$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f24907e-93d5-49c5-9a11-37e2a6b6d0df.roa File: 5f24907e-93d5-49c5-9a11-37e2a6b6d0df.roa (raw, json) Hash identifier: sPeUYzrlttuzewfovQXSu8S9opytamhCoSbqDsZ1AFI= Subject key identifier: D4:A9:F5:66:DD:CD:11:C7:BD:D7:81:52:2C:C9:B1:12:47:D8:BA:67 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0940FD24CB9EC4A34CAA92399402AC15BF5A8062 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f24907e-93d5-49c5-9a11-37e2a6b6d0df.roa Signing time: Mon 27 Apr 2026 00:00:07 +0000 ROA not before: Mon 27 Apr 2026 00:00:07 +0000 ROA not after: Sun 26 Jul 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daed:a080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:40:fd:24:cb:9e:c4:a3:4c:aa:92:39:94:02:ac:15:bf:5a:80:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 27 00:00:07 2026 GMT Not After : Jul 26 23:59:59 2026 GMT Subject: serialNumber=ffe334c510245deec3ade0dda3d084ee955f8d78e5da2c606a94c3673e0270a0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:b3:82:f6:3e:21:48:79:44:29:32:b3:0f:e0: b0:6e:f7:d4:2e:49:5f:68:43:d9:b1:73:35:69:f7: 4f:77:15:b1:69:23:0a:d2:bf:41:0f:9e:99:5d:18: 97:34:e9:57:4c:60:e4:18:cc:4b:f0:ea:8a:46:a0: 30:c2:0a:f3:58:d1:51:e4:ad:ea:84:d1:ec:e8:0a: 2f:2b:98:b8:43:c0:7b:ae:17:e0:44:3e:56:f4:52: c9:09:da:44:8b:0b:98:8a:c8:83:50:16:72:cf:0a: 81:06:2b:fb:55:92:95:84:75:6e:a4:bd:e3:91:58: 04:c5:55:1a:48:c3:ef:01:49:c2:7a:81:d7:e1:bf: ff:3d:74:2a:b6:5f:be:83:ce:28:56:86:fb:b8:1c: f9:f5:12:51:3b:17:a0:37:be:8b:86:23:d1:58:b7: 0a:10:aa:e3:0f:2c:f1:c2:3c:a1:9e:87:dd:6c:cb: 0a:f3:61:7c:03:f4:e3:6f:77:f5:e1:0d:ca:26:9f: f0:f0:c4:0e:ec:e3:1f:e9:d5:b0:04:cd:9d:ac:57: fb:89:f5:41:9b:fb:a4:ec:4d:2d:a6:fc:8e:3f:27: b9:10:aa:b2:c0:08:a5:a4:b3:1e:8b:df:9d:a6:34: 1a:29:e5:60:60:0c:fd:ec:68:dc:f7:b1:cd:56:34: 4b:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:A9:F5:66:DD:CD:11:C7:BD:D7:81:52:2C:C9:B1:12:47:D8:BA:67 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f24907e-93d5-49c5-9a11-37e2a6b6d0df.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daed:a080::/48 Signature Algorithm: sha256WithRSAEncryption 4f:84:26:79:00:5e:42:10:30:6a:2f:3d:65:d3:21:a4:52:25: 3b:53:b7:10:c1:ca:3d:f6:94:3f:cd:19:1e:46:07:a5:aa:2a: 71:33:e5:f4:70:5f:52:09:9a:f8:5f:21:af:06:c6:80:3b:86: 27:f4:31:09:eb:27:ae:b1:82:5a:64:24:ea:15:c7:3f:e7:d6: 88:18:87:ca:39:85:34:1f:1b:73:81:09:02:3c:61:db:16:87: 06:94:e6:35:b3:b4:9b:48:02:e3:b3:6e:98:27:32:72:40:00: df:5e:d4:4e:8b:48:11:7c:15:c7:15:c9:77:32:ce:48:5a:5b: f3:12:61:0a:21:13:c3:a7:61:65:88:d2:ea:f9:e6:da:75:bc: 07:f0:91:59:58:f7:fe:dd:38:57:78:24:8c:f7:ca:8b:02:03: d0:8e:b4:3c:82:ea:17:92:c8:21:07:0b:11:3a:aa:35:2e:d8: 7d:55:30:bc:dc:0e:3f:10:26:c6:da:d6:ee:ac:75:93:90:1d: 62:a1:ef:70:00:ca:e8:13:61:19:b4:a1:6b:de:d7:06:0b:29: 1e:4b:f8:e8:91:00:15:7f:7d:41:ab:ed:56:e8:75:f8:84:6b: 84:55:ef:92:20:e6:04:6b:c6:7e:24:9c:e3:38:bd:41:03:fb: 9f:5b:cf:ab -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUCUD9JMuexKNMqpI5lAKsFb9agGIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDQyNzAwMDAwN1oX DTI2MDcyNjIzNTk1OVowejFJMEcGA1UEBRNAZmZlMzM0YzUxMDI0NWRlZWMzYWRl MGRkYTNkMDg0ZWU5NTVmOGQ3OGU1ZGEyYzYwNmE5NGMzNjczZTAyNzBhMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbOC9j4hSHlEKTKzD+CwbvfULklf aEPZsXM1afdPdxWxaSMK0r9BD56ZXRiXNOlXTGDkGMxL8OqKRqAwwgrzWNFR5K3q hNHs6AovK5i4Q8B7rhfgRD5W9FLJCdpEiwuYisiDUBZyzwqBBiv7VZKVhHVupL3j kVgExVUaSMPvAUnCeoHX4b//PXQqtl++g84oVob7uBz59RJROxegN76LhiPRWLcK EKrjDyzxwjyhnofdbMsK82F8A/Tjb3f14Q3KJp/w8MQO7OMf6dWwBM2drFf7ifVB m/uk7E0tpvyOPye5EKqywAilpLMei9+dpjQaKeVgYAz97Gjc97HNVjRLXwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNSp9WbdzRHHvdeBUizJsRJH2LpnMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVmMjQ5MDdlLTkzZDUtNDljNS05YTExLTM3ZTJhNmI2ZDBkZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba7aCAMA0GCSqGSIb3DQEBCwUAA4IBAQBPhCZ5AF5CEDBqLz1l 0yGkUiU7U7cQwco99pQ/zRkeRgelqipxM+X0cF9SCZr4XyGvBsaAO4Yn9DEJ6yeu sYJaZCTqFcc/59aIGIfKOYU0HxtzgQkCPGHbFocGlOY1s7SbSALjs26YJzJyQADf XtROi0gRfBXHFcl3Ms5IWlvzEmEKIRPDp2FliNLq+ebadbwH8JFZWPf+3ThXeCSM 98qLAgPQjrQ8guoXksghBwsROqo1Lth9VTC83A4/ECbG2tburHWTkB1ioe9wAMro E2EZtKFr3tcGCykeS/jokQAVf31Bq+1W6HX4hGuEVe+SIOYEa8Z+JJzjOL1BA/uf W8+r -----END CERTIFICATE-----Generated at Tue May 12 23:31:23 2026 by rpki-client