$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8fde959c-9c92-44e8-be7c-6f1ecd1985b2.roa File: 8fde959c-9c92-44e8-be7c-6f1ecd1985b2.roa (raw, json) Hash identifier: cnjw97AMd81FkROVkzdSAMqOhO6nPTjhFItHQw9eUh0= Subject key identifier: 31:A7:4D:67:2E:4C:58:01:F9:D8:A3:C1:2F:DE:C1:9D:F6:49:09:30 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 423C2F592529B12180CEE1C0B2D054726424565A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8fde959c-9c92-44e8-be7c-6f1ecd1985b2.roa Signing time: Tue 12 May 2026 00:01:16 +0000 ROA not before: Tue 12 May 2026 00:01:16 +0000 ROA not after: Mon 10 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:9000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:3c:2f:59:25:29:b1:21:80:ce:e1:c0:b2:d0:54:72:64:24:56:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 12 00:01:16 2026 GMT Not After : Aug 10 23:59:59 2026 GMT Subject: serialNumber=24771a5ef63297a2c22f4f130be99b5fc958fb2d18b07ea8f8214f912c7bbf23, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:5f:a4:c4:59:2a:e6:9b:25:a1:b0:48:bc:38: 3b:51:b0:ba:da:d8:71:69:03:93:62:51:a6:1b:4d: 3f:bf:c4:0f:6f:bc:7d:df:66:52:c5:16:c5:a0:4e: c7:01:06:30:21:a8:ea:e3:df:f2:67:47:5b:48:db: 70:54:67:14:4f:9a:9d:03:eb:b2:c8:d3:5c:64:a0: 10:59:7f:64:3d:22:c3:6c:fc:22:aa:3e:65:f4:c8: 1f:df:9b:ba:f2:34:e0:44:20:a9:9a:18:5b:55:b1: 9a:75:ca:14:93:63:71:46:cd:d5:62:5b:5e:90:8a: 98:8b:46:3e:9d:d7:dd:2b:c0:49:fa:f2:77:50:c9: 53:f4:d2:0f:5b:6e:8a:37:79:6e:4f:81:1f:09:c3: 55:3f:2b:3c:33:34:21:b1:57:b5:f1:38:41:53:5c: 0a:a9:c8:65:22:86:50:96:84:b7:7c:7e:bf:d0:64: 08:30:cb:5e:a8:7b:3a:46:5e:7b:28:07:47:af:29: 9e:30:55:a9:1c:62:92:60:72:f9:48:95:75:6a:f9: 6c:1f:c8:c3:2e:0f:96:c7:76:26:bb:aa:f2:6f:db: ec:35:f8:a8:cd:b6:ba:42:49:0c:c6:c7:7f:2c:fd: 43:81:f5:a6:a8:de:8c:52:70:4b:99:88:29:45:aa: 97:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:A7:4D:67:2E:4C:58:01:F9:D8:A3:C1:2F:DE:C1:9D:F6:49:09:30 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8fde959c-9c92-44e8-be7c-6f1ecd1985b2.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:9000::/40 Signature Algorithm: sha256WithRSAEncryption 38:07:da:21:f0:cb:a0:27:7c:57:64:c8:65:f0:c4:e0:87:92: 5d:fe:68:f2:42:82:50:09:6c:1c:7a:23:c0:2c:d0:b2:73:4a: 47:f2:fe:b0:3e:4e:e5:34:a3:e6:e7:5d:de:4c:5f:50:d9:4b: bb:24:dd:93:b7:59:fb:7c:d9:3b:8b:a5:a7:cd:ec:9d:b9:18: 1a:f6:0d:15:f3:15:d0:c1:c2:e3:9e:85:a2:e4:0e:7e:51:ac: 53:b1:1a:59:ef:1b:e8:90:13:25:ff:03:32:09:6f:04:ff:0a: f2:ca:2f:09:55:ea:33:2b:1e:14:3c:e6:da:d6:9f:23:93:5f: 7b:72:ff:d2:b9:ce:26:2f:83:9a:fd:99:ba:bc:e9:9b:55:d3: 20:ed:fa:1d:45:6c:76:7a:69:02:34:b4:ea:05:99:52:30:74: 3b:bc:f2:7a:8b:fd:ee:a7:cc:f8:a5:03:26:f1:cd:5d:3e:98: 26:81:82:7e:76:7a:54:7b:c7:09:e8:b1:16:47:e2:f5:e7:8c: 39:42:7a:72:7e:10:26:7d:6d:02:84:97:9c:10:2c:c9:e8:91: cc:21:a5:ae:b7:bb:50:e9:b0:9b:02:02:e2:e6:a8:a3:86:70: 42:84:26:9e:73:ac:9b:ee:9b:3c:cb:95:30:90:be:65:54:42: 22:5d:a3:2c -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQjwvWSUpsSGAzuHAstBUcmQkVlowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMjAwMDExNloX DTI2MDgxMDIzNTk1OVowejFJMEcGA1UEBRNAMjQ3NzFhNWVmNjMyOTdhMmMyMmY0 ZjEzMGJlOTliNWZjOTU4ZmIyZDE4YjA3ZWE4ZjgyMTRmOTEyYzdiYmYyMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvF+kxFkq5pslobBIvDg7UbC62thx aQOTYlGmG00/v8QPb7x932ZSxRbFoE7HAQYwIajq49/yZ0dbSNtwVGcUT5qdA+uy yNNcZKAQWX9kPSLDbPwiqj5l9Mgf35u68jTgRCCpmhhbVbGadcoUk2NxRs3VYlte kIqYi0Y+ndfdK8BJ+vJ3UMlT9NIPW26KN3luT4EfCcNVPys8MzQhsVe18ThBU1wK qchlIoZQloS3fH6/0GQIMMteqHs6Rl57KAdHrymeMFWpHGKSYHL5SJV1avlsH8jD Lg+Wx3Ymu6ryb9vsNfiozba6QkkMxsd/LP1DgfWmqN6MUnBLmYgpRaqXLQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDGnTWcuTFgB+dijwS/ewZ32SQkwMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzhmZGU5NTljLTljOTItNDRlOC1iZTdjLTZmMWVjZDE5ODViMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+5AwDQYJKoZIhvcNAQELBQADggEBADgH2iHwy6AnfFdkyGXw xOCHkl3+aPJCglAJbBx6I8As0LJzSkfy/rA+TuU0o+bnXd5MX1DZS7sk3ZO3Wft8 2TuLpafN7J25GBr2DRXzFdDBwuOehaLkDn5RrFOxGlnvG+iQEyX/AzIJbwT/CvLK LwlV6jMrHhQ85trWnyOTX3ty/9K5ziYvg5r9mbq86ZtV0yDt+h1FbHZ6aQI0tOoF mVIwdDu88nqL/e6nzPilAybxzV0+mCaBgn52elR7xwnosRZH4vXnjDlCenJ+ECZ9 bQKEl5wQLMnokcwhpa63u1DpsJsCAuLmqKOGcEKEJp5zrJvumzzLlTCQvmVUQiJd oyw= -----END CERTIFICATE-----Generated at Tue May 12 23:26:53 2026 by rpki-client