$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8240f40e-4c9d-4e9c-85a8-efba70430867.roa File: 8240f40e-4c9d-4e9c-85a8-efba70430867.roa (raw, json) Hash identifier: 8/BVUZq2BCAadGJ0p60yCS2nKn2xnFZ+EEYct6GzMBg= Subject key identifier: 2D:71:97:4E:39:F5:00:56:95:8C:25:4A:D1:91:45:75:41:61:34:0A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 78C5AD528626950C0A7CB79F19F8FC5EC7EC3DDE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8240f40e-4c9d-4e9c-85a8-efba70430867.roa Signing time: Sat 02 May 2026 00:11:08 +0000 ROA not before: Sat 02 May 2026 00:11:08 +0000 ROA not after: Fri 31 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daea:4040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:c5:ad:52:86:26:95:0c:0a:7c:b7:9f:19:f8:fc:5e:c7:ec:3d:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:11:08 2026 GMT Not After : Jul 31 23:59:59 2026 GMT Subject: serialNumber=6b1ef45d1de7b95ac892a91394c204ac6ec9b5c2e8ebff75d9cd44afd7dce473, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:29:67:34:41:8e:f9:63:9a:16:9d:33:bc:ea: 52:35:77:d0:7a:ce:fe:db:a8:71:20:bc:c0:f5:91: 13:ac:f3:41:a0:f0:84:77:4f:33:1c:1f:d3:8a:88: ce:75:5f:f4:d8:9e:c2:dd:06:3d:64:23:3e:a0:bf: 59:f8:e2:3b:05:c0:58:e4:8d:92:6a:2f:3a:bc:bd: 73:8c:55:bb:b3:52:43:4a:8a:74:36:1a:aa:c2:7d: d1:ab:84:24:83:3c:a8:c0:44:31:88:e1:c6:01:cf: a4:7d:02:6f:0f:f3:7d:a6:20:5d:8d:45:53:c4:c3: df:fb:8f:42:02:15:58:4f:d0:33:94:b5:75:fc:7c: 5c:ab:5d:af:78:95:dc:d7:63:02:d3:a6:a7:21:16: a7:72:0b:40:1b:40:a1:38:30:d8:6a:60:62:28:b4: 0c:a7:32:12:32:b4:a2:bb:ea:86:82:91:13:67:ce: 6e:75:5b:d6:98:b3:97:af:39:53:12:8d:29:b9:0a: ba:a9:75:80:83:51:21:69:f1:bb:96:7f:2c:bd:da: 2c:d3:0c:10:84:ca:bc:d0:81:f3:7c:2c:e0:8d:8a: 9c:df:d3:92:00:b2:14:a8:b5:a8:d4:af:27:73:ef: 64:1c:ae:02:2d:3a:ec:3d:f3:13:8b:39:d2:55:a9: a7:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:71:97:4E:39:F5:00:56:95:8C:25:4A:D1:91:45:75:41:61:34:0A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8240f40e-4c9d-4e9c-85a8-efba70430867.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daea:4040::/48 Signature Algorithm: sha256WithRSAEncryption 0f:e7:e1:a9:41:8d:ef:68:08:15:db:64:16:a2:2f:d6:9b:a3: 7e:bd:bb:39:38:a6:1d:0e:53:79:d7:11:4d:ae:70:0a:8f:d6: 18:79:2e:ff:47:ed:51:c5:f3:70:ae:38:df:b7:95:8b:50:fa: 65:ac:3e:92:30:ce:a0:b6:5c:53:33:66:a6:24:f8:b0:a2:00: 5a:fb:6a:c5:d2:24:d7:5d:bd:a2:07:99:e6:a5:0b:76:2d:84: 1b:17:bc:1f:c3:30:63:05:15:7a:37:04:0e:e3:83:b1:c5:6a: 88:a5:5b:60:63:65:02:50:8f:4e:9e:ac:a4:67:21:df:c0:c7: e7:4e:6e:95:ce:a8:f4:58:a7:75:81:fb:2f:33:98:3a:71:d6: 23:b7:2e:d6:04:72:d4:39:3b:f2:d9:f8:1b:6b:fa:aa:9e:d5: a7:07:c8:18:a4:de:c2:71:04:3f:c4:ff:3b:c5:ca:cc:11:0b: 81:16:3a:f7:8a:95:69:02:4c:ca:30:24:62:15:ba:1c:e4:a9: 21:da:62:63:c1:97:30:b5:eb:a5:bf:c2:e8:b0:c2:b7:73:df: aa:97:8b:a0:ef:45:7f:45:84:ef:11:d7:cf:db:f5:d0:5a:c3: 87:6b:3a:0e:f5:1c:dc:41:ba:72:0e:1a:bc:01:42:97:fa:72: 3e:51:f6:dd -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUeMWtUoYmlQwKfLefGfj8XsfsPd4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwMjAwMTEwOFoX DTI2MDczMTIzNTk1OVowejFJMEcGA1UEBRNANmIxZWY0NWQxZGU3Yjk1YWM4OTJh OTEzOTRjMjA0YWM2ZWM5YjVjMmU4ZWJmZjc1ZDljZDQ0YWZkN2RjZTQ3MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyClnNEGO+WOaFp0zvOpSNXfQes7+ 26hxILzA9ZETrPNBoPCEd08zHB/TiojOdV/02J7C3QY9ZCM+oL9Z+OI7BcBY5I2S ai86vL1zjFW7s1JDSop0Nhqqwn3Rq4QkgzyowEQxiOHGAc+kfQJvD/N9piBdjUVT xMPf+49CAhVYT9AzlLV1/Hxcq12veJXc12MC06anIRancgtAG0ChODDYamBiKLQM pzISMrSiu+qGgpETZ85udVvWmLOXrzlTEo0puQq6qXWAg1EhafG7ln8svdos0wwQ hMq80IHzfCzgjYqc39OSALIUqLWo1K8nc+9kHK4CLTrsPfMTiznSVamnbQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFC1xl0459QBWlYwlStGRRXVBYTQKMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzgyNDBmNDBlLTRjOWQtNGU5Yy04NWE4LWVmYmE3MDQzMDg2Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6kBAMA0GCSqGSIb3DQEBCwUAA4IBAQAP5+GpQY3vaAgV22QW oi/Wm6N+vbs5OKYdDlN51xFNrnAKj9YYeS7/R+1RxfNwrjjft5WLUPplrD6SMM6g tlxTM2amJPiwogBa+2rF0iTXXb2iB5nmpQt2LYQbF7wfwzBjBRV6NwQO44OxxWqI pVtgY2UCUI9OnqykZyHfwMfnTm6Vzqj0WKd1gfsvM5g6cdYjty7WBHLUOTvy2fgb a/qqntWnB8gYpN7CcQQ/xP87xcrMEQuBFjr3ipVpAkzKMCRiFboc5Kkh2mJjwZcw teulv8LosMK3c9+ql4ug70V/RYTvEdfP2/XQWsOHazoO9RzcQbpyDhq8AUKX+nI+ Ufbd -----END CERTIFICATE-----Generated at Tue May 12 23:26:56 2026 by rpki-client