$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae8eda0a-5e17-4fab-8e01-0f3e566e7e55.roa File: ae8eda0a-5e17-4fab-8e01-0f3e566e7e55.roa (raw, json) Hash identifier: gWDKA2HL8KaVwFoPv0RMmSyjFLR5uPVHudb6M5EbsDY= Subject key identifier: 18:5F:BE:BF:A8:21:AA:05:88:92:DD:B4:6C:FF:27:6B:9E:F8:AC:DF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 40FFF8951C1F9EB07DDD94A08DEF906A0FE77076 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae8eda0a-5e17-4fab-8e01-0f3e566e7e55.roa Signing time: Sat 02 May 2026 00:10:09 +0000 ROA not before: Sat 02 May 2026 00:10:09 +0000 ROA not after: Fri 31 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daea:e0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40:ff:f8:95:1c:1f:9e:b0:7d:dd:94:a0:8d:ef:90:6a:0f:e7:70:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:10:09 2026 GMT Not After : Jul 31 23:59:59 2026 GMT Subject: serialNumber=f3fbb5face566bbb266977357352a54cba536bbd21e5a4fc46473cfd4bb8d9a9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:66:e8:d2:f1:72:ec:cc:24:8a:ff:41:e3:0c: 9f:b5:bc:9c:73:5c:5d:9a:c1:4e:1c:3a:57:7b:d1: f2:9c:75:e2:a3:dc:b8:e0:7c:1e:4d:ef:1b:7f:c7: eb:ab:76:7d:3a:9a:bd:05:73:b0:e1:55:57:8d:b2: 42:f2:88:b5:31:a1:93:28:b8:9d:00:1e:ae:25:91: 19:33:4e:df:c9:ba:25:0d:3c:09:80:82:85:7a:46: 6f:6f:31:b2:f3:2d:c6:8e:f1:6b:6d:29:7a:b7:65: 47:63:70:09:8a:ff:0d:11:08:91:a7:5f:ad:b1:75: 20:7e:23:fb:11:d9:c1:50:57:27:0d:3a:18:44:7b: dc:ef:82:93:76:7d:c8:e9:94:f7:6f:6e:3d:7f:08: bd:86:e3:47:7f:16:6c:79:23:35:b5:a5:5e:e5:eb: c2:81:98:7c:01:32:9f:ce:8e:0c:1f:4b:e1:ba:f1: 19:ea:5b:21:1d:3b:95:74:07:b0:90:f5:05:57:1b: 40:b9:b5:27:5e:06:8c:6b:82:04:ab:22:fd:14:d9: 27:d7:08:e5:5b:f7:0f:6e:b3:78:e8:da:7c:b3:2f: 90:81:bb:d3:40:d8:15:1c:7f:8a:91:09:31:ef:49: bf:94:3a:70:33:ff:5b:41:24:58:84:b3:54:65:62: e6:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:5F:BE:BF:A8:21:AA:05:88:92:DD:B4:6C:FF:27:6B:9E:F8:AC:DF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae8eda0a-5e17-4fab-8e01-0f3e566e7e55.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daea:e0c0::/48 Signature Algorithm: sha256WithRSAEncryption 9c:ae:8c:de:89:d6:22:49:bd:81:0f:8e:11:69:b6:5c:3e:d3: 57:0f:cc:18:94:76:43:14:83:f8:a6:ef:a4:be:cf:d3:ed:c5: fe:76:9c:80:b3:15:7c:5b:c0:19:0d:60:d1:5e:1f:52:f2:f5: 15:d4:46:ef:18:31:bc:fa:fe:7f:a9:48:36:6b:22:25:fe:25: da:ba:57:f8:8b:ca:63:80:fd:08:c4:3c:7c:fc:65:c7:96:5f: 96:ca:4e:0c:52:c2:22:08:3c:75:52:50:40:4c:36:bc:76:64: 84:37:53:9b:07:bd:cf:ca:67:6c:cb:b3:c1:8d:b6:76:c9:95: 91:32:a8:c5:db:41:30:cf:2b:81:67:a5:dc:6e:3b:7c:dc:a9: c2:00:d3:90:c6:77:c5:0f:5b:22:6f:05:ea:d5:19:35:05:56: fd:8c:fe:fb:34:1e:a2:ba:c3:90:9f:83:55:d8:16:41:30:cf: c3:b4:c7:48:2e:2b:87:91:fa:77:c4:aa:3a:87:43:e0:b8:d1: d6:05:e4:ac:19:8e:fa:05:ac:e0:a8:25:e0:65:f1:07:6f:c7: 90:d2:d4:23:ba:12:4c:2d:2f:ff:82:fc:5f:00:57:b8:9e:cd: 9c:06:e9:8d:ce:db:76:0d:04:ca:d7:29:99:64:6d:00:dd:10: 1e:b2:a9:74 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUQP/4lRwfnrB93ZSgje+Qag/ncHYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwMjAwMTAwOVoX DTI2MDczMTIzNTk1OVowejFJMEcGA1UEBRNAZjNmYmI1ZmFjZTU2NmJiYjI2Njk3 NzM1NzM1MmE1NGNiYTUzNmJiZDIxZTVhNGZjNDY0NzNjZmQ0YmI4ZDlhOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2bo0vFy7Mwkiv9B4wyftbycc1xd msFOHDpXe9HynHXio9y44HweTe8bf8frq3Z9Opq9BXOw4VVXjbJC8oi1MaGTKLid AB6uJZEZM07fybolDTwJgIKFekZvbzGy8y3GjvFrbSl6t2VHY3AJiv8NEQiRp1+t sXUgfiP7EdnBUFcnDToYRHvc74KTdn3I6ZT3b249fwi9huNHfxZseSM1taVe5evC gZh8ATKfzo4MH0vhuvEZ6lshHTuVdAewkPUFVxtAubUnXgaMa4IEqyL9FNkn1wjl W/cPbrN46Np8sy+QgbvTQNgVHH+KkQkx70m/lDpwM/9bQSRYhLNUZWLmeQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFBhfvr+oIaoFiJLdtGz/J2ue+KzfMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FlOGVkYTBhLTVlMTctNGZhYi04ZTAxLTBmM2U1NjZlN2U1NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6uDAMA0GCSqGSIb3DQEBCwUAA4IBAQCcrozeidYiSb2BD44R abZcPtNXD8wYlHZDFIP4pu+kvs/T7cX+dpyAsxV8W8AZDWDRXh9S8vUV1EbvGDG8 +v5/qUg2ayIl/iXaulf4i8pjgP0IxDx8/GXHll+Wyk4MUsIiCDx1UlBATDa8dmSE N1ObB73Pymdsy7PBjbZ2yZWRMqjF20EwzyuBZ6Xcbjt83KnCANOQxnfFD1sibwXq 1Rk1BVb9jP77NB6iusOQn4NV2BZBMM/DtMdILiuHkfp3xKo6h0PguNHWBeSsGY76 BazgqCXgZfEHb8eQ0tQjuhJMLS//gvxfAFe4ns2cBumNztt2DQTK1ymZZG0A3RAe sql0 -----END CERTIFICATE-----Generated at Tue May 12 23:26:59 2026 by rpki-client