$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49fb7e22-9413-4e85-9c70-9dd3a60de128.roa File: 49fb7e22-9413-4e85-9c70-9dd3a60de128.roa (raw, json) Hash identifier: QYwO/kE0n/I9Q2BWs2wsStQESLAjXSUbLFbAuiFlnv4= Subject key identifier: AC:30:FA:10:8C:69:78:BF:5C:BC:2F:67:7D:48:00:B1:C2:7A:42:D3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 287542FD1777A70DAA2C3150301E41E14C81ACC0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49fb7e22-9413-4e85-9c70-9dd3a60de128.roa Signing time: Mon 11 May 2026 00:11:01 +0000 ROA not before: Mon 11 May 2026 00:11:01 +0000 ROA not after: Sun 09 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:f040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:75:42:fd:17:77:a7:0d:aa:2c:31:50:30:1e:41:e1:4c:81:ac:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 11 00:11:01 2026 GMT Not After : Aug 9 23:59:59 2026 GMT Subject: serialNumber=7066898154dc7d05379e72b052b6ea6b983e2b1d6fa6b644df9f818f40ec5da9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:78:fc:1b:5c:de:ee:35:72:21:43:85:bf:89: 89:a0:13:00:3d:f1:d7:e3:96:aa:a9:2d:44:58:c0: 4a:c8:4d:71:91:16:f9:cf:0e:30:b9:db:e1:ff:5b: 82:6d:f6:35:8e:48:82:17:c8:a3:9a:26:a9:53:a7: f2:a8:65:b1:88:b6:a4:29:9a:4f:16:28:bd:65:a2: 0f:e5:40:78:e7:29:19:10:87:da:ef:10:37:38:30: 9b:86:21:b1:63:3b:8f:c8:a9:fa:6b:92:73:5a:99: f0:ea:d0:2b:58:46:68:1a:17:a0:66:89:2d:a9:f3: ad:7c:5f:50:2a:70:32:b7:51:35:d9:03:e9:bc:ab: 8a:7f:07:41:30:0f:45:e4:bf:bb:c1:4d:33:01:a6: ef:85:ef:44:d5:1d:ff:e5:52:0e:75:f1:80:d5:f9: ae:85:15:b9:f9:44:4e:b7:a8:28:e2:98:a6:ec:ea: ac:e1:b7:d7:e6:2d:b9:95:89:b9:9b:8d:ce:a1:8c: 93:0e:1b:74:76:fa:7c:63:95:9f:0c:9c:01:74:a0: 3e:b7:52:93:9b:18:0c:28:a8:b0:c1:fa:3c:99:ba: 7f:06:d8:c9:72:79:e7:a9:86:f1:df:c8:3d:69:17: a1:e4:49:2c:5b:af:94:7b:62:67:35:72:3d:c3:1a: 25:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:30:FA:10:8C:69:78:BF:5C:BC:2F:67:7D:48:00:B1:C2:7A:42:D3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49fb7e22-9413-4e85-9c70-9dd3a60de128.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:f040::/48 Signature Algorithm: sha256WithRSAEncryption b5:e0:76:91:35:28:40:16:25:1e:47:ac:dd:42:48:1e:c7:28: 31:03:9d:9b:30:59:d4:d7:db:59:fc:1e:4a:53:04:b3:08:17: bd:f9:98:b1:e4:87:4d:6d:5c:33:76:c4:85:b0:4e:1e:9e:98: 06:03:d1:4b:22:36:d9:9a:0d:fc:9d:c9:c2:b8:b3:12:68:33: b9:b4:26:25:85:c5:fa:a4:70:a1:ef:86:70:40:c1:4e:73:58: 03:91:64:bf:ee:a3:26:a8:c6:0b:f7:6e:c5:03:8b:e0:5d:59: 80:fa:b1:cd:27:84:96:70:6e:51:5b:aa:43:eb:7a:a6:6f:ff: 2d:df:92:ad:51:48:0d:b5:66:19:cf:48:c1:16:eb:38:6f:e4: ba:b2:8f:3f:ae:e0:bf:6f:76:b0:f3:2f:00:1e:f8:49:e9:f4: 53:65:e2:dd:08:f9:fa:60:f7:18:09:ca:35:bd:64:49:e1:e5: b7:7c:29:b3:c1:5a:26:f3:1d:e4:19:67:4d:7a:9e:8a:b9:9c: 39:77:64:d7:af:8c:52:f0:b8:14:fc:f9:9d:62:f5:81:fb:e2: 16:50:4e:ed:dd:fc:5b:3f:c2:16:60:5c:91:12:65:c4:a6:81: f2:1c:9c:4b:71:55:b9:59:f7:e8:89:66:43:81:44:ab:8a:03: bd:a2:87:82 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUKHVC/Rd3pw2qLDFQMB5B4UyBrMAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMTAwMTEwMVoX DTI2MDgwOTIzNTk1OVowejFJMEcGA1UEBRNANzA2Njg5ODE1NGRjN2QwNTM3OWU3 MmIwNTJiNmVhNmI5ODNlMmIxZDZmYTZiNjQ0ZGY5ZjgxOGY0MGVjNWRhOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3j8G1ze7jVyIUOFv4mJoBMAPfHX 45aqqS1EWMBKyE1xkRb5zw4wudvh/1uCbfY1jkiCF8ijmiapU6fyqGWxiLakKZpP Fii9ZaIP5UB45ykZEIfa7xA3ODCbhiGxYzuPyKn6a5JzWpnw6tArWEZoGhegZokt qfOtfF9QKnAyt1E12QPpvKuKfwdBMA9F5L+7wU0zAabvhe9E1R3/5VIOdfGA1fmu hRW5+UROt6go4pim7Oqs4bfX5i25lYm5m43OoYyTDht0dvp8Y5WfDJwBdKA+t1KT mxgMKKiwwfo8mbp/BtjJcnnnqYbx38g9aReh5EksW6+Ue2JnNXI9wxoliQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKww+hCMaXi/XLwvZ31IALHCekLTMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ5ZmI3ZTIyLTk0MTMtNGU4NS05YzcwLTlkZDNhNjBkZTEyOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8vBAMA0GCSqGSIb3DQEBCwUAA4IBAQC14HaRNShAFiUeR6zd QkgexygxA52bMFnU19tZ/B5KUwSzCBe9+Zix5IdNbVwzdsSFsE4enpgGA9FLIjbZ mg38ncnCuLMSaDO5tCYlhcX6pHCh74ZwQMFOc1gDkWS/7qMmqMYL927FA4vgXVmA +rHNJ4SWcG5RW6pD63qmb/8t35KtUUgNtWYZz0jBFus4b+S6so8/ruC/b3aw8y8A HvhJ6fRTZeLdCPn6YPcYCco1vWRJ4eW3fCmzwVom8x3kGWdNep6KuZw5d2TXr4xS 8LgU/PmdYvWB++IWUE7t3fxbP8IWYFyREmXEpoHyHJxLcVW5WffoiWZDgUSrigO9 ooeC -----END CERTIFICATE-----Generated at Tue May 12 23:35:14 2026 by rpki-client