:56:f3:24:44:91:b2: 17:0a:98:ca:87:41:fa:6c:ff:13:eb:57:7a:2a:20: 61:c8:59:31:74:8f:63:9a:df:8a:88:b1:5a:b0:1c: b4:c3:52:53:ce:b8:cc:74:38:a4:83:ee:60:63:c0: ec:25:5b:c0:40:9d:01:41:d6:9e:db:eb:b8:8b:46: e7:ec:50:f4:c9:95:9c:10:3d:5c:7d:a7:8e:52:c3: 40:fe:fc:f1:19:90:8e:47:6d:bc:9e:f7:61:5d:b0: 6b:6a:0a:bf:ed:da:7f:87:9f:52:0e:be:67:d3:85: 05:60:6a:f6:7d:48:18:fd:0b:92:4a:56:7a:1d:ea: 62:fe:dd:be:97:09:ae:3d:27:ce:98:39:f4:1d:1e: 6e:f0:e4:4b:e9:7e:b1:a3:b2:da:60:4d:b4:b5:19: 0d:b4:e1:23:7a:46:13:d8:24:d5:d9:03:dd:c9:c8: 94:f0:89:57:9b:22:a6:1a:00:fc:27:4b:1e:75:1f: ec:e8:9c:6b:ca:99:23:78:82:d8:5d:23:5a:81:23: 86:e3:b1:01:00:cb:f5:00:95:27:f4:93:a8:03:17: 1e:ac:65:35:d3:63:d6:17:47:14:c2:bf:50:c9:63: aa:2b:f8:60:b0:b1:a5:ea:d4:19:e4:5b:81:1b:b9: 33:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:15:FD:7E:77:80:45:0B:9D:38:C8:4B:00:B5:06:BE:3A:4A:2A:EC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2c5cdd49-e98b-4e3d-8a61-094f381d2fae.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:9040::/48 Signature Algorithm: sha256WithRSAEncryption 96:e5:85:ff:29:d8:99:c3:55:fa:7f:51:b6:8e:0e:66:53:8c: 2c:6b:b3:66:b7:dc:5f:77:e5:8b:98:89:16:c6:ab:2e:cb:28: 40:7c:c8:b1:2f:7c:6f:ef:6b:ce:5c:f3:75:70:98:aa:62:6a: c3:5b:26:c9:9e:8c:24:e8:fa:d8:8c:f1:7a:04:50:2d:c9:73: 3e:56:b2:ea:24:8d:82:fb:b2:45:9c:17:b9:3a:3c:15:99:ce: 3f:e0:f9:3f:96:96:ab:18:c1:33:15:e5:6a:42:b2:4a:3c:43: b4:4c:76:88:57:64:d9:5d:65:54:4d:a7:2e:21:b4:e2:3d:e6: 6c:8f:35:36:17:89:8d:a5:c8:73:c7:b5:4d:58:06:e9:63:f3: 31:91:73:c5:b9:dc:96:13:36:6e:69:d4:1f:d0:b2:7a:72:ce: be:02:68:43:bb:de:01:6f:21:84:32:df:ea:96:fa:80:7d:25: 7d:bc:ac:2c:12:80:c1:6f:0a:f6:c1:43:37:af:4d:34:35:c9: 6c:fb:f1:c6:31:60:fb:0e:3f:fd:33:9b:d3:8d:b6:76:5b:3c: 4d:ec:db:d1:9d:dc:8c:58:97:ad:e2:e2:c9:91:54:eb:57:b9: 72:91:61:57:92:11:0b:92:54:e9:30:88:54:9d:a8:ba:62:43: da:87:32:46 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUciXPHGzJcBDo6gQUyeWx67NdxiMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwOTAwMDEzMVoX DTI2MDgwNzIzNTk1OVowejFJMEcGA1UEBRNAZmI4M2Y2NDcyMzcwODNkZTJkMGFl MmY5NGE1NzE5NDZmNjA3YzgyNjNlYWNhZDk3Nzk5YzM3YmIzN2RiMTQyYjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6QaSTGhbigdW8yREkbIXCpjKh0H6 bP8T61d6KiBhyFkxdI9jmt+KiLFasBy0w1JTzrjMdDikg+5gY8DsJVvAQJ0BQdae 2+u4i0bn7FD0yZWcED1cfaeOUsNA/vzxGZCOR228nvdhXbBragq/7dp/h59SDr5n 04UFYGr2fUgY/QuSSlZ6Hepi/t2+lwmuPSfOmDn0HR5u8ORL6X6xo7LaYE20tRkN tOEjekYT2CTV2QPdyciU8IlXmyKmGgD8J0sedR/s6JxrypkjeILYXSNagSOG47EB AMv1AJUn9JOoAxcerGU102PWF0cUwr9QyWOqK/hgsLGl6tQZ5FuBG7kzFQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFHUV/X53gEULnTjISwC1Br46SirsMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJjNWNkZDQ5LWU5OGItNGUzZC04YTYxLTA5NGYzODFkMmZhZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAJBAMA0GCSqGSIb3DQEBCwUAA4IBAQCW5YX/KdiZw1X6f1G2 jg5mU4wsa7Nmt9xfd+WLmIkWxqsuyyhAfMixL3xv72vOXPN1cJiqYmrDWybJnowk 6PrYjPF6BFAtyXM+VrLqJI2C+7JFnBe5OjwVmc4/4Pk/lparGMEzFeVqQrJKPEO0 THaIV2TZXWVUTacuIbTiPeZsjzU2F4mNpchzx7VNWAbpY/MxkXPFudyWEzZuadQf 0LJ6cs6+AmhDu94BbyGEMt/qlvqAfSV9vKwsEoDBbwr2wUM3r000Ncls+/HGMWD7 Dj/9M5vTjbZ2WzxN7NvRndyMWJet4uLJkVTrV7lykWFXkhELklTpMIhUnai6YkPa hzJG -----END CERTIFICATE-----Generated at Tue May 12 23:35:38 2026 by rpki-client