$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2ebdc1e9-0e4b-42ff-9a27-800b739897a5.roa File: 2ebdc1e9-0e4b-42ff-9a27-800b739897a5.roa (raw, json) Hash identifier: ZZPJ7u9iCzCeq1k2UpaTMCLU2Y00U1iu9hJd/qoeIL0= Subject key identifier: 68:16:14:15:2F:72:2E:C1:BD:E3:8E:BF:8C:1A:59:4F:06:7B:7D:C9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1963B03383D363C1BBC0D0C84072A27208C9EA98 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2ebdc1e9-0e4b-42ff-9a27-800b739897a5.roa Signing time: Mon 11 May 2026 00:01:16 +0000 ROA not before: Mon 11 May 2026 00:01:16 +0000 ROA not after: Sun 09 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:a080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:63:b0:33:83:d3:63:c1:bb:c0:d0:c8:40:72:a2:72:08:c9:ea:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 11 00:01:16 2026 GMT Not After : Aug 9 23:59:59 2026 GMT Subject: serialNumber=5ae0234d98d438b7574d53e2282aeea16dbd831b28dd21f1f49533cf4f6af33a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:4f:55:68:9c:7b:06:11:b7:30:20:fb:de:b3: f4:95:6c:6e:89:c7:8e:6e:1a:8e:ee:c8:61:63:0c: 64:4c:f1:64:7e:d7:c7:3c:fb:93:05:45:1c:6f:9a: 05:23:75:3a:f1:76:01:f8:19:8b:d4:a9:a9:3e:6f: 1e:b7:d4:3f:3f:78:3a:7d:7f:63:4e:6d:33:a7:e6: 76:87:be:ed:ca:29:e9:d7:d3:1f:2a:60:7a:5a:dd: a1:eb:75:23:7b:e6:e3:0f:2d:0c:7b:1c:a0:16:87: 08:9d:7e:cd:e7:6b:61:89:c7:ce:f7:70:dc:57:f5: 3b:3a:bd:92:86:05:2c:10:b9:47:f6:ee:bd:13:cb: 7a:f9:6a:cc:d1:08:3a:07:15:2b:b1:a1:11:06:8d: ce:92:76:6b:4a:c4:2c:2c:cc:e1:fc:76:74:c8:42: 73:80:d3:73:3d:5d:3a:89:a4:40:61:c6:d0:c4:9f: 10:d7:18:87:3a:01:78:5d:af:60:3c:11:54:93:07: 4c:43:23:5f:fe:56:4a:05:46:83:f3:77:81:77:e1: 41:64:df:2c:4a:b3:7d:0d:44:5e:01:74:00:4c:14: 5d:36:b2:d7:06:eb:98:e1:5e:da:bc:ad:25:f5:a8: 8a:66:45:a0:45:ee:a3:fa:88:c5:1b:3b:7a:6e:49: ec:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:16:14:15:2F:72:2E:C1:BD:E3:8E:BF:8C:1A:59:4F:06:7B:7D:C9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2ebdc1e9-0e4b-42ff-9a27-800b739897a5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:a080::/48 Signature Algorithm: sha256WithRSAEncryption 9e:47:08:20:8e:94:59:83:5b:5c:25:f9:ce:5c:e8:ba:f1:16: d7:14:93:ba:1a:7a:af:d5:a5:10:b2:98:2d:32:9b:fa:9d:40: 6d:6a:0e:c5:6f:a9:a3:9b:1d:c3:da:24:46:77:dc:ab:db:82: 76:6e:8c:68:ad:e6:09:fa:44:8f:0a:bc:6a:33:c7:ea:53:ee: e8:b9:33:73:bd:e3:ae:df:05:41:a6:6a:fa:48:c0:4e:da:14: cf:37:68:fc:2c:2f:83:af:e5:8f:09:8d:c7:fb:93:cc:e8:3a: 28:89:ee:60:21:1f:39:ba:87:18:06:46:48:44:87:07:6a:59: c0:b7:5b:d6:6b:2d:2f:6b:f5:45:82:9e:c9:c0:92:81:0e:e2: 58:69:30:39:1c:41:6c:8d:c9:c5:da:a0:ed:54:33:63:3e:bd: 38:aa:7b:ce:1e:f0:56:56:7f:eb:f5:ba:7a:ba:de:d4:f1:eb: 1a:0b:8b:56:3a:ca:40:63:2c:8e:53:1d:eb:d3:8f:81:5e:be: fa:52:84:cc:d4:07:66:66:c7:7d:15:b6:fa:1e:6a:d9:96:b5: f6:73:57:b0:cd:5e:c7:f5:d3:88:1e:40:87:48:e2:3c:d5:b1: dc:e2:bf:03:9e:98:45:0a:91:d3:06:f6:5e:48:94:be:30:37: 5e:b8:24:4f -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUGWOwM4PTY8G7wNDIQHKicgjJ6pgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMTAwMDExNloX DTI2MDgwOTIzNTk1OVowejFJMEcGA1UEBRNANWFlMDIzNGQ5OGQ0MzhiNzU3NGQ1 M2UyMjgyYWVlYTE2ZGJkODMxYjI4ZGQyMWYxZjQ5NTMzY2Y0ZjZhZjMzYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA309VaJx7BhG3MCD73rP0lWxuiceO bhqO7shhYwxkTPFkftfHPPuTBUUcb5oFI3U68XYB+BmL1KmpPm8et9Q/P3g6fX9j Tm0zp+Z2h77tyinp19MfKmB6Wt2h63Uje+bjDy0MexygFocInX7N52thicfO93Dc V/U7Or2ShgUsELlH9u69E8t6+WrM0Qg6BxUrsaERBo3OknZrSsQsLMzh/HZ0yEJz gNNzPV06iaRAYcbQxJ8Q1xiHOgF4Xa9gPBFUkwdMQyNf/lZKBUaD83eBd+FBZN8s SrN9DUReAXQATBRdNrLXBuuY4V7avK0l9aiKZkWgRe6j+ojFGzt6bknsLQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGgWFBUvci7BveOOv4waWU8Ge33JMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJlYmRjMWU5LTBlNGItNDJmZi05YTI3LTgwMGI3Mzk4OTdhNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAKCAMA0GCSqGSIb3DQEBCwUAA4IBAQCeRwggjpRZg1tcJfnO XOi68RbXFJO6Gnqv1aUQspgtMpv6nUBtag7Fb6mjmx3D2iRGd9yr24J2boxoreYJ +kSPCrxqM8fqU+7ouTNzveOu3wVBpmr6SMBO2hTPN2j8LC+Dr+WPCY3H+5PM6Doo ie5gIR85uocYBkZIRIcHalnAt1vWay0va/VFgp7JwJKBDuJYaTA5HEFsjcnF2qDt VDNjPr04qnvOHvBWVn/r9bp6ut7U8esaC4tWOspAYyyOUx3r04+BXr76UoTM1Adm Zsd9Fbb6HmrZlrX2c1ewzV7H9dOIHkCHSOI81bHc4r8DnphFCpHTBvZeSJS+MDde uCRP -----END CERTIFICATE-----Generated at Tue May 12 23:44:32 2026 by rpki-client