$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af3e8a2e-2999-462f-aabd-2ff72d325f5c.roa File: af3e8a2e-2999-462f-aabd-2ff72d325f5c.roa (raw, json) Hash identifier: lwuz0kpT4gg49RAKgrpDc700iDrV7rSImEKf1jDZ5j0= Subject key identifier: 8D:45:EF:DE:08:6A:36:67:8E:77:5A:AC:8D:9B:09:B3:DE:CE:53:68 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4995075A81D053D849F1772E8DCA14DA1F68A445 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af3e8a2e-2999-462f-aabd-2ff72d325f5c.roa Signing time: Sat 09 May 2026 00:00:04 +0000 ROA not before: Sat 09 May 2026 00:00:04 +0000 ROA not after: Fri 07 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:e040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:95:07:5a:81:d0:53:d8:49:f1:77:2e:8d:ca:14:da:1f:68:a4:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 9 00:00:04 2026 GMT Not After : Aug 7 23:59:59 2026 GMT Subject: serialNumber=c773d80f1d8755c6c4889db99ad4667338b5af29bf815d36c70284b6cd3a3af1, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:5e:d2:f0:7f:c4:36:74:37:42:01:7b:02:04: d8:2a:42:12:b7:38:c6:b6:4d:63:54:9c:ce:c3:db: f5:da:91:15:4b:d1:67:05:ad:d0:70:50:2b:ea:ad: 3b:83:15:28:48:d9:98:f4:11:54:ff:59:1c:a6:49: 1c:71:e3:f6:1e:cd:f4:07:5d:d2:da:6d:ca:a5:f7: d5:cc:84:e8:aa:4e:ac:a2:42:4f:8c:c2:93:27:2f: 84:53:42:56:1f:08:29:c2:c1:8f:49:ef:a7:b5:10: af:ab:5e:f3:12:e1:47:5f:5a:84:c9:fe:53:35:1f: d4:9b:d3:db:9f:8b:74:18:c9:f5:81:ff:7b:16:b9: 47:e8:6a:34:0f:d5:61:48:58:6b:8c:c9:45:69:d5: c6:05:7d:cb:52:62:ad:dc:76:14:97:d8:7b:76:93: 1b:4f:27:17:f2:8c:a0:f1:45:59:36:b4:f2:b9:51: f0:bd:d1:e2:db:41:5b:9f:c3:ba:25:5f:40:e6:e7: bc:be:d0:62:66:2b:31:2e:44:80:2f:5d:b4:06:dd: 0c:47:79:5e:d6:37:94:82:e1:4e:28:a6:f0:b0:fe: 58:07:e4:fb:5e:f8:3f:d6:f7:80:c4:b4:f3:d9:6d: 73:bf:6a:e0:1d:50:63:f6:0b:81:b6:fe:a1:02:26: 34:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:45:EF:DE:08:6A:36:67:8E:77:5A:AC:8D:9B:09:B3:DE:CE:53:68 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af3e8a2e-2999-462f-aabd-2ff72d325f5c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:e040::/48 Signature Algorithm: sha256WithRSAEncryption 18:29:2b:95:3a:83:67:10:4e:85:7a:78:ea:54:ae:32:4e:4a: 7c:84:54:e1:61:79:cb:4e:f5:61:85:72:f8:ae:e6:4d:e1:52: 17:2a:72:a3:67:ca:90:ad:87:09:c1:df:c4:58:80:67:b7:16: a0:94:17:f9:90:31:b2:ef:4b:23:31:cc:ba:3c:28:a8:28:8c: 3f:86:70:b2:a8:c9:71:9a:41:c0:47:7a:71:6a:06:8a:9e:de: 74:4e:6b:3a:c5:0d:e0:45:56:f7:ab:52:3d:41:55:2b:2c:00: 63:6a:98:ac:3b:6d:0f:97:b7:99:bc:00:4a:9b:81:84:51:28: ae:83:78:87:4c:d5:55:97:a9:4a:e5:28:66:8a:2c:28:05:d5: 93:fb:51:8f:b1:e4:70:38:42:af:56:23:2a:48:9d:40:c2:0a: 05:ee:64:d7:e8:10:cd:d0:a5:ff:8d:98:d7:e9:7e:64:89:68: d6:91:c8:f7:24:06:db:70:ae:ff:e4:4a:21:cd:6f:89:0b:07: 3d:3b:4c:d7:dc:be:c3:ef:49:ab:f6:84:66:dd:58:b4:65:24: 4b:f3:c7:ff:5a:6e:7a:af:68:59:12:3c:f1:e8:44:52:71:09: 45:bb:bf:76:06:da:9c:6b:c2:ba:f2:5e:7e:d7:08:e3:a0:b6: f4:f3:59:17 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUSZUHWoHQU9hJ8XcujcoU2h9opEUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwOTAwMDAwNFoX DTI2MDgwNzIzNTk1OVowejFJMEcGA1UEBRNAYzc3M2Q4MGYxZDg3NTVjNmM0ODg5 ZGI5OWFkNDY2NzMzOGI1YWYyOWJmODE1ZDM2YzcwMjg0YjZjZDNhM2FmMTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxl7S8H/ENnQ3QgF7AgTYKkIStzjG tk1jVJzOw9v12pEVS9FnBa3QcFAr6q07gxUoSNmY9BFU/1kcpkkcceP2Hs30B13S 2m3KpffVzIToqk6sokJPjMKTJy+EU0JWHwgpwsGPSe+ntRCvq17zEuFHX1qEyf5T NR/Um9Pbn4t0GMn1gf97FrlH6Go0D9VhSFhrjMlFadXGBX3LUmKt3HYUl9h7dpMb TycX8oyg8UVZNrTyuVHwvdHi20Fbn8O6JV9A5ue8vtBiZisxLkSAL120Bt0MR3le 1jeUguFOKKbwsP5YB+T7Xvg/1veAxLTz2W1zv2rgHVBj9guBtv6hAiY0hwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFI1F794IajZnjndarI2bCbPezlNoMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FmM2U4YTJlLTI5OTktNDYyZi1hYWJkLTJmZjcyZDMyNWY1Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYeBAMA0GCSqGSIb3DQEBCwUAA4IBAQAYKSuVOoNnEE6Fenjq VK4yTkp8hFThYXnLTvVhhXL4ruZN4VIXKnKjZ8qQrYcJwd/EWIBntxaglBf5kDGy 70sjMcy6PCioKIw/hnCyqMlxmkHAR3pxagaKnt50Tms6xQ3gRVb3q1I9QVUrLABj apisO20Pl7eZvABKm4GEUSiug3iHTNVVl6lK5ShmiiwoBdWT+1GPseRwOEKvViMq SJ1AwgoF7mTX6BDN0KX/jZjX6X5kiWjWkcj3JAbbcK7/5EohzW+JCwc9O0zX3L7D 70mr9oRm3Vi0ZSRL88f/Wm56r2hZEjzx6ERScQlFu792Btqca8K68l5+1wjjoLb0 81kX -----END CERTIFICATE-----Generated at Tue May 12 23:38:33 2026 by rpki-client