$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c8ec6c99-ca91-484d-ab88-05d1d618b206.roa File: c8ec6c99-ca91-484d-ab88-05d1d618b206.roa (raw, json) Hash identifier: yQoaRwfOlvZIFXeR+8yhMjz5Hf2XRLbv1Ur7wwPtu8Q= Subject key identifier: 27:5A:D1:D5:65:6D:08:4F:15:D5:BD:F2:3D:47:9B:01:FE:B5:7B:F9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 1A4CBD4FACA4DF5CD6A3CA695B0906C924B98203 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c8ec6c99-ca91-484d-ab88-05d1d618b206.roa Signing time: Sat 09 May 2026 00:10:03 +0000 ROA not before: Sat 09 May 2026 00:10:03 +0000 ROA not after: Fri 07 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:6080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:4c:bd:4f:ac:a4:df:5c:d6:a3:ca:69:5b:09:06:c9:24:b9:82:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 9 00:10:03 2026 GMT Not After : Aug 7 23:59:59 2026 GMT Subject: serialNumber=1fe5559c0dea77e844ca374e9e4608d99c977446df99f84003d9083fff1fdc19, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:a7:10:2e:f4:c3:53:da:1c:81:0b:83:0d:69: 97:f6:7b:39:30:21:4e:77:96:22:80:2a:8b:9e:4c: 55:6c:29:bd:e6:d9:fc:57:e6:5a:18:c1:80:65:f7: a3:10:20:c2:f7:a3:18:7c:38:17:56:9d:3c:46:f1: 4e:87:1c:64:b7:63:f7:1c:da:0f:b7:20:d4:7c:e0: 77:b7:04:2f:e3:2d:dd:a3:fd:b1:d0:4b:24:8b:5e: 64:17:65:4c:82:25:52:6f:8b:18:68:d6:77:9e:f0: 7a:39:2b:4c:56:75:e7:a2:9e:2a:da:68:e0:16:09: f1:62:f5:75:e1:c5:34:cb:61:e8:7c:ed:5a:f6:01: 5c:18:f2:c0:74:64:ab:b2:76:95:61:79:c3:86:36: 5b:be:3d:d7:dc:35:5d:d4:dc:76:1d:bf:4e:de:7e: c7:5c:f4:11:c9:f0:78:34:32:44:a9:d3:92:cc:cc: 64:10:cc:df:e3:79:87:15:96:0a:0b:d6:49:21:ec: 92:22:5f:3d:b4:86:50:7f:b3:a5:3e:51:d1:33:6e: f3:a3:8f:02:1e:f2:be:b5:32:09:8d:2a:c1:8e:62: 0e:f7:dc:93:7b:b4:78:05:83:4b:ff:2f:8f:7a:e9: 45:09:57:c0:53:8f:c6:12:d3:6c:21:79:22:3a:e2: 6e:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:5A:D1:D5:65:6D:08:4F:15:D5:BD:F2:3D:47:9B:01:FE:B5:7B:F9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c8ec6c99-ca91-484d-ab88-05d1d618b206.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:6080::/48 Signature Algorithm: sha256WithRSAEncryption 8d:76:73:b0:63:91:ab:19:5d:1e:ba:99:32:31:b5:b8:8a:5f: 4b:68:3c:c9:0d:f7:ee:4a:b0:28:74:b2:8c:e5:a8:ed:c1:11: 55:cd:c2:a3:6a:74:5c:c6:87:95:b8:53:53:86:1d:01:5d:04: 76:71:a5:85:b2:41:57:d5:d5:cb:17:e6:52:70:73:93:a3:10: e3:ec:80:ec:1a:d7:d4:75:ef:ce:41:37:82:13:f6:14:57:54: d8:90:46:4e:31:e9:22:f5:ba:63:0a:09:d6:7f:bd:68:bc:36: ca:c0:b5:34:fc:83:11:fb:a5:0e:9e:71:8d:9d:54:e2:19:e2: 03:57:26:f5:b1:dc:f5:28:23:d7:24:66:7f:49:da:58:fd:ed: 79:a3:ef:37:7e:5b:50:db:3f:99:8c:0a:08:d5:71:fc:31:67: ba:f6:91:a9:4b:52:66:58:8b:09:a4:da:2d:50:c9:16:e9:21: 2b:47:3d:2e:19:d5:f5:9d:df:5a:dc:19:2f:6c:e1:cd:7e:0b: b0:4a:b1:48:35:63:e8:62:91:60:b5:d7:96:d5:2a:7b:35:af: 00:fe:85:a3:ea:a4:3e:e1:1a:b1:1c:c1:bd:24:71:0f:8d:b6: ec:6c:8d:e6:d7:f7:be:1d:22:2d:46:92:de:ba:b5:3f:b5:b1: 0d:16:95:9c -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUGky9T6yk31zWo8ppWwkGySS5ggMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwOTAwMTAwM1oX DTI2MDgwNzIzNTk1OVowejFJMEcGA1UEBRNAMWZlNTU1OWMwZGVhNzdlODQ0Y2Ez NzRlOWU0NjA4ZDk5Yzk3NzQ0NmRmOTlmODQwMDNkOTA4M2ZmZjFmZGMxOTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqcQLvTDU9ocgQuDDWmX9ns5MCFO d5YigCqLnkxVbCm95tn8V+ZaGMGAZfejECDC96MYfDgXVp08RvFOhxxkt2P3HNoP tyDUfOB3twQv4y3do/2x0Eski15kF2VMgiVSb4sYaNZ3nvB6OStMVnXnop4q2mjg FgnxYvV14cU0y2HofO1a9gFcGPLAdGSrsnaVYXnDhjZbvj3X3DVd1Nx2Hb9O3n7H XPQRyfB4NDJEqdOSzMxkEMzf43mHFZYKC9ZJIeySIl89tIZQf7OlPlHRM27zo48C HvK+tTIJjSrBjmIO99yTe7R4BYNL/y+PeulFCVfAU4/GEtNsIXkiOuJuNwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFCda0dVlbQhPFdW98j1HmwH+tXv5MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M4ZWM2Yzk5LWNhOTEtNDg0ZC1hYjg4LTA1ZDFkNjE4YjIwNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYWCAMA0GCSqGSIb3DQEBCwUAA4IBAQCNdnOwY5GrGV0eupky MbW4il9LaDzJDffuSrAodLKM5ajtwRFVzcKjanRcxoeVuFNThh0BXQR2caWFskFX 1dXLF+ZScHOToxDj7IDsGtfUde/OQTeCE/YUV1TYkEZOMeki9bpjCgnWf71ovDbK wLU0/IMR+6UOnnGNnVTiGeIDVyb1sdz1KCPXJGZ/SdpY/e15o+83fltQ2z+ZjAoI 1XH8MWe69pGpS1JmWIsJpNotUMkW6SErRz0uGdX1nd9a3BkvbOHNfguwSrFINWPo YpFgtdeW1Sp7Na8A/oWj6qQ+4RqxHMG9JHEPjbbsbI3m1/e+HSItRpLeurU/tbEN FpWc -----END CERTIFICATE-----Generated at Tue May 12 23:26:07 2026 by rpki-client