$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32a8804a-cd62-459c-9e3e-b31c5f2e004d.roa File: 32a8804a-cd62-459c-9e3e-b31c5f2e004d.roa (raw, json) Hash identifier: KaN+6r31dQROsf3eOi7Tl58RxR/Zmi1L9uvVaXd+5TY= Subject key identifier: 48:44:25:59:E2:35:A6:C1:BD:F0:DB:AE:34:A3:9C:E8:C3:28:92:93 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 56BB79749380390EC51869D40642550C625181AD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32a8804a-cd62-459c-9e3e-b31c5f2e004d.roa Signing time: Sat 02 May 2026 00:20:04 +0000 ROA not before: Sat 02 May 2026 00:20:04 +0000 ROA not after: Fri 31 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daea:c040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:bb:79:74:93:80:39:0e:c5:18:69:d4:06:42:55:0c:62:51:81:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:20:04 2026 GMT Not After : Jul 31 23:59:59 2026 GMT Subject: serialNumber=3394df3e0ca119396e2bff40e9867dffbf26acba27f9bcd3fb71c1e871b8d814, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:ba:42:bc:d1:71:8a:ab:e3:c3:a4:17:d4:f9: 41:f4:ce:dc:79:ee:31:f4:13:45:8a:dc:ee:bd:52: fa:e5:bc:25:73:e4:ff:24:87:4a:69:c5:04:65:ea: 6c:b0:41:9d:6a:84:0e:a8:5d:c0:9a:f4:39:a3:1e: a8:dd:3f:6a:16:1a:fd:38:42:19:26:f0:9e:c6:7d: 37:5b:27:42:b8:64:90:f2:0d:9c:c3:b6:79:d5:aa: 75:e2:2a:41:fb:65:fb:1f:02:45:e0:35:90:73:34: 83:c4:cd:79:44:7a:c0:a6:ca:22:87:29:59:2f:42: ed:82:69:63:01:e8:94:df:1e:e8:02:cc:57:3c:49: 11:76:82:7d:0b:ec:77:d8:1f:57:bd:40:98:3f:cb: dc:e1:29:b7:38:39:ba:16:04:0e:cb:6c:6b:c3:fa: 1f:60:61:66:23:98:ba:3c:0b:6d:4b:f8:61:12:ef: 7b:10:d0:aa:b2:27:56:60:87:04:f0:c1:a9:07:08: 71:9d:82:3c:2b:a9:42:72:ef:f4:6a:8e:bb:af:ca: c4:73:d1:41:f2:6a:f7:dc:62:5d:5d:84:ce:be:40: 38:54:bd:e6:04:8a:5d:10:76:54:21:a5:e7:be:6d: c8:08:b3:7e:c6:da:dc:df:88:f7:99:24:a9:5c:6a: 71:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:44:25:59:E2:35:A6:C1:BD:F0:DB:AE:34:A3:9C:E8:C3:28:92:93 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32a8804a-cd62-459c-9e3e-b31c5f2e004d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daea:c040::/48 Signature Algorithm: sha256WithRSAEncryption 2c:3c:59:a7:6e:73:ed:e7:8f:ff:d0:ba:ab:68:a9:d2:d3:90: b2:ee:96:c7:bd:12:dd:bc:13:c6:7d:d1:d2:61:03:44:64:35: 27:b2:ae:b3:33:3d:43:74:c8:77:66:fe:6a:8c:28:5f:5d:37: 2a:aa:77:eb:d5:06:e0:b0:ac:ab:cd:38:24:63:e5:6b:ef:07: ec:bb:91:b7:63:67:f8:83:18:b3:ef:6f:91:ae:9b:87:62:55: 21:e0:e7:92:e9:76:31:13:23:b0:ba:46:7d:f2:43:a7:53:68: 0c:c7:cf:be:76:3e:79:53:65:e6:15:8e:fc:ee:7a:44:ef:33: e6:2e:51:35:e9:78:40:5c:d4:0b:d7:04:00:50:9a:f1:5f:be: be:26:2d:c4:ee:17:bf:82:db:29:85:bb:50:cd:5c:64:e2:1a: dc:41:d4:b8:80:6d:01:2f:8b:dd:29:4d:1e:7b:34:59:75:45: 2b:68:15:95:52:67:fe:08:ed:69:7d:5b:f3:e1:2b:9b:6b:90: 26:a8:b3:ff:de:c1:b0:da:34:4c:72:1c:3f:b8:a3:70:53:ab: aa:54:27:55:8f:5f:5e:2b:6b:6f:21:f5:6a:74:3c:10:98:a9: ac:8b:5a:ec:25:9c:ff:17:b2:fc:a0:1b:40:d0:9a:7e:ed:47: 6c:2a:37:9a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUVrt5dJOAOQ7FGGnUBkJVDGJRga0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwMjAwMjAwNFoX DTI2MDczMTIzNTk1OVowejFJMEcGA1UEBRNAMzM5NGRmM2UwY2ExMTkzOTZlMmJm ZjQwZTk4NjdkZmZiZjI2YWNiYTI3ZjliY2QzZmI3MWMxZTg3MWI4ZDgxNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbpCvNFxiqvjw6QX1PlB9M7cee4x 9BNFitzuvVL65bwlc+T/JIdKacUEZepssEGdaoQOqF3AmvQ5ox6o3T9qFhr9OEIZ JvCexn03WydCuGSQ8g2cw7Z51ap14ipB+2X7HwJF4DWQczSDxM15RHrApsoihylZ L0LtgmljAeiU3x7oAsxXPEkRdoJ9C+x32B9XvUCYP8vc4Sm3ODm6FgQOy2xrw/of YGFmI5i6PAttS/hhEu97ENCqsidWYIcE8MGpBwhxnYI8K6lCcu/0ao67r8rEc9FB 8mr33GJdXYTOvkA4VL3mBIpdEHZUIaXnvm3ICLN+xtrc34j3mSSpXGpxlwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEhEJVniNabBvfDbrjSjnOjDKJKTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMyYTg4MDRhLWNkNjItNDU5Yy05ZTNlLWIzMWM1ZjJlMDA0ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6sBAMA0GCSqGSIb3DQEBCwUAA4IBAQAsPFmnbnPt54//0Lqr aKnS05Cy7pbHvRLdvBPGfdHSYQNEZDUnsq6zMz1DdMh3Zv5qjChfXTcqqnfr1Qbg sKyrzTgkY+Vr7wfsu5G3Y2f4gxiz72+RrpuHYlUh4OeS6XYxEyOwukZ98kOnU2gM x8++dj55U2XmFY787npE7zPmLlE16XhAXNQL1wQAUJrxX76+Ji3E7he/gtsphbtQ zVxk4hrcQdS4gG0BL4vdKU0eezRZdUUraBWVUmf+CO1pfVvz4Suba5AmqLP/3sGw 2jRMchw/uKNwU6uqVCdVj19eK2tvIfVqdDwQmKmsi1rsJZz/F7L8oBtA0Jp+7Uds Kjea -----END CERTIFICATE-----Generated at Tue May 12 23:26:31 2026 by rpki-client