$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/86788001-2d2c-41b3-aade-12042b8560bb.roa File: 86788001-2d2c-41b3-aade-12042b8560bb.roa (raw, json) Hash identifier: KHljVF9s1Z9uVpTWhqDxYloBQG/kiIuobHpCxjxG8aI= Subject key identifier: 67:EF:16:A0:CD:F1:46:05:48:66:9D:76:A3:69:F7:44:19:42:D5:39 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 52F8082D6A101B37BFCA5DF01673C61647220A11 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/86788001-2d2c-41b3-aade-12042b8560bb.roa Signing time: Tue 05 May 2026 00:00:54 +0000 ROA not before: Tue 05 May 2026 00:00:54 +0000 ROA not after: Mon 03 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:6000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:f8:08:2d:6a:10:1b:37:bf:ca:5d:f0:16:73:c6:16:47:22:0a:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 5 00:00:54 2026 GMT Not After : Aug 3 23:59:59 2026 GMT Subject: serialNumber=de0c2e872240d7671a84d5d65fb8b03d4e41054af8fbdd86ffb93ebd5b5962d2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:fb:2e:d4:39:9c:dd:66:b7:ce:f7:2f:03:92: 2d:7e:7a:ee:cc:d5:52:fe:0c:b2:ad:47:14:dd:27: c2:b4:b1:b5:a9:43:7f:73:fe:9e:1e:f7:29:72:b2: 9a:cf:49:c5:c2:21:f9:5c:25:a7:f0:6c:ab:79:1b: 05:fb:61:3b:26:ab:34:15:12:8c:f9:90:6b:24:b6: 4f:15:9a:b1:55:ab:c5:12:58:6c:83:5a:67:38:26: 1b:96:ba:e3:ba:6b:56:be:9f:40:47:89:29:81:69: 6d:f1:d1:c5:5e:c4:c5:d6:3d:f0:df:e7:54:24:c9: ab:c9:d6:be:ca:c7:aa:0f:5b:c7:2a:1e:66:39:af: c1:b6:38:68:45:d1:92:59:d9:20:57:58:9e:80:e5: 0d:25:07:10:4a:45:cb:8c:ba:de:14:7f:47:49:a3: c5:5c:78:a2:de:b0:9b:c0:47:3e:67:45:03:82:39: 21:8f:9d:47:3a:58:92:e8:ef:8f:8b:c4:17:f0:e9: 41:77:a8:a6:db:c4:89:db:db:ec:b8:22:3b:1a:d1: 2b:e4:7e:15:b8:33:93:53:fe:d5:12:29:08:88:a4: 19:76:47:7b:c2:07:15:91:cd:e7:1c:29:61:24:35: 4f:ab:2a:3d:e5:fb:f7:43:7c:cd:57:c9:bf:71:88: 5c:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:EF:16:A0:CD:F1:46:05:48:66:9D:76:A3:69:F7:44:19:42:D5:39 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/86788001-2d2c-41b3-aade-12042b8560bb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:6000::/40 Signature Algorithm: sha256WithRSAEncryption 2a:91:f4:bd:40:de:33:3d:c9:fe:21:bf:18:30:04:df:c6:45: 34:30:bf:de:27:a1:90:0c:6c:0e:ab:bc:49:85:6c:69:52:47: b8:3a:f8:8a:44:95:7b:cf:9a:e4:e4:56:c6:41:6b:9e:30:dc: fd:1e:f2:3a:d6:93:62:37:0d:d9:1c:5d:4e:cf:8f:48:36:c0: 86:9f:e9:33:c4:91:a1:3f:4f:15:e8:a5:29:f2:fe:90:9f:bb: 66:27:4a:92:dc:55:0e:d6:cd:e0:3a:1e:9d:03:cf:85:70:58: 95:44:dd:67:fb:17:74:3d:2a:2c:87:88:f4:2b:84:6d:8c:d4: b2:a1:34:4c:50:4f:b4:23:e2:55:c1:3a:82:53:45:43:8e:35: 5e:0d:07:47:be:45:2b:5d:ab:63:73:04:5f:f4:67:33:af:5b: 36:c4:bd:8c:bb:5e:6a:5c:b0:87:8d:0e:03:06:41:5d:5c:bd: e7:1d:50:bd:9b:f7:9c:c0:3e:1b:dc:f6:89:c5:9f:c5:c2:df: 29:c5:ea:b0:41:f8:ff:51:11:05:b5:fe:cd:dc:1f:ec:f5:e2: 76:03:2a:d1:ba:d6:9e:a4:90:87:e0:97:8a:d7:07:93:c2:eb: d1:93:a4:96:66:e1:d1:45:2f:1f:da:43:cf:d6:52:58:b3:9c: 63:15:23:c6 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUUvgILWoQGze/yl3wFnPGFkciChEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwNTAwMDA1NFoX DTI2MDgwMzIzNTk1OVowejFJMEcGA1UEBRNAZGUwYzJlODcyMjQwZDc2NzFhODRk NWQ2NWZiOGIwM2Q0ZTQxMDU0YWY4ZmJkZDg2ZmZiOTNlYmQ1YjU5NjJkMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPsu1Dmc3Wa3zvcvA5ItfnruzNVS /gyyrUcU3SfCtLG1qUN/c/6eHvcpcrKaz0nFwiH5XCWn8GyreRsF+2E7Jqs0FRKM +ZBrJLZPFZqxVavFElhsg1pnOCYblrrjumtWvp9AR4kpgWlt8dHFXsTF1j3w3+dU JMmryda+yseqD1vHKh5mOa/BtjhoRdGSWdkgV1iegOUNJQcQSkXLjLreFH9HSaPF XHii3rCbwEc+Z0UDgjkhj51HOliS6O+Pi8QX8OlBd6im28SJ29vsuCI7GtEr5H4V uDOTU/7VEikIiKQZdkd7wgcVkc3nHClhJDVPqyo95fv3Q3zNV8m/cYhcrQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGfvFqDN8UYFSGaddqNp90QZQtU5MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzg2Nzg4MDAxLTJkMmMtNDFiMy1hYWRlLTEyMDQyYjg1NjBiYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9GAwDQYJKoZIhvcNAQELBQADggEBACqR9L1A3jM9yf4hvxgw BN/GRTQwv94noZAMbA6rvEmFbGlSR7g6+IpElXvPmuTkVsZBa54w3P0e8jrWk2I3 DdkcXU7Pj0g2wIaf6TPEkaE/TxXopSny/pCfu2YnSpLcVQ7WzeA6Hp0Dz4VwWJVE 3Wf7F3Q9KiyHiPQrhG2M1LKhNExQT7Qj4lXBOoJTRUOONV4NB0e+RStdq2NzBF/0 ZzOvWzbEvYy7XmpcsIeNDgMGQV1cvecdUL2b95zAPhvc9onFn8XC3ynF6rBB+P9R EQW1/s3cH+z14nYDKtG61p6kkIfgl4rXB5PC69GTpJZm4dFFLx/aQ8/WUliznGMV I8Y= -----END CERTIFICATE-----Generated at Tue May 12 23:30:47 2026 by rpki-client