$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5b5ea3b5-d1e1-4482-9795-44899d6c1b41.roa File: 5b5ea3b5-d1e1-4482-9795-44899d6c1b41.roa (raw, json) Hash identifier: Keg4Kfjy/2dZAKjtv/kQEKF3iOWRiULGyz+tB5lFk9A= Subject key identifier: 20:38:6D:1A:D7:BC:34:7E:F2:6D:85:C3:07:D2:D6:28:F4:CD:B2:6F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 44ADEF390B8D591F71D5A1B24CD83FC7E657CCFC Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5b5ea3b5-d1e1-4482-9795-44899d6c1b41.roa Signing time: Mon 11 May 2026 00:30:12 +0000 ROA not before: Mon 11 May 2026 00:30:12 +0000 ROA not after: Sun 09 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:7000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:ad:ef:39:0b:8d:59:1f:71:d5:a1:b2:4c:d8:3f:c7:e6:57:cc:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 11 00:30:12 2026 GMT Not After : Aug 9 23:59:59 2026 GMT Subject: serialNumber=05423ce93fa5ce85c8613a7367d856d2d322d8208f11f6f5a5a8fc44ca113d85, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:e9:32:4a:60:b5:04:a4:1e:25:08:ec:bd:e8: 3f:71:2f:10:69:fe:31:e9:57:72:02:cc:71:f8:49: 83:83:51:ce:25:ef:80:c4:6e:5f:84:62:26:7a:6f: 1f:9b:6d:a2:02:85:71:e6:bd:51:00:8f:7a:e4:a8: 3d:c1:b5:93:42:95:93:fd:a8:ea:6d:57:f5:ff:b1: f9:7a:4f:11:12:86:f1:8e:f7:15:5e:0b:a4:97:60: 50:fd:8c:f6:61:1e:05:85:9b:b0:57:ac:eb:7b:8a: f1:3f:f4:2d:01:a1:6e:e4:f7:85:df:be:21:92:5c: 9e:62:33:c3:63:fa:8a:ae:7a:8a:95:ff:1e:0c:0f: a7:5d:3b:45:e1:38:29:72:58:22:6e:e1:99:c8:44: 05:ae:2c:ad:60:d5:d8:bf:2f:f7:6a:49:76:da:43: 3e:82:0e:83:0b:71:ba:5b:4c:7e:5a:76:8c:46:7d: f0:6c:28:39:38:4a:af:97:1d:79:77:b4:47:95:b8: c0:62:fb:b2:d6:8b:51:9e:bc:8b:bd:5d:89:6b:93: 39:ff:58:ea:a7:b2:8f:f9:d2:2c:19:a6:94:31:ec: 7b:5c:2e:98:de:c4:32:80:19:de:4c:fe:ea:86:7a: 15:35:c2:4a:5d:c2:98:93:4a:82:33:b3:4e:a6:69: f2:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:38:6D:1A:D7:BC:34:7E:F2:6D:85:C3:07:D2:D6:28:F4:CD:B2:6F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5b5ea3b5-d1e1-4482-9795-44899d6c1b41.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:7000::/40 Signature Algorithm: sha256WithRSAEncryption 76:14:5f:ac:f9:2f:f8:a6:03:af:f8:47:a3:60:96:55:3f:12: 78:5c:a5:86:ff:bf:59:63:fc:53:d3:a8:28:a9:85:13:16:56: bd:4b:de:64:15:d4:1a:68:df:e0:a0:84:2d:ca:ba:b4:30:f8: c6:d4:59:50:1b:1b:a6:84:d4:c8:f2:66:8e:22:ab:f9:1c:d5: 35:05:9c:4a:d6:64:49:60:8c:e5:8f:f6:cd:b4:1e:07:af:5f: d7:d3:11:b6:c6:ca:9e:fb:e3:43:99:ed:87:df:e3:e1:fa:5a: d1:51:c5:f2:c1:43:0a:58:00:e9:64:75:1d:67:80:e8:a9:98: 51:14:64:8e:31:72:6f:8b:23:0f:19:c6:c8:54:8a:8e:5c:8d: fa:e4:04:e0:e0:4a:a1:31:58:b0:b4:3a:7d:78:56:c8:2c:9d: ba:f4:d6:f3:2c:99:58:ba:35:6e:a6:35:8c:8b:e9:96:a0:cb: af:aa:2e:87:a1:ab:45:04:70:f0:c2:36:e9:66:0e:b1:00:cd: 1b:33:b0:39:af:8a:6b:7e:42:47:f9:ec:71:3c:83:21:97:47: ea:43:82:06:d3:62:1d:2a:d7:cd:de:8c:94:b1:72:d3:b3:d7: 40:86:23:40:2f:53:87:90:90:4c:67:1f:e3:7e:2d:4c:a0:76: 25:65:9b:ef -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIURK3vOQuNWR9x1aGyTNg/x+ZXzPwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMTAwMzAxMloX DTI2MDgwOTIzNTk1OVowejFJMEcGA1UEBRNAMDU0MjNjZTkzZmE1Y2U4NWM4NjEz YTczNjdkODU2ZDJkMzIyZDgyMDhmMTFmNmY1YTVhOGZjNDRjYTExM2Q4NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApekySmC1BKQeJQjsveg/cS8Qaf4x 6VdyAsxx+EmDg1HOJe+AxG5fhGImem8fm22iAoVx5r1RAI965Kg9wbWTQpWT/ajq bVf1/7H5ek8REobxjvcVXgukl2BQ/Yz2YR4FhZuwV6zre4rxP/QtAaFu5PeF374h klyeYjPDY/qKrnqKlf8eDA+nXTtF4TgpclgibuGZyEQFriytYNXYvy/3akl22kM+ gg6DC3G6W0x+WnaMRn3wbCg5OEqvlx15d7RHlbjAYvuy1otRnryLvV2Ja5M5/1jq p7KP+dIsGaaUMex7XC6Y3sQygBneTP7qhnoVNcJKXcKYk0qCM7NOpmnycQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFCA4bRrXvDR+8m2FwwfS1ij0zbJvMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzViNWVhM2I1LWQxZTEtNDQ4Mi05Nzk1LTQ0ODk5ZDZjMWI0MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYXAwDQYJKoZIhvcNAQELBQADggEBAHYUX6z5L/imA6/4R6Ng llU/EnhcpYb/v1lj/FPTqCiphRMWVr1L3mQV1Bpo3+CghC3KurQw+MbUWVAbG6aE 1MjyZo4iq/kc1TUFnErWZElgjOWP9s20HgevX9fTEbbGyp7740OZ7Yff4+H6WtFR xfLBQwpYAOlkdR1ngOipmFEUZI4xcm+LIw8ZxshUio5cjfrkBODgSqExWLC0On14 Vsgsnbr01vMsmVi6NW6mNYyL6Zagy6+qLoehq0UEcPDCNulmDrEAzRszsDmvimt+ Qkf57HE8gyGXR+pDggbTYh0q183ejJSxctOz10CGI0AvU4eQkExnH+N+LUygdiVl m+8= -----END CERTIFICATE-----Generated at Wed May 13 00:00:44 2026 by rpki-client