$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c936087d-df40-4ca4-a8f2-4bf8f6aceb6f.roa File: c936087d-df40-4ca4-a8f2-4bf8f6aceb6f.roa (raw, json) Hash identifier: ifvhpFJV5JgfUchkPBI4QWrwK+qeczCO7Ul9CZAxBp8= Subject key identifier: FE:A6:9D:0A:B7:A9:72:C7:AB:89:CC:67:1A:45:2D:87:1F:C4:F7:49 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7356761AA17842212A7469322E9AA80511507DAD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c936087d-df40-4ca4-a8f2-4bf8f6aceb6f.roa Signing time: Mon 11 May 2026 00:30:31 +0000 ROA not before: Mon 11 May 2026 00:30:31 +0000 ROA not after: Sun 09 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:9080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:56:76:1a:a1:78:42:21:2a:74:69:32:2e:9a:a8:05:11:50:7d:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 11 00:30:31 2026 GMT Not After : Aug 9 23:59:59 2026 GMT Subject: serialNumber=a2962d783e2129a4828324b861b0a4d3b419b30473064942dfb85b6a6c20fc5b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:b2:c5:c7:56:73:2d:d4:a9:e6:e7:7e:01:d7: a5:7a:0a:dc:67:b7:07:8d:a8:e6:e2:2f:b6:30:15: 73:56:c8:0d:dd:43:3a:22:81:e5:e4:a6:3e:de:d8: 2c:23:75:ef:dc:7d:e7:ad:b2:0d:79:d3:ca:80:40: b0:08:ee:15:60:bf:08:a1:b7:dd:4a:74:80:2f:e6: 8f:d9:cf:c2:79:a7:ed:63:53:ce:e1:44:58:33:67: b1:a8:4d:03:e6:ce:59:73:aa:0a:d1:90:69:b7:f4: a5:44:97:79:f5:76:76:ef:53:7c:4b:79:d3:cf:08: 4f:ff:68:fc:7b:3c:2f:6b:b6:fd:75:2c:de:65:ce: 2a:d1:78:ea:8b:41:87:33:2c:25:c9:dd:f5:6c:e6: b5:50:bd:24:1c:5d:ad:f0:02:7a:28:6f:52:af:8d: a0:1e:bd:b6:ba:ba:bb:7d:01:a6:1d:b4:d8:af:ac: 42:06:ed:b2:30:d7:59:8d:11:c0:53:8b:19:02:24: d4:81:2e:f6:52:4f:17:f6:88:d3:d9:75:ad:78:aa: c0:71:36:c8:a5:92:5f:4d:5e:d2:4b:78:d7:fe:9a: da:52:56:d6:36:6b:2c:e1:c6:70:9b:25:8c:e1:a6: 2d:4f:43:47:f7:e1:bc:20:79:22:23:a2:45:61:3d: ae:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:A6:9D:0A:B7:A9:72:C7:AB:89:CC:67:1A:45:2D:87:1F:C4:F7:49 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c936087d-df40-4ca4-a8f2-4bf8f6aceb6f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:9080::/48 Signature Algorithm: sha256WithRSAEncryption cb:c1:dd:21:e6:70:3b:58:f9:70:a9:05:71:97:d7:90:31:8a: 0d:2e:e3:07:b4:24:8d:94:55:3b:d1:79:81:4a:a2:7f:74:33: 84:a8:a6:44:ac:ce:fb:d4:e1:88:54:5f:c5:de:50:fb:30:d7: e4:78:16:b3:d0:c3:06:5f:ee:24:5f:78:b9:41:ce:73:ce:d5: be:8d:7d:85:16:82:d0:b5:8f:9d:7a:e0:d7:1c:b9:cd:50:f9: 3f:49:7e:a6:2d:7e:6b:64:db:96:69:b6:10:a3:5d:ce:f7:e2: e0:ca:28:bb:49:d4:5a:ad:97:df:9a:de:a7:e0:8e:10:79:f9: fa:6b:fd:f9:36:18:5c:53:ff:0d:8c:94:6d:e8:1a:c5:a0:4e: cc:a8:99:3e:a1:3c:af:40:cb:fa:16:ec:fe:9e:17:ac:1d:c1: cb:07:94:d4:f2:3d:24:b1:42:0a:ea:a7:55:00:9f:1c:cf:81: 2d:3a:0a:0b:f8:c9:c0:bb:99:22:58:13:8a:ab:cf:95:e3:69: 73:d0:91:18:1c:9a:47:47:12:71:fa:9e:d3:93:21:b4:e7:bd: 2e:86:52:71:5e:0e:83:8a:bb:da:51:93:70:1d:88:5a:f0:5f: 0b:58:98:a6:f2:f0:8b:82:9e:d3:0e:e5:6c:5f:8e:b2:1a:59: 1d:50:82:82 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUc1Z2GqF4QiEqdGkyLpqoBRFQfa0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMTAwMzAzMVoX DTI2MDgwOTIzNTk1OVowejFJMEcGA1UEBRNAYTI5NjJkNzgzZTIxMjlhNDgyODMy NGI4NjFiMGE0ZDNiNDE5YjMwNDczMDY0OTQyZGZiODViNmE2YzIwZmM1YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA47LFx1ZzLdSp5ud+AdelegrcZ7cH jajm4i+2MBVzVsgN3UM6IoHl5KY+3tgsI3Xv3H3nrbINedPKgECwCO4VYL8Iobfd SnSAL+aP2c/CeaftY1PO4URYM2exqE0D5s5Zc6oK0ZBpt/SlRJd59XZ271N8S3nT zwhP/2j8ezwva7b9dSzeZc4q0Xjqi0GHMywlyd31bOa1UL0kHF2t8AJ6KG9Sr42g Hr22urq7fQGmHbTYr6xCBu2yMNdZjRHAU4sZAiTUgS72Uk8X9ojT2XWteKrAcTbI pZJfTV7SS3jX/praUlbWNmss4cZwmyWM4aYtT0NH9+G8IHkiI6JFYT2uGwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFP6mnQq3qXLHq4nMZxpFLYcfxPdJMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M5MzYwODdkLWRmNDAtNGNhNC1hOGYyLTRiZjhmNmFjZWI2Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8pCAMA0GCSqGSIb3DQEBCwUAA4IBAQDLwd0h5nA7WPlwqQVx l9eQMYoNLuMHtCSNlFU70XmBSqJ/dDOEqKZErM771OGIVF/F3lD7MNfkeBaz0MMG X+4kX3i5Qc5zztW+jX2FFoLQtY+deuDXHLnNUPk/SX6mLX5rZNuWabYQo13O9+Lg yii7SdRarZffmt6n4I4Qefn6a/35NhhcU/8NjJRt6BrFoE7MqJk+oTyvQMv6Fuz+ nhesHcHLB5TU8j0ksUIK6qdVAJ8cz4EtOgoL+MnAu5kiWBOKq8+V42lz0JEYHJpH RxJx+p7TkyG0570uhlJxXg6DirvaUZNwHYha8F8LWJim8vCLgp7TDuVsX46yGlkd UIKC -----END CERTIFICATE-----Generated at Tue May 12 23:27:06 2026 by rpki-client