$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa File: 42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa (raw, json) Hash identifier: yELuZQete15nqZlrNugYDUvrEybfBYkhv7pBz+Mn2hM= Subject key identifier: B1:A1:72:0C:19:46:AD:A5:A9:45:3C:5C:FD:0E:0E:AB:5B:69:20:49 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6FEBC7F25862608F0B41A61E489E7E5F30C35731 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa Signing time: Sat 09 May 2026 00:00:43 +0000 ROA not before: Sat 09 May 2026 00:00:43 +0000 ROA not after: Fri 07 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:e0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:eb:c7:f2:58:62:60:8f:0b:41:a6:1e:48:9e:7e:5f:30:c3:57:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 9 00:00:43 2026 GMT Not After : Aug 7 23:59:59 2026 GMT Subject: serialNumber=e28eb59f01e031c487d74b7d1686ff4b51d14eb7ddb8106f9cdff7e6915f9577, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:95:9f:76:99:d2:ba:a5:a0:bd:f0:eb:43:15: 29:78:c4:a8:86:66:97:70:43:4d:5a:02:09:d6:ae: 36:18:52:b2:5d:d3:9a:b0:85:ca:7c:74:99:92:2f: dc:f7:99:00:6d:23:70:ea:ad:31:f3:c9:45:19:9d: d2:91:aa:c8:d6:55:e3:8e:07:2a:2c:3e:6c:1a:b7: 10:5d:2c:3d:0c:96:80:3a:1f:0c:34:bb:4e:f2:ec: d0:9c:ac:93:e8:0e:b8:2e:db:1e:35:dd:24:64:ca: 95:7b:8c:4f:90:b6:1e:9c:f1:16:b2:3f:f7:2c:81: 54:08:ce:c4:3d:3b:93:59:1b:82:da:9c:cc:d5:33: d3:c8:04:4b:0f:53:a1:07:59:39:68:16:f8:89:64: 35:b3:42:c9:ed:8d:fd:7e:81:b7:aa:46:87:5e:76: fd:db:42:b0:d9:a7:cf:2d:6c:74:06:52:13:c8:58: 6e:fc:26:1f:f9:41:e4:96:34:1e:7e:20:27:f1:d3: 0f:59:a0:06:8a:a3:ff:30:59:3e:25:cf:1a:e1:71: c7:78:88:2c:05:2b:95:0e:d2:30:8b:44:b6:15:08: 29:f6:b3:10:c6:ae:6c:b0:b5:c1:e3:09:9f:5e:9f: 97:3e:b1:44:41:69:45:9a:dc:1e:a0:55:57:13:b3: 8f:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:A1:72:0C:19:46:AD:A5:A9:45:3C:5C:FD:0E:0E:AB:5B:69:20:49 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/42fd5a96-21e9-4ef8-b27f-5a7f996b84d2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:e0c0::/48 Signature Algorithm: sha256WithRSAEncryption 7e:4f:c8:7e:72:71:75:78:5e:47:8c:ae:d4:9b:7e:18:08:f8: 19:46:a9:5b:2a:4d:93:99:98:24:a0:49:68:7d:2b:2c:94:e4: c5:d0:96:d6:07:f6:79:1c:9c:02:33:b5:ce:1b:91:21:48:f8: c1:90:6f:73:80:7f:11:07:b8:d1:ea:7a:e2:f2:83:7f:89:64: c7:56:b3:90:39:b9:a8:b1:d0:a1:6a:b6:32:80:71:f4:af:05: d4:d6:9f:6e:b4:75:83:58:48:0e:53:dd:47:43:30:d8:9b:c8: cb:32:0d:45:81:bc:73:44:18:be:05:08:c8:ae:83:45:a6:15: b4:89:96:c6:7d:55:c7:26:a3:2d:76:71:7c:dd:e6:6b:11:e5: e4:40:3e:53:b3:df:3b:9e:b7:01:be:9b:b6:88:b0:b9:2f:3a: 71:ba:9d:d6:16:6f:6c:3a:db:4d:49:9f:17:cf:14:61:a7:04: b5:93:4e:1a:d0:09:53:75:b4:b7:e9:00:b0:20:08:38:6d:da: 94:ce:90:60:47:f3:43:6e:d0:7d:a7:a3:bb:69:81:ba:a0:34: 99:b8:9f:d4:1f:da:b3:2e:fd:2f:9b:c8:4e:1c:d0:1f:63:97: 6d:74:a6:9e:52:d6:37:ab:3a:bf:40:f0:31:4a:d4:d2:30:0c: 11:b7:3b:4d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUb+vH8lhiYI8LQaYeSJ5+XzDDVzEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwOTAwMDA0M1oX DTI2MDgwNzIzNTk1OVowejFJMEcGA1UEBRNAZTI4ZWI1OWYwMWUwMzFjNDg3ZDc0 YjdkMTY4NmZmNGI1MWQxNGViN2RkYjgxMDZmOWNkZmY3ZTY5MTVmOTU3NzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJWfdpnSuqWgvfDrQxUpeMSohmaX cENNWgIJ1q42GFKyXdOasIXKfHSZki/c95kAbSNw6q0x88lFGZ3SkarI1lXjjgcq LD5sGrcQXSw9DJaAOh8MNLtO8uzQnKyT6A64LtseNd0kZMqVe4xPkLYenPEWsj/3 LIFUCM7EPTuTWRuC2pzM1TPTyARLD1OhB1k5aBb4iWQ1s0LJ7Y39foG3qkaHXnb9 20Kw2afPLWx0BlITyFhu/CYf+UHkljQefiAn8dMPWaAGiqP/MFk+Jc8a4XHHeIgs BSuVDtIwi0S2FQgp9rMQxq5ssLXB4wmfXp+XPrFEQWlFmtweoFVXE7OPSwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLGhcgwZRq2lqUU8XP0ODqtbaSBJMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQyZmQ1YTk2LTIxZTktNGVmOC1iMjdmLTVhN2Y5OTZiODRkMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8uDAMA0GCSqGSIb3DQEBCwUAA4IBAQB+T8h+cnF1eF5HjK7U m34YCPgZRqlbKk2TmZgkoElofSsslOTF0JbWB/Z5HJwCM7XOG5EhSPjBkG9zgH8R B7jR6nri8oN/iWTHVrOQObmosdCharYygHH0rwXU1p9utHWDWEgOU91HQzDYm8jL Mg1FgbxzRBi+BQjIroNFphW0iZbGfVXHJqMtdnF83eZrEeXkQD5Ts987nrcBvpu2 iLC5Lzpxup3WFm9sOttNSZ8XzxRhpwS1k04a0AlTdbS36QCwIAg4bdqUzpBgR/ND btB9p6O7aYG6oDSZuJ/UH9qzLv0vm8hOHNAfY5dtdKaeUtY3qzq/QPAxStTSMAwR tztN -----END CERTIFICATE-----Generated at Tue May 12 23:31:20 2026 by rpki-client