$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a0a7106-352f-4541-b326-040109351c64.roa File: 4a0a7106-352f-4541-b326-040109351c64.roa (raw, json) Hash identifier: k3HMinqSeGbrdFg3cx+g+uviad2kLAswl95ENx4DHkU= Subject key identifier: 5F:A0:C8:44:61:52:2E:1E:B7:1A:2F:AA:0C:AE:7C:DC:73:F6:2A:E2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 23448554EE68B0505EEF607C5B3219C48034BD7E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a0a7106-352f-4541-b326-040109351c64.roa Signing time: Mon 11 May 2026 00:30:16 +0000 ROA not before: Mon 11 May 2026 00:30:16 +0000 ROA not after: Sun 09 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:44:85:54:ee:68:b0:50:5e:ef:60:7c:5b:32:19:c4:80:34:bd:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 11 00:30:16 2026 GMT Not After : Aug 9 23:59:59 2026 GMT Subject: serialNumber=208847fca1b2720bfb0673c543307e9b24765c6b0125810b7959d6a29b5e5871, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:30:ab:9f:b9:6e:64:0b:24:83:91:fe:f4:6e: fb:68:08:95:82:f2:9a:e4:6b:21:cc:dd:5f:5b:30: 43:ad:9c:45:aa:fc:9a:c1:ea:f9:39:7d:d6:c8:78: 2e:bc:b2:0f:c9:4d:bd:b0:68:69:02:dc:ef:c9:85: b3:7d:e8:f5:18:39:f9:7e:84:83:fc:5c:8a:8f:fd: fe:95:90:64:c9:3d:28:c9:9f:1f:88:76:17:10:1b: 5c:98:c6:1c:5e:e6:86:cd:62:31:d3:e0:00:b9:94: 49:a5:42:bf:46:96:4c:ae:62:73:fd:c8:f5:8c:f5: 0a:2a:8d:31:3d:c9:ed:a9:f0:06:c8:6f:e6:91:3d: 15:16:91:17:2e:98:14:13:dc:47:35:3f:a8:59:98: 53:42:48:e2:a8:9f:0c:5d:77:2c:45:92:5c:6d:77: 2b:a3:1a:28:19:a4:fd:93:40:2d:c0:b3:8f:0b:55: 4f:f1:4b:b6:47:1b:f2:08:ef:f6:bf:ca:25:02:30: 09:a7:59:ca:f6:0e:59:15:ba:ca:98:11:0f:76:81: 60:bc:54:43:3c:78:15:f5:60:3c:c1:fe:b8:74:69: ac:5e:a4:41:e0:03:42:cf:77:29:59:e3:2a:11:f7: 5b:26:8c:8a:ff:21:91:28:02:35:10:36:aa:6b:9c: 45:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:A0:C8:44:61:52:2E:1E:B7:1A:2F:AA:0C:AE:7C:DC:73:F6:2A:E2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a0a7106-352f-4541-b326-040109351c64.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:8c0::/48 Signature Algorithm: sha256WithRSAEncryption 0d:2a:96:6d:fc:4c:dd:a1:ee:09:02:f1:bd:11:97:57:15:74: b4:a1:51:61:6c:b8:d7:53:97:02:ee:1d:c6:b6:61:c6:03:e3: 28:fe:75:4b:ca:87:fd:5e:64:03:c0:a7:fd:30:1b:39:c1:45: 82:33:46:0f:ce:d9:1c:ad:88:41:91:7e:8b:ca:e2:26:68:67: d9:f2:50:3e:53:2b:4c:33:eb:d8:4e:94:97:8f:56:ff:3f:9f: 80:20:f4:68:6d:e1:0f:1c:61:63:4e:01:08:23:5e:7e:56:61: f8:65:56:57:2e:06:53:98:d9:67:fe:b0:79:57:35:78:6a:42: fc:4e:45:16:e6:61:93:6d:27:f1:c3:09:01:ca:ff:cc:bb:37: 8e:71:0a:be:f3:3b:29:45:29:aa:4c:59:34:4a:11:d6:3d:98: 67:3f:34:ac:a0:6e:82:16:53:50:80:ac:8d:48:a0:62:2e:26: c5:e4:cc:22:79:ba:65:43:45:72:7c:b4:b5:80:b7:da:9b:b6: 26:51:a4:a3:4d:6f:27:55:b8:98:b3:88:7a:cf:c6:5f:32:0e: c9:9f:ef:2c:f0:c4:0f:48:8e:f5:5e:7b:73:c0:53:c1:e5:2c: 01:cd:b9:43:60:45:e4:b9:a5:4e:a8:73:6c:a6:3b:85:16:80: 93:89:c2:de -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUI0SFVO5osFBe72B8WzIZxIA0vX4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMTAwMzAxNloX DTI2MDgwOTIzNTk1OVowejFJMEcGA1UEBRNAMjA4ODQ3ZmNhMWIyNzIwYmZiMDY3 M2M1NDMzMDdlOWIyNDc2NWM2YjAxMjU4MTBiNzk1OWQ2YTI5YjVlNTg3MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDCrn7luZAskg5H+9G77aAiVgvKa 5GshzN1fWzBDrZxFqvyawer5OX3WyHguvLIPyU29sGhpAtzvyYWzfej1GDn5foSD /FyKj/3+lZBkyT0oyZ8fiHYXEBtcmMYcXuaGzWIx0+AAuZRJpUK/RpZMrmJz/cj1 jPUKKo0xPcntqfAGyG/mkT0VFpEXLpgUE9xHNT+oWZhTQkjiqJ8MXXcsRZJcbXcr oxooGaT9k0AtwLOPC1VP8Uu2RxvyCO/2v8olAjAJp1nK9g5ZFbrKmBEPdoFgvFRD PHgV9WA8wf64dGmsXqRB4ANCz3cpWeMqEfdbJoyK/yGRKAI1EDaqa5xFkQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFF+gyERhUi4etxovqgyufNxz9iriMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRhMGE3MTA2LTM1MmYtNDU0MS1iMzI2LTA0MDEwOTM1MWM2NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8gjAMA0GCSqGSIb3DQEBCwUAA4IBAQANKpZt/Ezdoe4JAvG9 EZdXFXS0oVFhbLjXU5cC7h3GtmHGA+Mo/nVLyof9XmQDwKf9MBs5wUWCM0YPztkc rYhBkX6LyuImaGfZ8lA+UytMM+vYTpSXj1b/P5+AIPRobeEPHGFjTgEII15+VmH4 ZVZXLgZTmNln/rB5VzV4akL8TkUW5mGTbSfxwwkByv/MuzeOcQq+8zspRSmqTFk0 ShHWPZhnPzSsoG6CFlNQgKyNSKBiLibF5MwiebplQ0VyfLS1gLfam7YmUaSjTW8n VbiYs4h6z8ZfMg7Jn+8s8MQPSI71XntzwFPB5SwBzblDYEXkuaVOqHNspjuFFoCT icLe -----END CERTIFICATE-----Generated at Wed May 13 00:40:32 2026 by rpki-client