$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c21db1e2-4057-478d-a690-5baf74d3b413.roa File: c21db1e2-4057-478d-a690-5baf74d3b413.roa (raw, json) Hash identifier: /c5LmFxaKdznxTU1BFVt31uLVjMheXG9u5bZWVF55do= Subject key identifier: D7:1F:08:77:02:DD:9F:3E:D1:AE:CB:FC:A8:3F:8B:1A:F3:47:B0:A7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4814E4390A798B2E1186EE3A477C8B5948465B16 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c21db1e2-4057-478d-a690-5baf74d3b413.roa Signing time: Sat 02 May 2026 00:11:03 +0000 ROA not before: Sat 02 May 2026 00:11:03 +0000 ROA not after: Fri 31 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daea:f040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:14:e4:39:0a:79:8b:2e:11:86:ee:3a:47:7c:8b:59:48:46:5b:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:11:03 2026 GMT Not After : Jul 31 23:59:59 2026 GMT Subject: serialNumber=f340e6ce51967acf7bc826cb66138586d769781b144b26108c4141f1ee8f5e3f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:b9:0c:2a:a4:8f:09:b2:16:26:e7:bd:21:66: 80:83:fe:6d:8e:62:b5:2a:6c:6a:cc:5d:e3:5b:0f: 3b:fb:c0:25:a9:f6:27:ff:69:c7:e6:61:2f:f6:67: 51:5d:cc:af:fc:ae:7d:33:6e:27:7b:d4:2d:61:82: 4c:27:41:98:11:1e:92:53:49:73:bf:72:b3:ef:30: 7b:b8:41:e4:04:ab:d9:f3:ea:4f:ba:00:6a:3b:63: 06:02:5b:80:e7:76:59:12:7f:fa:38:87:90:f5:fd: 0e:cf:69:69:17:9a:e4:e4:04:e1:cf:4c:41:ed:d3: 52:f4:13:ae:ce:59:94:96:fd:94:a8:fc:0f:5c:77: 5f:b4:f9:22:3f:ba:1b:8f:a3:f8:9d:7e:2d:78:94: 29:14:a7:0b:ad:dd:26:f8:46:a6:a5:92:3d:8d:33: 84:b8:b4:1c:31:5f:f9:b0:06:30:4c:03:aa:62:65: af:1f:90:07:9c:84:1e:ad:bb:50:f8:83:6e:e9:c5: 49:92:72:94:16:61:7e:c0:58:11:10:2e:d1:59:0d: 58:90:90:dd:f2:d2:d5:79:5d:8c:e2:64:d9:5f:bd: 90:07:ce:3d:35:3a:bd:02:84:9e:2c:15:df:29:ef: 2b:3b:97:35:ae:bd:ad:26:3c:02:eb:73:46:ff:47: 6b:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:1F:08:77:02:DD:9F:3E:D1:AE:CB:FC:A8:3F:8B:1A:F3:47:B0:A7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c21db1e2-4057-478d-a690-5baf74d3b413.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daea:f040::/48 Signature Algorithm: sha256WithRSAEncryption a7:ec:34:87:b1:80:32:42:d3:4d:84:62:e3:d8:d4:e5:f6:71: e1:1b:1d:76:99:7a:62:63:a8:0b:80:66:63:b7:65:43:68:fb: 63:ac:63:fe:b2:ad:a2:db:19:90:bf:42:e6:b3:b6:a6:02:59: 48:14:8c:b4:74:b6:ff:08:0f:09:43:6c:9c:02:f1:ed:48:41: 32:b8:de:92:55:d5:b8:47:ad:16:a2:f1:0e:07:3a:3c:31:b8: 32:bc:30:1d:67:22:c7:f4:10:f8:f9:de:90:ba:b8:a1:64:c8: 74:b4:e6:c9:14:34:b4:ee:17:c7:b9:2a:e3:c1:64:20:38:f1: a1:e1:5d:85:4f:b1:bc:07:c6:89:6d:85:b7:22:71:c2:07:da: ab:aa:66:7b:5a:89:b8:f7:ef:f8:19:27:e8:99:0d:ca:6e:ce: 54:9f:68:03:5c:98:7d:21:d7:43:1a:1f:2a:01:19:89:62:d8: 1c:7d:94:3f:10:98:ab:6b:0e:0c:be:29:15:db:da:f4:25:c7: 50:a8:4e:c1:d8:24:53:0b:df:e9:66:38:6a:26:3b:b8:02:b9: ec:13:74:f7:07:20:e0:00:52:f8:d3:6e:74:09:4a:2a:f4:b9: 8b:1f:e0:b4:48:2f:5d:67:b0:e3:e1:7f:eb:f0:1f:76:f1:fd: 33:a8:43:bb -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUSBTkOQp5iy4Rhu46R3yLWUhGWxYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwMjAwMTEwM1oX DTI2MDczMTIzNTk1OVowejFJMEcGA1UEBRNAZjM0MGU2Y2U1MTk2N2FjZjdiYzgy NmNiNjYxMzg1ODZkNzY5NzgxYjE0NGIyNjEwOGM0MTQxZjFlZThmNWUzZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrkMKqSPCbIWJue9IWaAg/5tjmK1 KmxqzF3jWw87+8AlqfYn/2nH5mEv9mdRXcyv/K59M24ne9QtYYJMJ0GYER6SU0lz v3Kz7zB7uEHkBKvZ8+pPugBqO2MGAluA53ZZEn/6OIeQ9f0Oz2lpF5rk5AThz0xB 7dNS9BOuzlmUlv2UqPwPXHdftPkiP7obj6P4nX4teJQpFKcLrd0m+EampZI9jTOE uLQcMV/5sAYwTAOqYmWvH5AHnIQerbtQ+INu6cVJknKUFmF+wFgREC7RWQ1YkJDd 8tLVeV2M4mTZX72QB849NTq9AoSeLBXfKe8rO5c1rr2tJjwC63NG/0drCQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNcfCHcC3Z8+0a7L/Kg/ixrzR7CnMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2MyMWRiMWUyLTQwNTctNDc4ZC1hNjkwLTViYWY3NGQzYjQxMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6vBAMA0GCSqGSIb3DQEBCwUAA4IBAQCn7DSHsYAyQtNNhGLj 2NTl9nHhGx12mXpiY6gLgGZjt2VDaPtjrGP+sq2i2xmQv0Lms7amAllIFIy0dLb/ CA8JQ2ycAvHtSEEyuN6SVdW4R60WovEOBzo8MbgyvDAdZyLH9BD4+d6QurihZMh0 tObJFDS07hfHuSrjwWQgOPGh4V2FT7G8B8aJbYW3InHCB9qrqmZ7Wom49+/4GSfo mQ3Kbs5Un2gDXJh9IddDGh8qARmJYtgcfZQ/EJiraw4MvikV29r0JcdQqE7B2CRT C9/pZjhqJju4ArnsE3T3ByDgAFL40250CUoq9LmLH+C0SC9dZ7Dj4X/r8B928f0z qEO7 -----END CERTIFICATE-----Generated at Tue May 12 23:34:06 2026 by rpki-client