$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/858ae285-51c9-48c9-be09-17df643aafc4.roa File: 858ae285-51c9-48c9-be09-17df643aafc4.roa (raw, json) Hash identifier: MLIe7MmzkYqJPQoz6rSn/yeAd/QgElHdxx6LpJQEVLo= Subject key identifier: 72:D9:3F:40:6D:45:0D:82:21:67:62:4E:B3:11:99:CC:74:62:B3:0A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 28B28004F33EE85A9C39CA4E1282DF557E4D3C6D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/858ae285-51c9-48c9-be09-17df643aafc4.roa Signing time: Mon 11 May 2026 00:01:13 +0000 ROA not before: Mon 11 May 2026 00:01:13 +0000 ROA not after: Sun 09 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:6000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:b2:80:04:f3:3e:e8:5a:9c:39:ca:4e:12:82:df:55:7e:4d:3c:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 11 00:01:13 2026 GMT Not After : Aug 9 23:59:59 2026 GMT Subject: serialNumber=961cba0bd9b35be4af4c8b9affc3e0ebd07f824ea5553f6e83a99ee09efb0a73, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:27:27:41:43:17:ce:3a:2f:e5:15:b6:9a:29: 57:d7:13:55:0d:80:10:f8:3e:c3:fa:87:58:dd:00: 8f:94:14:b5:98:47:6b:b2:11:d3:dc:92:65:9e:29: 29:cf:e5:d4:8f:ec:f3:6b:f2:62:3c:b9:6f:8d:e1: 5f:29:1e:4f:d9:a6:1c:3d:78:b4:bc:76:c2:2a:b0: 9e:9e:8a:c8:c6:7d:f8:d2:f5:c5:f2:fb:bb:ad:9f: ee:42:94:1e:a3:a6:14:66:6f:da:81:85:e7:dd:c4: 10:5c:30:0c:2d:b0:92:c6:62:c8:8e:ca:2c:59:28: db:c9:8c:f0:7c:1e:30:12:61:db:37:1f:a9:f7:22: 94:42:5d:24:54:85:b1:a9:20:26:cc:40:80:33:3a: 4d:0c:3a:b1:62:be:28:3f:89:84:60:e8:8a:2c:7c: 06:6c:4d:9e:fa:43:0d:9b:cc:0c:db:90:ad:57:00: 98:9f:d2:25:50:fa:1f:18:6d:bf:ed:82:21:3c:24: a3:06:6b:26:b8:03:05:7e:e5:c4:c9:2a:1d:54:11: d9:45:6e:83:6d:aa:9a:2b:ab:81:15:3e:a4:75:2a: 16:a9:5c:e7:44:97:bd:5e:d2:fd:1d:83:4e:d7:5b: cb:50:f1:8a:cb:fb:dd:ef:bd:ff:2d:be:4b:83:51: 81:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:D9:3F:40:6D:45:0D:82:21:67:62:4E:B3:11:99:CC:74:62:B3:0A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/858ae285-51c9-48c9-be09-17df643aafc4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:6000::/40 Signature Algorithm: sha256WithRSAEncryption 2d:ae:04:d5:e3:ad:2a:48:83:7d:45:38:d1:22:19:52:64:5c: df:81:d6:b4:b7:3b:de:fa:b4:61:11:99:c2:e4:46:99:86:0a: 8e:ca:22:41:e4:e9:69:68:15:a6:07:33:9b:04:7c:81:b7:ed: 7d:a7:ff:6a:46:0f:53:18:a4:4a:a6:36:d3:b3:74:9d:b2:32: 6e:f7:be:ae:41:93:0e:b0:54:f6:00:14:33:c8:8d:50:28:9b: 16:5c:1e:91:1a:2c:5f:f9:f9:01:9c:1c:a2:9f:b4:e8:22:5c: 59:a4:0b:a2:70:ed:7c:b8:ec:81:5a:2c:54:89:aa:65:99:2c: 23:01:89:06:19:03:b6:ec:70:7b:e5:93:73:48:5c:a4:1f:03: 2d:33:3d:88:c8:64:f9:79:13:9d:ad:f2:a2:b0:16:7b:91:48: 11:a3:b9:71:34:49:64:e8:c9:d4:75:cc:84:83:60:17:86:3a: a1:4a:15:32:fc:9e:4d:24:1c:7b:56:b6:0e:48:f0:0b:ca:b6: c2:79:78:46:28:ed:9d:aa:0c:1c:27:f3:cb:d2:23:be:99:52: ca:66:95:da:6b:e9:c1:86:2f:5c:e3:aa:26:eb:12:1f:a6:c0: 6b:06:a9:71:cd:ca:fd:bd:ee:1c:44:ca:6e:78:4b:13:4f:4f: 4b:0f:c1:71 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUKLKABPM+6FqcOcpOEoLfVX5NPG0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMTAwMDExM1oX DTI2MDgwOTIzNTk1OVowejFJMEcGA1UEBRNAOTYxY2JhMGJkOWIzNWJlNGFmNGM4 YjlhZmZjM2UwZWJkMDdmODI0ZWE1NTUzZjZlODNhOTllZTA5ZWZiMGE3MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCcnQUMXzjov5RW2milX1xNVDYAQ +D7D+odY3QCPlBS1mEdrshHT3JJlnikpz+XUj+zza/JiPLlvjeFfKR5P2aYcPXi0 vHbCKrCenorIxn340vXF8vu7rZ/uQpQeo6YUZm/agYXn3cQQXDAMLbCSxmLIjsos WSjbyYzwfB4wEmHbNx+p9yKUQl0kVIWxqSAmzECAMzpNDDqxYr4oP4mEYOiKLHwG bE2e+kMNm8wM25CtVwCYn9IlUPofGG2/7YIhPCSjBmsmuAMFfuXEySodVBHZRW6D baqaK6uBFT6kdSoWqVznRJe9XtL9HYNO11vLUPGKy/vd773/Lb5Lg1GBDQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHLZP0BtRQ2CIWdiTrMRmcx0YrMKMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg1OGFlMjg1LTUxYzktNDhjOS1iZTA5LTE3ZGY2NDNhYWZjNC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAGAwDQYJKoZIhvcNAQELBQADggEBAC2uBNXjrSpIg31FONEi GVJkXN+B1rS3O976tGERmcLkRpmGCo7KIkHk6WloFaYHM5sEfIG37X2n/2pGD1MY pEqmNtOzdJ2yMm73vq5Bkw6wVPYAFDPIjVAomxZcHpEaLF/5+QGcHKKftOgiXFmk C6Jw7Xy47IFaLFSJqmWZLCMBiQYZA7bscHvlk3NIXKQfAy0zPYjIZPl5E52t8qKw FnuRSBGjuXE0SWToydR1zISDYBeGOqFKFTL8nk0kHHtWtg5I8AvKtsJ5eEYo7Z2q DBwn88vSI76ZUspmldpr6cGGL1zjqibrEh+mwGsGqXHNyv297hxEym54SxNPT0sP wXE= -----END CERTIFICATE-----Generated at Wed May 13 00:03:32 2026 by rpki-client