$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa File: c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa (raw, json) Hash identifier: lxlycVmr3hh/ODf2E89TKRnVodJCy4aw55F2TiPyYIc= Subject key identifier: BB:A1:F1:6E:07:04:47:CA:EE:AE:30:39:38:8B:F3:C0:7B:6F:67:CF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 30AE4CF1297F472C704551D62288BC9F008B75CF Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa Signing time: Sat 09 May 2026 00:00:09 +0000 ROA not before: Sat 09 May 2026 00:00:09 +0000 ROA not after: Fri 07 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:a040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:ae:4c:f1:29:7f:47:2c:70:45:51:d6:22:88:bc:9f:00:8b:75:cf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 9 00:00:09 2026 GMT Not After : Aug 7 23:59:59 2026 GMT Subject: serialNumber=8c8fe427901412cb7b1500066d55b833101c7b65bb31958b871c8ee7b192b88d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:19:b0:f1:8a:03:71:8e:1c:c8:ca:c7:c8:7f: 3a:eb:a9:62:ba:5c:b2:22:bd:ce:aa:e5:65:e7:5d: 23:7a:54:01:61:77:df:cb:cc:39:2a:46:14:ef:31: e6:7a:5b:76:a5:83:eb:1c:96:25:3c:d5:d0:fb:9a: 3f:c1:b5:d9:6d:37:c1:65:4b:4d:3a:f2:9f:80:68: 6a:c8:1e:8b:13:b3:ad:88:4a:8d:fc:fb:b5:d7:1c: f8:3e:c4:4e:bb:89:68:d5:c2:87:1d:00:43:c2:38: 31:db:1c:e5:b7:72:65:0a:96:aa:0c:21:f7:f2:79: 05:c8:c6:45:db:ae:26:56:05:8a:02:32:b0:5b:59: 2e:ba:f3:53:b4:64:10:03:48:08:17:87:bd:0f:7a: 8b:83:69:52:df:94:cd:bb:4d:07:b7:33:4d:54:c5: d9:da:76:31:54:bd:27:a0:6b:f9:c0:40:34:12:25: a1:98:41:8e:2f:5b:41:80:60:e3:cc:f8:70:04:46: e8:32:11:1f:0c:f6:f3:52:ed:fa:97:1b:43:1c:93: bb:c1:76:d2:a8:3b:8c:cc:e3:1d:b4:19:7d:a8:3e: 35:0d:c3:09:19:9e:7f:c8:ce:5a:0d:f9:6a:1a:79: b2:18:01:10:21:8a:3f:e5:af:79:d1:e8:ac:52:83: 8e:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:A1:F1:6E:07:04:47:CA:EE:AE:30:39:38:8B:F3:C0:7B:6F:67:CF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7a1a3eb-46fb-4349-beb4-dbadef907e2b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:a040::/48 Signature Algorithm: sha256WithRSAEncryption 77:42:fe:00:33:ed:49:8c:50:49:5b:10:53:2b:b6:66:12:fd: a2:a8:73:5a:dd:af:b0:17:30:87:82:c9:76:56:1b:ed:33:d1: f8:e4:54:15:41:cc:73:80:d4:84:6e:5b:15:4b:62:2a:5b:30: e6:be:c0:89:75:c7:4d:0f:dc:6c:61:e8:06:c7:2b:89:5c:c4: ac:f6:04:82:ba:08:47:fb:5a:0a:5d:39:68:72:b6:9f:84:77: 5c:c8:23:56:46:98:18:54:d0:ac:9c:94:b6:e2:07:17:65:3c: 03:c0:ef:22:80:d9:df:9e:e2:db:ce:9e:96:4f:e0:c9:d5:47: f4:f4:79:a9:64:cb:4a:82:ca:43:d9:0d:11:bb:30:9f:b6:07: b9:e1:96:d3:3b:0b:f7:31:17:bd:37:88:f5:82:54:3b:bb:5a: ec:6e:af:c9:37:b7:65:10:71:b7:ff:01:2e:94:a6:ff:c7:f5: bc:1b:5f:ab:78:24:b3:8c:67:f2:6e:cd:39:2d:6c:13:10:ff: da:e4:3c:06:d9:a6:e2:33:ac:84:1c:a6:6a:4f:24:35:de:89: 5e:c7:a9:c6:29:f7:a2:4b:f9:68:3f:82:08:60:60:46:e8:b2: 57:8b:f3:d4:fe:4a:79:c5:9d:93:6c:ae:03:0d:84:d0:2b:1c: 4d:de:83:c2 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUMK5M8Sl/RyxwRVHWIoi8nwCLdc8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwOTAwMDAwOVoX DTI2MDgwNzIzNTk1OVowejFJMEcGA1UEBRNAOGM4ZmU0Mjc5MDE0MTJjYjdiMTUw MDA2NmQ1NWI4MzMxMDFjN2I2NWJiMzE5NThiODcxYzhlZTdiMTkyYjg4ZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhmw8YoDcY4cyMrHyH8666liulyy Ir3OquVl510jelQBYXffy8w5KkYU7zHmelt2pYPrHJYlPNXQ+5o/wbXZbTfBZUtN OvKfgGhqyB6LE7OtiEqN/Pu11xz4PsROu4lo1cKHHQBDwjgx2xzlt3JlCpaqDCH3 8nkFyMZF264mVgWKAjKwW1kuuvNTtGQQA0gIF4e9D3qLg2lS35TNu00HtzNNVMXZ 2nYxVL0noGv5wEA0EiWhmEGOL1tBgGDjzPhwBEboMhEfDPbzUu36lxtDHJO7wXbS qDuMzOMdtBl9qD41DcMJGZ5/yM5aDflqGnmyGAEQIYo/5a950eisUoOOuwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLuh8W4HBEfK7q4wOTiL88B7b2fPMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M3YTFhM2ViLTQ2ZmItNDM0OS1iZWI0LWRiYWRlZjkwN2UyYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAKBAMA0GCSqGSIb3DQEBCwUAA4IBAQB3Qv4AM+1JjFBJWxBT K7ZmEv2iqHNa3a+wFzCHgsl2VhvtM9H45FQVQcxzgNSEblsVS2IqWzDmvsCJdcdN D9xsYegGxyuJXMSs9gSCughH+1oKXTlocrafhHdcyCNWRpgYVNCsnJS24gcXZTwD wO8igNnfnuLbzp6WT+DJ1Uf09HmpZMtKgspD2Q0RuzCftge54ZbTOwv3MRe9N4j1 glQ7u1rsbq/JN7dlEHG3/wEulKb/x/W8G1+reCSzjGfybs05LWwTEP/a5DwG2abi M6yEHKZqTyQ13olex6nGKfeiS/loP4IIYGBG6LJXi/PU/kp5xZ2TbK4DDYTQKxxN 3oPC -----END CERTIFICATE-----Generated at Tue May 12 23:31:49 2026 by rpki-client