$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/43106760-fb11-4c13-8812-4fe15299b252.roa File: 43106760-fb11-4c13-8812-4fe15299b252.roa (raw, json) Hash identifier: 10LnO+by0j3YJzaVFL96e7P6EFpYgEysa8hy6CFaD2Q= Subject key identifier: 4E:00:7F:BF:31:41:BD:3E:A1:FD:B6:51:15:D4:20:FC:31:49:F0:53 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1D9B0178144D24D502D33F75393EC7091C7E15CC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/43106760-fb11-4c13-8812-4fe15299b252.roa Signing time: Fri 08 May 2026 00:00:53 +0000 ROA not before: Fri 08 May 2026 00:00:53 +0000 ROA not after: Thu 06 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:2000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:9b:01:78:14:4d:24:d5:02:d3:3f:75:39:3e:c7:09:1c:7e:15:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 8 00:00:53 2026 GMT Not After : Aug 6 23:59:59 2026 GMT Subject: serialNumber=8aa2d68229dfe924d0268c3c81c5ee77cba5eb13988c4aad347fd085832cbea6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:b1:a0:e8:17:bd:ea:bb:a9:78:14:b6:e0:84: 61:29:7e:4d:4a:46:c3:11:cb:d2:8d:3c:38:09:e0: fe:75:15:65:c9:d5:d1:fa:e0:73:53:f6:7d:14:70: 6c:49:18:71:e9:77:8e:cb:e9:40:13:55:99:3e:ef: 85:a8:28:58:bb:e3:b3:95:7e:93:12:23:7d:97:ab: 7a:3e:69:91:70:49:c3:ee:35:d9:b0:d4:4c:e1:6c: 5f:2c:43:08:cd:5f:d0:48:6b:c0:e4:52:05:ed:6d: c8:e5:e0:4e:8a:db:7c:22:bb:d4:ee:1d:eb:a3:8b: 25:d8:a6:66:2b:84:41:50:6f:5d:00:64:85:ac:e4: 3d:3a:19:9f:7f:7b:2a:1b:f7:2e:29:54:c6:64:f0: 65:c0:75:6a:b5:47:d6:65:85:51:ca:c3:23:8e:77: b2:67:2d:aa:03:7f:c8:b9:96:8a:a8:22:32:bc:75: 7d:d3:d4:fe:be:40:1e:19:17:83:28:e7:c2:d0:f9: a3:98:31:19:60:1d:0d:2c:d6:bd:6b:61:f7:5e:a3: 62:04:ee:d7:c6:a6:43:bf:b4:32:17:25:d2:35:7d: d0:e0:a9:a1:46:15:07:f5:b6:05:a7:6a:75:61:82: 4c:81:09:54:1f:d0:06:a9:6b:7a:2e:00:ae:73:a6: a0:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:00:7F:BF:31:41:BD:3E:A1:FD:B6:51:15:D4:20:FC:31:49:F0:53 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/43106760-fb11-4c13-8812-4fe15299b252.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:2000::/48 Signature Algorithm: sha256WithRSAEncryption 42:dc:70:cc:5d:a4:46:48:16:b9:46:84:d5:d9:41:9d:16:41: 64:cb:f5:3d:b4:aa:fc:37:cb:f5:0a:bb:0f:cd:7c:05:46:1f: 98:dd:5b:8b:5b:e0:5c:79:07:7e:25:3c:36:fe:36:45:33:74: 98:4a:41:db:a2:a8:c7:f1:d2:54:12:14:b9:75:4e:7d:74:9c: 2f:ed:53:e5:ba:70:f1:55:3e:89:67:a9:85:20:cd:22:5a:bc: 01:9f:dc:b1:50:06:af:70:e2:4a:30:44:4f:c3:40:52:cd:7e: 98:7b:b3:0a:e3:d3:07:ac:ae:2f:e7:b3:1c:2b:e4:8b:19:a1: 5b:56:cc:22:3d:b6:8f:5f:06:87:7c:48:53:c5:a9:29:41:1d: 59:7f:6a:33:8e:78:af:d9:cf:5d:f0:cb:68:cf:4a:03:fe:be: 35:bf:6f:9f:45:67:28:bb:e6:c7:6b:db:e6:22:54:98:3b:bd: 65:7b:e7:73:3e:a8:89:8a:3e:db:71:e7:15:da:c4:80:af:9e: b1:5c:e6:c0:56:4b:eb:f9:e7:b2:9d:a3:9b:d5:51:07:c8:db: 11:cd:9d:7a:69:3a:9a:5e:e7:57:7c:e7:6b:d6:dd:cb:0c:0c: 4b:a8:10:55:52:d7:1e:14:c0:1b:9a:2b:1b:36:92:30:50:d0: dc:a8:4e:67 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUHZsBeBRNJNUC0z91OT7HCRx+FcwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwODAwMDA1M1oX DTI2MDgwNjIzNTk1OVowejFJMEcGA1UEBRNAOGFhMmQ2ODIyOWRmZTkyNGQwMjY4 YzNjODFjNWVlNzdjYmE1ZWIxMzk4OGM0YWFkMzQ3ZmQwODU4MzJjYmVhNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbGg6Be96rupeBS24IRhKX5NSkbD EcvSjTw4CeD+dRVlydXR+uBzU/Z9FHBsSRhx6XeOy+lAE1WZPu+FqChYu+OzlX6T EiN9l6t6PmmRcEnD7jXZsNRM4WxfLEMIzV/QSGvA5FIF7W3I5eBOitt8IrvU7h3r o4sl2KZmK4RBUG9dAGSFrOQ9Ohmff3sqG/cuKVTGZPBlwHVqtUfWZYVRysMjjney Zy2qA3/IuZaKqCIyvHV909T+vkAeGReDKOfC0PmjmDEZYB0NLNa9a2H3XqNiBO7X xqZDv7QyFyXSNX3Q4KmhRhUH9bYFp2p1YYJMgQlUH9AGqWt6LgCuc6ag4QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFE4Af78xQb0+of22URXUIPwxSfBTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQzMTA2NzYwLWZiMTEtNGMxMy04ODEyLTRmZTE1Mjk5YjI1Mi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba9iAAMA0GCSqGSIb3DQEBCwUAA4IBAQBC3HDMXaRGSBa5RoTV 2UGdFkFky/U9tKr8N8v1CrsPzXwFRh+Y3VuLW+BceQd+JTw2/jZFM3SYSkHboqjH 8dJUEhS5dU59dJwv7VPlunDxVT6JZ6mFIM0iWrwBn9yxUAavcOJKMERPw0BSzX6Y e7MK49MHrK4v57McK+SLGaFbVswiPbaPXwaHfEhTxakpQR1Zf2ozjniv2c9d8Mto z0oD/r41v2+fRWcou+bHa9vmIlSYO71le+dzPqiJij7bcecV2sSAr56xXObAVkvr +eeynaOb1VEHyNsRzZ16aTqaXudXfOdr1t3LDAxLqBBVUtceFMAbmisbNpIwUNDc qE5n -----END CERTIFICATE-----Generated at Wed May 13 01:03:12 2026 by rpki-client