$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2d3756cb-3d90-4f28-96d5-2e8b14556142.roa File: 2d3756cb-3d90-4f28-96d5-2e8b14556142.roa (raw, json) Hash identifier: zSfwqyugJH4hl1MuTsC422EKXOX5mq9gXDMBLgsYsdA= Subject key identifier: 7C:ED:D8:EB:FA:DE:A6:50:98:37:A0:C4:A8:FE:38:AC:5E:69:60:84 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6E08496813EF20E3F8C296B54B12F06D2556FEE7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2d3756cb-3d90-4f28-96d5-2e8b14556142.roa Signing time: Sat 09 May 2026 00:01:32 +0000 ROA not before: Sat 09 May 2026 00:01:32 +0000 ROA not after: Fri 07 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:40e0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:08:49:68:13:ef:20:e3:f8:c2:96:b5:4b:12:f0:6d:25:56:fe:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 9 00:01:32 2026 GMT Not After : Aug 7 23:59:59 2026 GMT Subject: serialNumber=cc8ca86fd3c0bf683c2719074d51749f652e7afbc21a6924f578a3dbaefd7485, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:70:ca:c3:8f:35:46:4a:e5:54:14:59:97:1e: 94:2f:a4:56:19:6c:d4:d7:33:25:0b:17:fd:56:30: dc:17:72:8c:40:15:36:f1:95:c9:5d:2a:27:2b:8e: 15:92:66:5d:d7:34:7e:bf:27:42:53:4b:3c:33:62: 04:cf:17:59:6f:44:fe:41:33:0e:a0:a7:2b:ec:e8: 6c:b1:3b:27:58:7d:b9:dc:6e:1e:98:ed:73:05:74: 7a:b5:95:e1:6a:22:06:56:d8:7b:be:b6:a3:65:31: c3:0d:87:ff:e4:15:9e:dc:6b:14:eb:2c:8d:52:87: 31:9d:a4:c6:3e:db:54:79:ff:a1:85:72:13:42:61: 3f:d0:cc:96:37:b5:b9:6f:53:6e:17:87:5b:fc:6b: b4:3e:99:4a:be:f4:78:0d:b6:f5:a2:0a:df:39:69: e7:c5:65:5d:3a:cc:58:37:80:28:b7:49:70:4b:5f: 43:12:08:5d:5b:79:2f:ed:08:89:ad:84:90:7b:cd: b6:fa:aa:1f:52:96:78:9c:a3:94:ff:d7:52:2e:da: 4e:77:f3:ea:2c:d7:0c:bd:71:55:a3:59:15:bd:ec: 33:96:9f:0e:2e:27:9f:31:ba:f7:41:40:d8:5e:47: 7e:4f:75:a2:62:5a:eb:d2:1b:08:a0:8e:6c:95:f1: e9:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:ED:D8:EB:FA:DE:A6:50:98:37:A0:C4:A8:FE:38:AC:5E:69:60:84 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2d3756cb-3d90-4f28-96d5-2e8b14556142.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:40e0::/48 Signature Algorithm: sha256WithRSAEncryption 7c:05:00:e4:a1:f7:e2:73:69:2d:0e:21:aa:9b:ac:61:2a:65: 69:a0:4a:5c:a9:7d:13:94:63:ea:21:95:71:82:13:c9:1b:b5: b3:9e:d5:35:78:7f:f6:cc:9c:61:29:f3:3d:a2:93:33:ce:f3: 67:ac:78:d3:d6:f1:97:3c:e4:94:03:f9:09:69:a6:08:b5:2a: f8:24:74:a0:a4:3e:e6:d6:bd:db:1c:6c:42:71:6c:cf:a8:58: 84:87:8b:ac:6e:4e:98:d5:b4:25:42:2e:01:09:7f:82:1a:5e: 5f:f3:8c:8d:d8:0a:4d:1c:f7:f4:df:99:08:04:0d:ab:85:ce: 0b:dd:d1:a6:92:8d:a6:44:86:8d:8c:c7:a0:0c:36:e7:1e:59: ed:87:c8:9a:dd:cd:8f:0d:c7:ec:43:8d:99:67:d2:b0:25:a4: 9d:83:ec:7d:01:a8:d9:48:42:08:e8:73:a4:96:07:a8:5f:e2: 98:1a:7c:7f:11:e2:22:8b:8c:b3:83:83:84:1b:5a:53:c0:68: 97:05:5b:01:86:38:48:02:f2:22:56:eb:cb:ce:6a:e4:b8:87: 04:a3:b0:2c:ad:ea:54:2d:27:59:f1:b0:89:27:7a:73:18:9f: 60:2f:60:22:47:32:ee:d4:56:72:33:1c:5e:30:a6:8e:c4:d4: cd:5d:14:23 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUbghJaBPvIOP4wpa1SxLwbSVW/ucwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwOTAwMDEzMloX DTI2MDgwNzIzNTk1OVowejFJMEcGA1UEBRNAY2M4Y2E4NmZkM2MwYmY2ODNjMjcx OTA3NGQ1MTc0OWY2NTJlN2FmYmMyMWE2OTI0ZjU3OGEzZGJhZWZkNzQ4NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHDKw481RkrlVBRZlx6UL6RWGWzU 1zMlCxf9VjDcF3KMQBU28ZXJXSonK44VkmZd1zR+vydCU0s8M2IEzxdZb0T+QTMO oKcr7OhssTsnWH253G4emO1zBXR6tZXhaiIGVth7vrajZTHDDYf/5BWe3GsU6yyN UocxnaTGPttUef+hhXITQmE/0MyWN7W5b1NuF4db/Gu0PplKvvR4Dbb1ogrfOWnn xWVdOsxYN4Aot0lwS19DEghdW3kv7QiJrYSQe822+qofUpZ4nKOU/9dSLtpOd/Pq LNcMvXFVo1kVvewzlp8OLiefMbr3QUDYXkd+T3WiYlrr0hsIoI5slfHp8wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFHzt2Ov63qZQmDegxKj+OKxeaWCEMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJkMzc1NmNiLTNkOTAtNGYyOC05NmQ1LTJlOGIxNDU1NjE0Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/0DgMA0GCSqGSIb3DQEBCwUAA4IBAQB8BQDkoffic2ktDiGq m6xhKmVpoEpcqX0TlGPqIZVxghPJG7WzntU1eH/2zJxhKfM9opMzzvNnrHjT1vGX POSUA/kJaaYItSr4JHSgpD7m1r3bHGxCcWzPqFiEh4usbk6Y1bQlQi4BCX+CGl5f 84yN2ApNHPf035kIBA2rhc4L3dGmko2mRIaNjMegDDbnHlnth8ia3c2PDcfsQ42Z Z9KwJaSdg+x9AajZSEII6HOklgeoX+KYGnx/EeIii4yzg4OEG1pTwGiXBVsBhjhI AvIiVuvLzmrkuIcEo7AsrepULSdZ8bCJJ3pzGJ9gL2AiRzLu1FZyMxxeMKaOxNTN XRQj -----END CERTIFICATE-----Generated at Wed May 13 00:01:33 2026 by rpki-client