$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7003e8a9-a5a4-4137-b172-46c06da76822.roa File: 7003e8a9-a5a4-4137-b172-46c06da76822.roa (raw, json) Hash identifier: sFn3DMs4fx9qIcmsJgBW9Y9VO23VVaG24tXmlzPLlpY= Subject key identifier: 69:26:B3:61:60:29:64:4C:A0:98:45:DD:C3:7B:12:C9:11:5A:66:12 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0D81403E69B440FA723BADA82820DF50B521863B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7003e8a9-a5a4-4137-b172-46c06da76822.roa Signing time: Tue 05 May 2026 00:00:06 +0000 ROA not before: Tue 05 May 2026 00:00:06 +0000 ROA not after: Mon 03 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dab9:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:81:40:3e:69:b4:40:fa:72:3b:ad:a8:28:20:df:50:b5:21:86:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 5 00:00:06 2026 GMT Not After : Aug 3 23:59:59 2026 GMT Subject: serialNumber=48ab2e2bc3ba0b9284e97358a0948907153a5c2319cf3d6e1aa9a7d1d298a6aa, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:bf:58:4c:2e:d1:d2:6b:77:c6:c2:d1:a8:ae: ad:89:ae:5e:74:8b:7b:61:33:32:62:c8:50:d6:7b: 7d:1b:3b:3f:2a:2b:da:c8:3f:05:da:90:52:e2:73: 89:82:7c:8c:22:f9:37:37:05:8a:38:46:9e:e3:af: be:64:ba:cf:2c:6f:34:41:15:e4:69:ad:d0:ad:29: 4c:aa:a4:32:66:71:85:cf:f4:4d:c2:e1:f4:01:8a: dd:aa:66:ea:80:da:28:c7:08:06:ba:b9:32:07:13: ab:5e:97:64:12:a9:71:75:50:f5:76:40:db:35:9c: 8a:91:33:d6:1e:22:c3:97:5c:ab:91:5d:c1:4a:57: 80:8b:45:e2:ac:8e:93:95:cb:a9:61:be:83:bc:7d: 9f:be:03:72:d9:c3:36:f6:5f:d7:b5:07:d4:da:ed: 2a:b3:79:20:4a:71:b0:9e:93:91:7e:8b:6f:1c:0b: 55:fc:d0:eb:8d:bb:3a:61:b6:9a:10:9c:26:f1:24: 74:01:c2:bb:06:71:aa:fd:f4:7a:2c:70:e5:7d:5d: 3c:48:3f:41:02:7f:fc:74:a8:d1:bd:7a:c5:c7:c3: 01:55:0a:02:07:51:9a:02:d6:68:83:d6:51:c6:47: a3:25:b9:82:2b:a4:01:1f:4c:c0:27:b5:53:4c:f2: 28:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:26:B3:61:60:29:64:4C:A0:98:45:DD:C3:7B:12:C9:11:5A:66:12 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7003e8a9-a5a4-4137-b172-46c06da76822.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dab9:8800::/40 Signature Algorithm: sha256WithRSAEncryption 28:69:71:b1:03:62:7d:43:fa:dc:59:1d:99:13:a2:12:56:94: b5:95:88:bf:7d:b1:ca:71:c6:ca:a5:bd:06:32:24:55:c1:2e: 7a:d2:00:1f:ea:0a:b7:77:69:0e:1c:39:06:d6:22:0f:69:ce: eb:97:93:34:bb:86:49:ea:2e:b1:7a:a7:5c:d1:49:77:55:de: 57:15:74:9b:c5:9f:a8:b3:df:99:77:22:86:1e:19:4a:a0:cb: 77:82:45:9b:8f:0f:ba:5e:b8:1c:5b:a7:59:ef:98:a8:02:09: 10:bb:82:3c:e9:c9:15:30:b4:66:20:fa:14:21:13:87:ea:a2: 56:5e:d9:24:26:e7:5e:eb:d4:3d:2a:96:df:15:26:d0:a6:62: 70:55:cd:eb:d0:4b:90:e4:5c:f5:94:55:6c:3c:c1:86:17:cc: 93:b2:13:93:d3:45:92:6f:48:6a:8a:ac:f3:4a:62:56:68:74: 93:79:d5:d4:9a:5f:a7:36:91:67:1b:b2:81:5d:04:00:58:46: 4f:a1:f6:1a:14:e3:da:2a:4f:a8:02:65:ec:74:2a:83:1e:e6: e4:76:35:d0:4e:d2:b3:76:6d:2b:63:94:19:42:64:19:c1:6e: 8d:b7:0a:e3:c2:d9:a6:ec:2d:b3:6c:af:d2:28:01:fa:46:d1: 27:ee:de:fd -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUDYFAPmm0QPpyO62oKCDfULUhhjswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwNTAwMDAwNloX DTI2MDgwMzIzNTk1OVowejFJMEcGA1UEBRNANDhhYjJlMmJjM2JhMGI5Mjg0ZTk3 MzU4YTA5NDg5MDcxNTNhNWMyMzE5Y2YzZDZlMWFhOWE3ZDFkMjk4YTZhYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoL9YTC7R0mt3xsLRqK6tia5edIt7 YTMyYshQ1nt9Gzs/KivayD8F2pBS4nOJgnyMIvk3NwWKOEae46++ZLrPLG80QRXk aa3QrSlMqqQyZnGFz/RNwuH0AYrdqmbqgNooxwgGurkyBxOrXpdkEqlxdVD1dkDb NZyKkTPWHiLDl1yrkV3BSleAi0XirI6TlcupYb6DvH2fvgNy2cM29l/XtQfU2u0q s3kgSnGwnpORfotvHAtV/NDrjbs6YbaaEJwm8SR0AcK7BnGq/fR6LHDlfV08SD9B An/8dKjRvXrFx8MBVQoCB1GaAtZog9ZRxkejJbmCK6QBH0zAJ7VTTPIokQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGkms2FgKWRMoJhF3cN7EskRWmYSMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzcwMDNlOGE5LWE1YTQtNDEzNy1iMTcyLTQ2YzA2ZGE3NjgyMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauYgwDQYJKoZIhvcNAQELBQADggEBAChpcbEDYn1D+txZHZkT ohJWlLWViL99scpxxsqlvQYyJFXBLnrSAB/qCrd3aQ4cOQbWIg9pzuuXkzS7hknq LrF6p1zRSXdV3lcVdJvFn6iz35l3IoYeGUqgy3eCRZuPD7peuBxbp1nvmKgCCRC7 gjzpyRUwtGYg+hQhE4fqolZe2SQm517r1D0qlt8VJtCmYnBVzevQS5DkXPWUVWw8 wYYXzJOyE5PTRZJvSGqKrPNKYlZodJN51dSaX6c2kWcbsoFdBABYRk+h9hoU49oq T6gCZex0KoMe5uR2NdBO0rN2bStjlBlCZBnBbo23CuPC2absLbNsr9IoAfpG0Sfu 3v0= -----END CERTIFICATE-----Generated at Tue May 12 23:29:49 2026 by rpki-client