$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49e84179-b363-4bd7-a8a7-5203c6a98687.roa File: 49e84179-b363-4bd7-a8a7-5203c6a98687.roa (raw, json) Hash identifier: eM11rig2PnZ3TF+QJ4w8fKwxS+VnQRlwvmlfWiLRFcU= Subject key identifier: 09:6E:45:36:EE:3C:0C:1D:D9:80:8F:72:CD:CE:12:16:39:BA:C7:77 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0D09690307C9C8B3B3DF7C1160C41CF787A674DC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49e84179-b363-4bd7-a8a7-5203c6a98687.roa Signing time: Tue 12 May 2026 00:11:05 +0000 ROA not before: Tue 12 May 2026 00:11:05 +0000 ROA not after: Mon 10 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:e000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:09:69:03:07:c9:c8:b3:b3:df:7c:11:60:c4:1c:f7:87:a6:74:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 12 00:11:05 2026 GMT Not After : Aug 10 23:59:59 2026 GMT Subject: serialNumber=7b494ccb9ab6d932f793b6da9a61189eec02c0fdf1206a2229ae595f5dcd0278, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:c6:6e:48:ee:88:3f:22:a6:46:a5:06:52:3a: 9b:46:a0:1a:2a:93:f6:20:9e:5f:9b:74:d6:95:87: 04:99:da:e8:41:fe:a9:6d:cc:d2:64:33:07:10:eb: 76:e2:0a:df:32:b0:78:05:50:b4:f4:57:3b:eb:ac: a6:fb:fe:59:a2:2a:72:ec:77:95:74:4a:2d:56:c4: 2d:86:d2:4a:00:ed:48:1a:96:c6:8d:72:95:58:85: e5:0d:b1:f3:3a:05:43:ec:59:cf:51:c2:df:9e:40: 69:44:df:28:77:0b:e9:93:5c:43:70:b8:b4:5a:00: fc:7f:e5:01:20:1e:cc:47:6d:41:bc:0a:e2:e5:ce: 3d:77:ad:86:d3:be:d0:7a:a0:59:40:3d:fa:4e:aa: 5c:7f:7e:79:3c:18:6f:c6:73:37:51:c7:0c:a3:ef: 40:6b:2a:3c:ad:e1:51:0e:1a:87:be:1d:50:75:79: b9:27:23:ed:c9:1a:0e:c5:23:8c:64:27:12:77:0a: 1c:22:d0:95:e7:6b:cc:42:08:13:8e:e7:de:6f:5d: 68:e7:48:1b:00:99:e0:d7:f6:61:1c:68:ad:4e:10: 3b:62:4d:39:14:e5:31:3f:cf:ea:08:8f:00:ec:61: 32:e5:c4:ba:fe:d4:c8:14:f2:58:e1:4b:2c:ac:af: 2c:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:6E:45:36:EE:3C:0C:1D:D9:80:8F:72:CD:CE:12:16:39:BA:C7:77 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49e84179-b363-4bd7-a8a7-5203c6a98687.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:e000::/40 Signature Algorithm: sha256WithRSAEncryption a7:e0:3d:c2:a7:a8:e6:f9:e5:1e:7d:7d:67:0a:16:72:1c:f4: 78:8a:53:20:9e:bd:62:ac:4e:16:a3:8d:4e:67:c8:d7:ba:5d: f8:46:22:79:c4:72:87:34:eb:50:ba:95:81:6c:c0:37:3b:6e: ad:2b:bb:a0:83:19:80:ee:6b:2c:d2:5b:9d:90:b9:5f:1d:be: 93:21:0e:2c:54:2d:b8:fd:38:2c:43:31:b3:c0:b1:76:1c:e0: 7d:97:88:27:42:aa:2b:ca:7c:16:b0:f2:ac:dc:c0:bf:c7:13: 6c:c0:1a:96:85:38:a3:01:f4:89:19:73:50:24:5f:27:bc:b5: 75:e5:d4:61:e9:06:dc:4c:15:0e:0a:35:18:6f:b8:be:0c:f6: e2:49:37:41:4e:b6:74:3a:98:55:2c:5d:3f:e5:4e:9e:6f:3e: 02:0a:33:6c:bc:ac:ff:b0:ca:eb:9a:40:af:29:88:d3:f6:22: 7a:2f:92:c4:a2:09:bf:cb:c3:cf:d2:be:67:f6:5d:59:02:d4: 71:8e:dd:20:6a:14:e6:c2:83:e8:a1:89:83:c4:2a:11:ce:e6: d9:b8:ed:24:58:cc:4b:06:11:d0:c5:cc:84:ea:d0:59:a7:bf: 4c:38:4b:13:69:64:90:26:ff:e1:04:fa:e2:8a:58:d8:83:ed: a3:45:72:6f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDQlpAwfJyLOz33wRYMQc94emdNwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMjAwMTEwNVoX DTI2MDgxMDIzNTk1OVowejFJMEcGA1UEBRNAN2I0OTRjY2I5YWI2ZDkzMmY3OTNi NmRhOWE2MTE4OWVlYzAyYzBmZGYxMjA2YTIyMjlhZTU5NWY1ZGNkMDI3ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcZuSO6IPyKmRqUGUjqbRqAaKpP2 IJ5fm3TWlYcEmdroQf6pbczSZDMHEOt24grfMrB4BVC09Fc766ym+/5Zoipy7HeV dEotVsQthtJKAO1IGpbGjXKVWIXlDbHzOgVD7FnPUcLfnkBpRN8odwvpk1xDcLi0 WgD8f+UBIB7MR21BvAri5c49d62G077QeqBZQD36Tqpcf355PBhvxnM3UccMo+9A ayo8reFRDhqHvh1QdXm5JyPtyRoOxSOMZCcSdwocItCV52vMQggTjufeb11o50gb AJng1/ZhHGitThA7Yk05FOUxP8/qCI8A7GEy5cS6/tTIFPJY4UssrK8sIQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAluRTbuPAwd2YCPcs3OEhY5usd3MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ5ZTg0MTc5LWIzNjMtNGJkNy1hOGE3LTUyMDNjNmE5ODY4Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAOAwDQYJKoZIhvcNAQELBQADggEBAKfgPcKnqOb55R59fWcK FnIc9HiKUyCevWKsThajjU5nyNe6XfhGInnEcoc061C6lYFswDc7bq0ru6CDGYDu ayzSW52QuV8dvpMhDixULbj9OCxDMbPAsXYc4H2XiCdCqivKfBaw8qzcwL/HE2zA GpaFOKMB9IkZc1AkXye8tXXl1GHpBtxMFQ4KNRhvuL4M9uJJN0FOtnQ6mFUsXT/l Tp5vPgIKM2y8rP+wyuuaQK8piNP2InovksSiCb/Lw8/Svmf2XVkC1HGO3SBqFObC g+ihiYPEKhHO5tm47SRYzEsGEdDFzITq0Fmnv0w4SxNpZJAm/+EE+uKKWNiD7aNF cm8= -----END CERTIFICATE-----Generated at Tue May 12 23:42:51 2026 by rpki-client