$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d465d18a-2489-488a-92c7-49a70bd65555.roa File: d465d18a-2489-488a-92c7-49a70bd65555.roa (raw, json) Hash identifier: rQ2HYLkWZdiFrE8Fgj3lYT7QAzJ14IysYZLFY0fppN8= Subject key identifier: D8:AC:42:B8:CA:69:E7:A2:67:68:3F:2D:0D:2D:D5:60:94:EE:76:41 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2CC00AE584370DEF546D4BFC1E21A2E039FE3C1F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d465d18a-2489-488a-92c7-49a70bd65555.roa Signing time: Mon 11 May 2026 00:00:32 +0000 ROA not before: Mon 11 May 2026 00:00:32 +0000 ROA not after: Sun 09 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2c:c0:0a:e5:84:37:0d:ef:54:6d:4b:fc:1e:21:a2:e0:39:fe:3c:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 11 00:00:32 2026 GMT Not After : Aug 9 23:59:59 2026 GMT Subject: serialNumber=9c60e9d4e097f9bd3ebe543fca3e532ec2d13e6bb2b009c45fc3b31dfbbe0c0c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:ad:48:97:fa:8a:74:7d:74:0c:59:68:47:80: 4c:1a:b9:d1:90:9f:f3:42:26:1d:0d:e7:13:c0:cc: 82:c8:9a:6d:8d:1e:7c:e7:90:74:fc:5b:21:bb:2a: 34:3c:fe:c2:bc:8e:a5:9e:8a:bf:e5:02:78:bc:ec: 21:72:bc:7d:0b:c6:7e:19:04:38:f5:c8:ee:65:49: f8:1f:4d:1b:9e:56:84:1a:96:70:00:a9:d9:66:d2: 3e:e7:d0:78:b0:1d:10:c9:38:a9:f4:82:e7:38:5d: 82:16:c2:57:42:f0:9a:7b:4a:4f:47:3e:b1:ae:65: 3e:a9:f9:4c:63:bd:a4:82:4b:b6:60:35:33:89:f5: e3:c7:bb:c2:0d:64:65:63:91:49:2b:75:94:2b:8d: 8f:5f:fb:31:66:cd:fc:ca:48:b7:34:10:e8:e3:c8: 08:f5:d2:46:fe:38:a3:da:02:0b:9f:17:f2:50:26: 4e:ab:f0:0c:ba:cf:84:48:ad:16:1e:60:9c:d8:f2: 26:43:05:2c:18:56:d4:5e:3c:4c:6e:f0:60:0f:11: 18:d4:72:fb:96:1d:1b:7e:ec:f7:8a:61:38:d8:f9: 39:db:3a:94:fe:36:41:ba:6c:bb:18:e8:14:9a:66: 9f:f4:2f:df:36:f4:c1:fd:e8:a1:e8:1f:06:3d:5e: ef:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:AC:42:B8:CA:69:E7:A2:67:68:3F:2D:0D:2D:D5:60:94:EE:76:41 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d465d18a-2489-488a-92c7-49a70bd65555.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:840::/48 Signature Algorithm: sha256WithRSAEncryption 57:81:b8:4a:9a:ca:a4:d7:30:f9:fc:51:bd:aa:d2:23:33:3f: d6:65:0a:df:44:68:43:3e:aa:b8:46:ff:3c:ba:19:39:a1:66: ef:3e:6a:bd:ac:38:42:ac:7e:ed:12:53:9d:e8:b8:88:09:44: 34:7b:1d:af:a5:39:54:d9:dc:d3:02:75:49:26:50:cb:7d:06: b7:e5:19:5a:23:bf:e4:e1:7c:5f:b8:b7:6c:5a:99:93:09:4c: d3:55:81:bc:6f:1a:d3:24:7c:da:0b:74:14:e2:0d:c2:17:1c: 57:61:81:96:e1:5b:e5:27:1d:f8:3d:23:fe:3b:4e:98:3d:22: d4:27:e2:aa:e2:72:cc:28:24:68:6e:70:3f:32:ae:99:95:f6: bc:c9:26:39:93:56:e0:df:ca:86:a1:d5:6a:e3:cc:45:b7:af: a3:29:9a:89:bf:10:eb:ac:14:0f:0b:0e:07:29:e8:c1:e8:67: ab:50:45:2a:38:9b:04:c0:bc:04:ec:33:20:71:d5:f9:8c:99: 11:be:b2:f5:53:2e:4d:ce:00:14:46:d4:14:ec:9f:64:d4:10: 82:e7:b8:f0:8b:70:5d:da:ad:b3:fb:45:d4:49:20:b4:60:99: 69:62:c3:50:af:32:cb:2e:e1:44:0b:cc:bf:1e:51:8b:e2:ac: 17:a1:44:7a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIULMAK5YQ3De9UbUv8HiGi4Dn+PB8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMTAwMDAzMloX DTI2MDgwOTIzNTk1OVowejFJMEcGA1UEBRNAOWM2MGU5ZDRlMDk3ZjliZDNlYmU1 NDNmY2EzZTUzMmVjMmQxM2U2YmIyYjAwOWM0NWZjM2IzMWRmYmJlMGMwYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA561Il/qKdH10DFloR4BMGrnRkJ/z QiYdDecTwMyCyJptjR5855B0/Fshuyo0PP7CvI6lnoq/5QJ4vOwhcrx9C8Z+GQQ4 9cjuZUn4H00bnlaEGpZwAKnZZtI+59B4sB0QyTip9ILnOF2CFsJXQvCae0pPRz6x rmU+qflMY72kgku2YDUzifXjx7vCDWRlY5FJK3WUK42PX/sxZs38yki3NBDo48gI 9dJG/jij2gILnxfyUCZOq/AMus+ESK0WHmCc2PImQwUsGFbUXjxMbvBgDxEY1HL7 lh0bfuz3imE42Pk52zqU/jZBumy7GOgUmmaf9C/fNvTB/eih6B8GPV7vlwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFNisQrjKaeeiZ2g/LQ0t1WCU7nZBMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Q0NjVkMThhLTI0ODktNDg4YS05MmM3LTQ5YTcwYmQ2NTU1NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/whAMA0GCSqGSIb3DQEBCwUAA4IBAQBXgbhKmsqk1zD5/FG9 qtIjMz/WZQrfRGhDPqq4Rv88uhk5oWbvPmq9rDhCrH7tElOd6LiICUQ0ex2vpTlU 2dzTAnVJJlDLfQa35RlaI7/k4XxfuLdsWpmTCUzTVYG8bxrTJHzaC3QU4g3CFxxX YYGW4VvlJx34PSP+O06YPSLUJ+Kq4nLMKCRobnA/Mq6Zlfa8ySY5k1bg38qGodVq 48xFt6+jKZqJvxDrrBQPCw4HKejB6GerUEUqOJsEwLwE7DMgcdX5jJkRvrL1Uy5N zgAURtQU7J9k1BCC57jwi3Bd2q2z+0XUSSC0YJlpYsNQrzLLLuFEC8y/HlGL4qwX oUR6 -----END CERTIFICATE-----Generated at Wed May 13 00:39:31 2026 by rpki-client