$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af6b0407-66be-4076-87b3-370d845449ef.roa File: af6b0407-66be-4076-87b3-370d845449ef.roa (raw, json) Hash identifier: bTokMfJC2Y9I5UUplzzWjGYoWTJ3pfDZTekuzgDU2jE= Subject key identifier: 46:F9:11:8C:93:A3:CF:4C:19:05:97:35:FB:5B:5F:55:00:CA:4F:76 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1BFE581572C676885B236151C58366734296045E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af6b0407-66be-4076-87b3-370d845449ef.roa Signing time: Sat 09 May 2026 00:01:32 +0000 ROA not before: Sat 09 May 2026 00:01:32 +0000 ROA not after: Fri 07 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:6040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:fe:58:15:72:c6:76:88:5b:23:61:51:c5:83:66:73:42:96:04:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 9 00:01:32 2026 GMT Not After : Aug 7 23:59:59 2026 GMT Subject: serialNumber=1a3d4e3ba4ce25f5a2d35eec5431054ff98a60592416acc67dc1dd567e04d154, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:45:ff:4b:53:f2:d5:10:47:f2:ac:de:1b:86: 61:93:79:a7:50:6b:64:eb:a9:f5:b4:89:f3:19:ba: 7a:14:63:51:f3:79:0f:5b:c4:c0:56:fc:a1:96:d9: 4c:bf:e8:3a:64:5e:6d:1f:4f:a4:79:da:81:95:a8: 6c:41:08:a7:f7:96:e3:14:43:a9:9f:c4:3c:7c:0a: 3f:a6:94:1e:9c:7b:a9:3f:87:71:44:91:5f:4b:5c: 59:00:3d:0d:76:2f:96:52:e6:c7:54:4d:ef:76:ee: 8e:5f:89:bd:5e:37:07:fa:4f:c6:31:f9:4c:56:3a: 4f:b0:b3:49:73:af:51:f5:ae:39:7b:09:79:50:5a: 55:22:e9:eb:1b:0b:65:86:84:9a:c0:68:21:8b:12: 92:d6:b5:8c:80:ce:c6:cb:d1:b8:af:12:2c:d7:6a: 15:08:0b:a5:44:7e:dd:a0:22:d6:d6:22:bc:0c:57: d5:79:39:d7:d2:0f:7c:51:41:7a:9d:8d:00:70:61: a0:59:cd:d9:9e:ca:20:69:15:cd:60:79:76:34:ee: b6:13:c3:8c:08:91:5b:8d:ab:c9:cf:d1:b9:5c:c5: a7:78:8f:d2:c5:7f:bd:6a:5f:ef:70:a5:95:9f:03: 6c:5e:3d:0e:92:a9:82:2d:d0:58:80:09:5b:e8:d7: c6:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:F9:11:8C:93:A3:CF:4C:19:05:97:35:FB:5B:5F:55:00:CA:4F:76 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/af6b0407-66be-4076-87b3-370d845449ef.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:6040::/48 Signature Algorithm: sha256WithRSAEncryption b0:cd:bc:7a:96:36:e7:33:7b:6e:87:dc:f4:57:74:92:e5:dc: 85:27:61:83:4f:09:23:c8:7b:eb:35:0d:e8:d9:12:98:5f:47: 37:fc:c6:16:85:58:4c:b9:18:85:67:ad:8e:06:b7:b0:ff:8a: 0c:2d:81:ad:b8:80:fa:ee:b8:c0:47:e1:a6:3b:ec:97:74:81: de:37:dc:6a:e4:f9:cc:53:ff:aa:63:55:78:ef:10:03:9d:e0: e7:9f:66:82:94:18:69:7e:30:3f:4f:14:42:07:fc:e4:c0:fd: a4:a8:79:28:a1:0c:ff:45:60:0f:fa:97:e3:80:70:79:5a:dc: a1:10:b8:57:f0:e2:31:85:83:af:dd:50:56:e6:3a:84:cb:fe: 25:f9:74:58:0c:9b:4a:60:11:a5:40:5a:c6:e6:88:62:87:8f: 9e:ef:8a:5f:19:c8:e2:13:0a:8b:e3:41:95:5d:34:db:48:48: 8e:1e:c9:d0:99:92:2a:ba:61:c9:40:a2:c7:df:73:1c:22:ef: 03:ed:33:06:b9:8b:f2:8c:7c:80:e2:b9:e1:71:2a:be:bb:91: fc:81:9d:56:91:d5:87:a4:cf:e9:2d:06:8f:16:18:31:fa:9d: c3:92:6e:17:63:07:30:a6:bb:e0:5a:93:b1:ef:32:11:de:24: ca:eb:70:9c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUG/5YFXLGdohbI2FRxYNmc0KWBF4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwOTAwMDEzMloX DTI2MDgwNzIzNTk1OVowejFJMEcGA1UEBRNAMWEzZDRlM2JhNGNlMjVmNWEyZDM1 ZWVjNTQzMTA1NGZmOThhNjA1OTI0MTZhY2M2N2RjMWRkNTY3ZTA0ZDE1NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4kX/S1Py1RBH8qzeG4Zhk3mnUGtk 66n1tInzGbp6FGNR83kPW8TAVvyhltlMv+g6ZF5tH0+kedqBlahsQQin95bjFEOp n8Q8fAo/ppQenHupP4dxRJFfS1xZAD0Ndi+WUubHVE3vdu6OX4m9XjcH+k/GMflM VjpPsLNJc69R9a45ewl5UFpVIunrGwtlhoSawGghixKS1rWMgM7Gy9G4rxIs12oV CAulRH7doCLW1iK8DFfVeTnX0g98UUF6nY0AcGGgWc3ZnsogaRXNYHl2NO62E8OM CJFbjavJz9G5XMWneI/SxX+9al/vcKWVnwNsXj0OkqmCLdBYgAlb6NfGLQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEb5EYyTo89MGQWXNftbX1UAyk92MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FmNmIwNDA3LTY2YmUtNDA3Ni04N2IzLTM3MGQ4NDU0NDllZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8mBAMA0GCSqGSIb3DQEBCwUAA4IBAQCwzbx6ljbnM3tuh9z0 V3SS5dyFJ2GDTwkjyHvrNQ3o2RKYX0c3/MYWhVhMuRiFZ62OBrew/4oMLYGtuID6 7rjAR+GmO+yXdIHeN9xq5PnMU/+qY1V47xADneDnn2aClBhpfjA/TxRCB/zkwP2k qHkooQz/RWAP+pfjgHB5WtyhELhX8OIxhYOv3VBW5jqEy/4l+XRYDJtKYBGlQFrG 5ohih4+e74pfGcjiEwqL40GVXTTbSEiOHsnQmZIqumHJQKLH33McIu8D7TMGuYvy jHyA4rnhcSq+u5H8gZ1WkdWHpM/pLQaPFhgx+p3Dkm4XYwcwprvgWpOx7zIR3iTK 63Cc -----END CERTIFICATE-----Generated at Wed May 13 00:41:27 2026 by rpki-client