$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2dbf8d60-f7e6-4049-8e45-9c0517e5045d.roa File: 2dbf8d60-f7e6-4049-8e45-9c0517e5045d.roa (raw, json) Hash identifier: IH76Zy585zlmqtK08QCDSD5P29nqlFSDIYXAEv6IDgM= Subject key identifier: 2D:C4:FE:6D:E9:A7:42:0F:95:DC:D9:68:73:45:CF:80:01:22:C3:1C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1B6C4ADCABB221D20E682A7718E7D67DE8890E77 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2dbf8d60-f7e6-4049-8e45-9c0517e5045d.roa Signing time: Wed 06 May 2026 00:00:14 +0000 ROA not before: Wed 06 May 2026 00:00:14 +0000 ROA not after: Tue 04 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:6c:4a:dc:ab:b2:21:d2:0e:68:2a:77:18:e7:d6:7d:e8:89:0e:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 6 00:00:14 2026 GMT Not After : Aug 4 23:59:59 2026 GMT Subject: serialNumber=2f6fcb2361c8a9ac8056e65fe850b0432be843a1bf6d4177304a7c9353d2dd55, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:0f:34:a5:20:24:e6:66:49:a3:67:49:95:fb: 72:f9:19:2b:fb:21:07:60:f7:e9:92:1e:db:e9:2f: 04:b0:0c:d1:52:c7:d3:83:23:cd:56:a7:12:f8:73: b3:55:f3:76:bb:df:04:3e:41:5b:dc:92:2e:80:2d: 25:d3:04:8a:82:ef:f4:33:18:3b:5a:ac:b9:3b:9a: 25:71:5c:3d:dc:ae:b7:b4:0a:d0:6e:e1:81:47:fc: bc:27:c4:34:16:4d:d6:fb:e0:f2:42:2d:26:59:39: 1d:86:02:d5:f8:c0:5c:3c:a1:d3:ab:99:0b:ef:37: 88:aa:02:c6:8a:8a:ea:89:9f:9b:2c:9e:1b:55:a1: 1f:35:a3:70:40:79:9e:c5:ae:9a:54:0e:ca:0b:4a: 07:3a:8e:1e:e0:88:79:2d:d3:7b:0c:43:34:c3:03: 11:79:d2:2b:17:38:9e:79:73:0f:86:cf:c0:73:64: 2c:90:3a:1f:a1:28:af:ee:74:2d:80:dc:c0:9d:68: 61:61:45:42:40:61:09:9b:9a:3c:6e:05:7e:e0:07: a5:28:3d:6f:6c:df:02:be:ba:17:2d:3a:6a:52:2d: e9:8f:b8:ba:07:df:00:bc:8b:93:f3:c7:08:6c:01: 7e:3b:96:38:0e:fa:a8:31:45:8e:8b:a0:16:86:32: 69:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:C4:FE:6D:E9:A7:42:0F:95:DC:D9:68:73:45:CF:80:01:22:C3:1C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2dbf8d60-f7e6-4049-8e45-9c0517e5045d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:2000::/40 Signature Algorithm: sha256WithRSAEncryption c9:44:89:fc:b0:de:f5:31:39:ae:6c:c6:af:06:39:06:5b:70: 0c:95:a2:54:d9:33:2c:30:8b:4c:19:2e:d2:96:06:7a:75:20: fa:74:d5:d4:a6:2f:c7:5d:0f:e9:f7:af:f2:c9:7a:d2:a3:a6: 91:fb:ba:a4:b7:21:6a:9d:16:d8:bf:7e:33:e9:9c:e3:54:9f: 43:69:db:01:55:38:7e:9e:70:b2:3b:5f:cc:6b:0c:3d:27:ad: e9:10:bd:92:2e:b8:30:50:4c:4e:c4:b6:27:d8:ae:2d:7b:be: cc:26:3d:68:b7:a3:61:20:6a:ad:a5:3f:dd:9d:71:52:54:fe: 28:36:a9:8c:69:7b:9a:3a:80:ab:ce:0d:12:d4:d4:bb:ec:0d: 08:74:8f:5a:cc:af:b3:9f:07:54:1a:74:4b:e5:26:10:3c:ea: 48:0f:da:90:a2:e0:4a:39:72:ed:b2:0d:fd:4e:00:60:ff:06: aa:a1:9a:0c:12:b6:a6:46:47:18:ed:c4:c5:25:9b:1a:37:46: 21:14:a4:18:95:27:92:a0:99:d4:e3:12:5c:a8:ba:03:2c:a3: b5:48:b1:08:a9:7e:c4:22:23:b2:81:a2:c5:2d:90:53:55:d8: 6e:e2:e2:fe:82:01:43:2c:70:22:48:f1:5d:d0:b1:69:f1:70: f8:a0:02:52 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUG2xK3KuyIdIOaCp3GOfWfeiJDncwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwNjAwMDAxNFoX DTI2MDgwNDIzNTk1OVowejFJMEcGA1UEBRNAMmY2ZmNiMjM2MWM4YTlhYzgwNTZl NjVmZTg1MGIwNDMyYmU4NDNhMWJmNmQ0MTc3MzA0YTdjOTM1M2QyZGQ1NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmA80pSAk5mZJo2dJlfty+Rkr+yEH YPfpkh7b6S8EsAzRUsfTgyPNVqcS+HOzVfN2u98EPkFb3JIugC0l0wSKgu/0Mxg7 Wqy5O5olcVw93K63tArQbuGBR/y8J8Q0Fk3W++DyQi0mWTkdhgLV+MBcPKHTq5kL 7zeIqgLGiorqiZ+bLJ4bVaEfNaNwQHmexa6aVA7KC0oHOo4e4Ih5LdN7DEM0wwMR edIrFzieeXMPhs/Ac2QskDofoSiv7nQtgNzAnWhhYUVCQGEJm5o8bgV+4AelKD1v bN8CvroXLTpqUi3pj7i6B98AvIuT88cIbAF+O5Y4DvqoMUWOi6AWhjJp9wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFC3E/m3pp0IPldzZaHNFz4ABIsMcMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJkYmY4ZDYwLWY3ZTYtNDA0OS04ZTQ1LTljMDUxN2U1MDQ1ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYCAwDQYJKoZIhvcNAQELBQADggEBAMlEifyw3vUxOa5sxq8G OQZbcAyVolTZMywwi0wZLtKWBnp1IPp01dSmL8ddD+n3r/LJetKjppH7uqS3IWqd Fti/fjPpnONUn0Np2wFVOH6ecLI7X8xrDD0nrekQvZIuuDBQTE7EtifYri17vswm PWi3o2Egaq2lP92dcVJU/ig2qYxpe5o6gKvODRLU1LvsDQh0j1rMr7OfB1QadEvl JhA86kgP2pCi4Eo5cu2yDf1OAGD/BqqhmgwStqZGRxjtxMUlmxo3RiEUpBiVJ5Kg mdTjElyougMso7VIsQipfsQiI7KBosUtkFNV2G7i4v6CAUMscCJI8V3QsWnxcPig AlI= -----END CERTIFICATE-----Generated at Tue May 12 23:44:15 2026 by rpki-client