$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/841d2e32-ec89-44ad-8f86-21aa458e7070.roa File: 841d2e32-ec89-44ad-8f86-21aa458e7070.roa (raw, json) Hash identifier: vHEo8rIfow+AeoceU53OaRWYlqmql2FBfJX9nYelQO0= Subject key identifier: 5C:AB:CF:4B:A2:62:FD:25:17:0D:EA:82:63:07:5F:92:1B:48:18:29 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1418D4F2A35B26C62A3FC34A53836FC584A937B4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/841d2e32-ec89-44ad-8f86-21aa458e7070.roa Signing time: Tue 12 May 2026 00:01:17 +0000 ROA not before: Tue 12 May 2026 00:01:17 +0000 ROA not after: Mon 10 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da69:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:18:d4:f2:a3:5b:26:c6:2a:3f:c3:4a:53:83:6f:c5:84:a9:37:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 12 00:01:17 2026 GMT Not After : Aug 10 23:59:59 2026 GMT Subject: serialNumber=647396a1e003a620673091a8be0a634458cb936f27fdcdc1bb5de94b430dee05, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:42:ad:a6:b1:6a:25:9a:df:70:33:90:43:df: 83:63:5c:4d:04:d6:b6:a8:b8:50:61:85:3b:45:a6: 0e:4d:11:c3:4c:3b:cb:d6:09:3f:17:91:e9:98:12: 83:92:7a:d3:9c:8b:e7:f9:e4:0d:f1:95:8b:37:ef: 2d:a6:fd:b1:e6:85:4c:66:59:5b:a5:db:fa:e6:d2: 0d:00:7b:92:59:6c:65:50:f5:58:55:6a:e5:2d:4c: 6b:7d:d0:8d:0e:d0:a0:cd:f5:0c:ab:e1:7e:62:b7: 12:14:2e:db:17:f0:c2:e4:6e:c9:db:ea:c7:8e:9b: 93:74:00:c2:b5:34:b6:75:ed:1a:0d:07:c7:4e:b4: 7c:8d:32:f9:23:88:e6:4f:ae:08:b1:bb:84:31:ec: 91:24:22:e4:66:e0:b2:68:d5:34:cd:87:3f:14:c5: d6:80:9a:fd:99:05:ae:b6:d5:e6:3b:82:9b:5d:dd: 13:52:33:ef:c8:96:6e:b5:77:33:28:59:66:84:6c: 65:cd:57:a7:03:f8:3f:d2:ac:f5:e1:0d:5e:87:55: 78:aa:11:26:f6:51:d9:10:f3:6e:27:f1:68:db:49: 91:9b:a3:c9:67:20:6c:a7:30:b5:4a:fc:35:f4:f6: 23:71:96:3c:fc:8f:c8:8c:45:d4:0d:27:65:08:b8: 26:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:AB:CF:4B:A2:62:FD:25:17:0D:EA:82:63:07:5F:92:1B:48:18:29 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/841d2e32-ec89-44ad-8f86-21aa458e7070.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da69:6000::/40 Signature Algorithm: sha256WithRSAEncryption 0b:a8:5c:64:2c:55:b2:6f:5b:ea:18:96:1b:cd:6e:dd:42:74: d9:87:28:29:63:90:28:ee:6f:2b:83:f3:48:f9:f5:55:8c:cb: fe:9d:23:76:4b:18:54:97:a2:1e:16:12:47:2b:10:f7:52:38: 0c:38:d9:38:95:c9:5a:53:73:9d:ae:09:0d:94:66:d2:d1:2d: a0:60:d5:11:e7:90:c2:62:e4:14:05:0a:fb:60:26:2c:6d:29: b3:4b:15:47:a8:c8:53:dc:fd:5a:22:07:63:74:0b:a5:46:51: 83:90:c5:23:7f:9e:e2:15:e5:64:44:4d:2f:c1:de:4a:bb:4f: a8:d3:dd:cd:5a:e0:d9:1b:42:ee:72:82:d6:a3:89:46:74:30: 51:83:6b:14:e8:07:8d:d2:bf:b1:24:44:3e:89:1e:7e:80:7a: 66:a8:92:58:4e:b5:1e:fb:e3:70:68:c5:1a:0a:79:6f:16:c2: c9:3a:84:3e:b6:78:2c:4a:96:70:9f:5e:5c:c7:da:24:29:2b: 05:2b:0f:30:e1:4e:9a:28:e9:71:f9:b8:68:be:86:d8:d7:a6: 3a:30:11:1a:bd:54:c1:57:a8:ed:f4:be:8b:07:e8:dd:0f:88: 66:46:87:bc:b2:eb:aa:0d:c4:45:98:e3:a2:e3:1e:57:55:a9: 9b:f5:0e:b9 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFBjU8qNbJsYqP8NKU4NvxYSpN7QwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMjAwMDExN1oX DTI2MDgxMDIzNTk1OVowejFJMEcGA1UEBRNANjQ3Mzk2YTFlMDAzYTYyMDY3MzA5 MWE4YmUwYTYzNDQ1OGNiOTM2ZjI3ZmRjZGMxYmI1ZGU5NGI0MzBkZWUwNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UKtprFqJZrfcDOQQ9+DY1xNBNa2 qLhQYYU7RaYOTRHDTDvL1gk/F5HpmBKDknrTnIvn+eQN8ZWLN+8tpv2x5oVMZllb pdv65tINAHuSWWxlUPVYVWrlLUxrfdCNDtCgzfUMq+F+YrcSFC7bF/DC5G7J2+rH jpuTdADCtTS2de0aDQfHTrR8jTL5I4jmT64IsbuEMeyRJCLkZuCyaNU0zYc/FMXW gJr9mQWuttXmO4KbXd0TUjPvyJZutXczKFlmhGxlzVenA/g/0qz14Q1eh1V4qhEm 9lHZEPNuJ/Fo20mRm6PJZyBspzC1Svw19PYjcZY8/I/IjEXUDSdlCLgmbQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFyrz0uiYv0lFw3qgmMHX5IbSBgpMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg0MWQyZTMyLWVjODktNDRhZC04Zjg2LTIxYWE0NThlNzA3MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaWAwDQYJKoZIhvcNAQELBQADggEBAAuoXGQsVbJvW+oYlhvN bt1CdNmHKCljkCjubyuD80j59VWMy/6dI3ZLGFSXoh4WEkcrEPdSOAw42TiVyVpT c52uCQ2UZtLRLaBg1RHnkMJi5BQFCvtgJixtKbNLFUeoyFPc/VoiB2N0C6VGUYOQ xSN/nuIV5WRETS/B3kq7T6jT3c1a4NkbQu5ygtajiUZ0MFGDaxToB43Sv7EkRD6J Hn6AemaoklhOtR7743BoxRoKeW8Wwsk6hD62eCxKlnCfXlzH2iQpKwUrDzDhTpoo 6XH5uGi+htjXpjowERq9VMFXqO30vosH6N0PiGZGh7yy66oNxEWY46LjHldVqZv1 Drk= -----END CERTIFICATE-----Generated at Tue May 12 23:47:05 2026 by rpki-client