$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d3bae790-01d7-4b6e-a0f0-9305bcbd4a37.roa File: d3bae790-01d7-4b6e-a0f0-9305bcbd4a37.roa (raw, json) Hash identifier: uto8yN5WyiDRNrN3GEisYV9b4xkvEVUT1I0UkZRlkSE= Subject key identifier: BE:5F:26:22:6A:1C:58:10:5F:C0:E4:5F:4F:C7:28:39:D8:98:76:BA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 160C3BF6DAF85D1ED7894BF09C0046F9C6B9583A Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d3bae790-01d7-4b6e-a0f0-9305bcbd4a37.roa Signing time: Tue 12 May 2026 00:11:09 +0000 ROA not before: Tue 12 May 2026 00:11:09 +0000 ROA not after: Mon 10 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:4000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:0c:3b:f6:da:f8:5d:1e:d7:89:4b:f0:9c:00:46:f9:c6:b9:58:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 12 00:11:09 2026 GMT Not After : Aug 10 23:59:59 2026 GMT Subject: serialNumber=4c61dbc09f03a6f39f42d291b0fcac550f418067a21839f698d563d988d15be2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:4b:00:db:0f:66:96:a8:61:47:9b:88:3e:12: d1:c5:54:bf:5e:70:00:7f:ab:0c:d2:34:5e:30:30: cb:94:1d:21:4e:03:a5:66:5d:e6:04:2b:89:39:8c: ff:a0:21:dd:67:41:ef:73:c6:30:ff:35:70:7e:42: 43:5d:c5:e0:e4:ff:e2:d5:22:f1:f3:02:e8:e4:c7: 4f:de:58:20:ca:29:4a:d6:bd:c4:04:7d:da:56:bb: 83:48:03:e5:85:66:35:b3:11:e5:a0:0d:a2:1e:5f: fd:ae:84:4e:fb:a0:0a:5b:4f:b4:fe:6c:d5:af:27: 81:41:2e:53:51:37:c6:dc:8c:e6:87:96:fc:77:97: d5:9a:28:1e:cc:70:24:db:78:9e:9e:3b:ab:c9:3c: f0:b2:86:30:ab:4c:22:62:cf:1f:01:7e:fe:5e:dc: 34:4f:08:a4:83:01:8f:88:1f:27:0d:7b:92:22:45: ab:81:73:6c:82:16:58:1b:14:72:2d:f6:f3:3a:44: f9:66:1e:d6:05:17:e8:da:f3:fd:68:f9:cf:f4:33: f0:a5:01:99:e4:f6:7d:0b:2a:2a:f2:7a:20:32:ea: 87:4b:b1:04:01:d6:57:59:87:8a:81:5b:73:d1:6e: 4f:c1:aa:b1:df:c4:65:90:e8:33:80:0e:1c:ed:30: f1:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:5F:26:22:6A:1C:58:10:5F:C0:E4:5F:4F:C7:28:39:D8:98:76:BA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d3bae790-01d7-4b6e-a0f0-9305bcbd4a37.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:4000::/40 Signature Algorithm: sha256WithRSAEncryption 09:b8:e6:87:59:44:10:d8:b1:f0:3b:c2:b2:3a:de:1b:cd:61: fc:7b:fa:b5:b8:76:3a:73:de:a9:79:05:bd:27:34:04:40:9f: 53:42:5e:b3:dd:f8:57:b5:1d:f6:fc:73:78:07:b8:77:4c:42: cd:d9:40:31:ed:8e:8a:1b:90:c1:1a:d0:61:99:52:28:ea:37: 69:d9:ac:fe:80:34:be:9d:d3:6a:ae:92:81:7c:27:93:a2:2a: 15:48:54:1b:94:4e:02:c5:ad:ac:93:d8:18:0f:0a:c6:87:20: e5:85:3a:e6:94:5a:22:d9:57:9a:fc:a1:6c:71:03:d9:f1:6a: 13:60:81:8d:ed:31:c6:5f:44:4d:3e:d6:5e:02:25:9b:aa:36: d7:cd:d7:cb:36:b3:a1:91:85:c8:7e:ee:56:78:01:82:d6:3e: 0b:9c:48:46:13:e1:a8:5d:7d:93:d3:4f:04:df:23:b9:1b:fd: 7e:5d:65:9d:b6:46:a9:68:97:86:e7:bf:c3:21:bd:42:0f:a5: 12:f2:b1:f5:15:62:c3:ea:63:f9:3e:63:2b:32:4c:d3:54:da: d6:a7:54:bd:89:24:63:f3:eb:60:a0:31:22:d9:e8:f2:56:5b: 92:76:25:9d:de:64:20:60:40:d3:89:bd:08:3f:4d:39:da:72: d3:64:e5:e9 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFgw79tr4XR7XiUvwnABG+ca5WDowDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMjAwMTEwOVoX DTI2MDgxMDIzNTk1OVowejFJMEcGA1UEBRNANGM2MWRiYzA5ZjAzYTZmMzlmNDJk MjkxYjBmY2FjNTUwZjQxODA2N2EyMTgzOWY2OThkNTYzZDk4OGQxNWJlMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UsA2w9mlqhhR5uIPhLRxVS/XnAA f6sM0jReMDDLlB0hTgOlZl3mBCuJOYz/oCHdZ0Hvc8Yw/zVwfkJDXcXg5P/i1SLx 8wLo5MdP3lggyilK1r3EBH3aVruDSAPlhWY1sxHloA2iHl/9roRO+6AKW0+0/mzV ryeBQS5TUTfG3Izmh5b8d5fVmigezHAk23ienjuryTzwsoYwq0wiYs8fAX7+Xtw0 TwikgwGPiB8nDXuSIkWrgXNsghZYGxRyLfbzOkT5Zh7WBRfo2vP9aPnP9DPwpQGZ 5PZ9Cyoq8nogMuqHS7EEAdZXWYeKgVtz0W5Pwaqx38RlkOgzgA4c7TDxGQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFL5fJiJqHFgQX8DkX0/HKDnYmHa6MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QzYmFlNzkwLTAxZDctNGI2ZS1hMGYwLTkzMDViY2JkNGEzNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaAEAwDQYJKoZIhvcNAQELBQADggEBAAm45odZRBDYsfA7wrI6 3hvNYfx7+rW4djpz3ql5Bb0nNARAn1NCXrPd+Fe1Hfb8c3gHuHdMQs3ZQDHtjoob kMEa0GGZUijqN2nZrP6ANL6d02qukoF8J5OiKhVIVBuUTgLFrayT2BgPCsaHIOWF OuaUWiLZV5r8oWxxA9nxahNggY3tMcZfRE0+1l4CJZuqNtfN18s2s6GRhch+7lZ4 AYLWPgucSEYT4ahdfZPTTwTfI7kb/X5dZZ22Rqlol4bnv8MhvUIPpRLysfUVYsPq Y/k+YysyTNNU2tanVL2JJGPz62CgMSLZ6PJWW5J2JZ3eZCBgQNOJvQg/TTnactNk 5ek= -----END CERTIFICATE-----Generated at Tue May 12 23:42:03 2026 by rpki-client