$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd3d6020-be78-46ca-9b8a-63fdbfc9da9b.roa File: dd3d6020-be78-46ca-9b8a-63fdbfc9da9b.roa (raw, json) Hash identifier: 22oW3NB4KrgKFcWROLP+U5c+u9pVSXdOuqUuLnycZh8= Subject key identifier: 52:F2:58:65:C7:CF:2B:AF:9B:6F:EC:EA:14:86:B3:66:CB:B8:4F:A1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0A468D0440411F589B9D332A579F50D38D77A438 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd3d6020-be78-46ca-9b8a-63fdbfc9da9b.roa Signing time: Sat 02 May 2026 00:11:04 +0000 ROA not before: Sat 02 May 2026 00:11:04 +0000 ROA not after: Fri 31 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf5:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:46:8d:04:40:41:1f:58:9b:9d:33:2a:57:9f:50:d3:8d:77:a4:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:11:04 2026 GMT Not After : Jul 31 23:59:59 2026 GMT Subject: serialNumber=d3aaeb423c2136fa52f2f95430eaa3ce9c4b818b38a8e815746d1d485117a881, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:d0:13:ff:45:66:2e:2d:93:54:cd:ee:88:7e: 1c:9d:0d:19:e4:e0:b5:fd:ad:f0:38:f8:1a:4c:5a: 2c:b2:79:90:48:ed:e4:7e:93:47:96:56:60:a5:ee: 28:ce:7d:cc:d2:b0:ac:8a:28:0f:61:6b:d3:0c:68: 61:94:f7:12:62:60:c4:84:ba:b5:81:25:4b:38:67: 26:89:f8:39:5e:e3:4e:08:d3:a2:86:5d:f9:d3:b9: e4:7e:6e:f7:25:c5:27:3f:7a:e9:dc:14:bf:53:79: b1:f9:ba:9c:ae:9c:c1:3c:21:25:87:e7:c8:ad:f6: 60:89:36:c2:32:9e:8e:67:20:c8:51:96:cc:e2:ad: 0f:da:f8:cb:2a:6b:71:68:9a:ae:c2:66:18:45:89: ec:97:41:d2:ef:23:35:f3:0f:2c:ff:03:92:1f:d2: ef:f6:cd:25:1e:c8:5a:b7:d9:f8:9a:2e:29:00:ba: 57:ce:1c:e4:41:80:f1:67:35:d7:0d:5c:49:98:a3: ef:8f:c8:a2:f0:eb:b3:3b:f9:53:85:e3:bc:1a:be: 17:a1:e3:2c:29:39:e9:ad:33:ea:5f:bf:0d:b8:4b: cc:76:08:d9:45:59:ea:25:14:7a:55:63:2d:f2:20: 7e:43:43:6a:b6:c6:c4:5a:83:a7:0a:9f:96:ad:58: fb:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:F2:58:65:C7:CF:2B:AF:9B:6F:EC:EA:14:86:B3:66:CB:B8:4F:A1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd3d6020-be78-46ca-9b8a-63fdbfc9da9b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf5:2000::/40 Signature Algorithm: sha256WithRSAEncryption c1:fc:48:39:47:fd:fb:df:56:0d:ed:ee:af:75:9e:f3:aa:c4: 56:58:d5:06:f4:a1:9c:c0:25:12:7e:66:ad:19:03:33:21:37: 20:a2:55:26:a8:2b:dd:6c:4f:7c:aa:95:35:60:69:36:f4:8c: 83:77:5b:aa:33:d4:ee:37:cb:f9:80:be:04:4b:33:08:41:19: 76:7f:68:66:42:f2:c2:b1:02:d2:36:fa:49:18:8c:15:ae:31: 40:68:20:6c:64:6e:4a:ac:72:a3:45:65:64:53:a3:75:a5:74: 26:5f:20:41:6c:69:8c:e9:b5:7a:8b:3a:9d:12:97:05:27:7f: cf:fd:e2:e8:ef:95:eb:ea:a4:10:42:f2:42:0d:d4:01:b5:ad: 3a:85:92:97:90:74:b1:c0:fc:37:c1:99:da:ed:d3:59:40:e3: 01:52:a2:fc:8d:79:0b:ff:4c:e7:a6:fb:92:a8:18:50:2a:f2: 12:a3:02:b2:18:8d:e4:e7:b0:ac:8e:a8:96:75:b2:d1:4d:6b: a5:c9:8a:4b:c1:88:0f:83:58:90:ef:2f:ab:64:15:99:e6:44: ce:29:fb:1f:61:c4:01:1a:4a:1f:d9:ea:f1:b4:b3:28:9f:29: cc:b0:83:87:c7:5f:d7:be:41:5f:aa:ba:1e:c9:31:38:60:6f: 4e:05:9a:49 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCkaNBEBBH1ibnTMqV59Q0413pDgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwMjAwMTEwNFoX DTI2MDczMTIzNTk1OVowejFJMEcGA1UEBRNAZDNhYWViNDIzYzIxMzZmYTUyZjJm OTU0MzBlYWEzY2U5YzRiODE4YjM4YThlODE1NzQ2ZDFkNDg1MTE3YTg4MTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9AT/0VmLi2TVM3uiH4cnQ0Z5OC1 /a3wOPgaTFossnmQSO3kfpNHllZgpe4ozn3M0rCsiigPYWvTDGhhlPcSYmDEhLq1 gSVLOGcmifg5XuNOCNOihl3507nkfm73JcUnP3rp3BS/U3mx+bqcrpzBPCElh+fI rfZgiTbCMp6OZyDIUZbM4q0P2vjLKmtxaJquwmYYRYnsl0HS7yM18w8s/wOSH9Lv 9s0lHshat9n4mi4pALpXzhzkQYDxZzXXDVxJmKPvj8ii8OuzO/lTheO8Gr4XoeMs KTnprTPqX78NuEvMdgjZRVnqJRR6VWMt8iB+Q0NqtsbEWoOnCp+WrVj7SQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFLyWGXHzyuvm2/s6hSGs2bLuE+hMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RkM2Q2MDIwLWJlNzgtNDZjYS05YjhhLTYzZmRiZmM5ZGE5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9SAwDQYJKoZIhvcNAQELBQADggEBAMH8SDlH/fvfVg3t7q91 nvOqxFZY1Qb0oZzAJRJ+Zq0ZAzMhNyCiVSaoK91sT3yqlTVgaTb0jIN3W6oz1O43 y/mAvgRLMwhBGXZ/aGZC8sKxAtI2+kkYjBWuMUBoIGxkbkqscqNFZWRTo3WldCZf IEFsaYzptXqLOp0SlwUnf8/94ujvlevqpBBC8kIN1AG1rTqFkpeQdLHA/DfBmdrt 01lA4wFSovyNeQv/TOem+5KoGFAq8hKjArIYjeTnsKyOqJZ1stFNa6XJikvBiA+D WJDvL6tkFZnmRM4p+x9hxAEaSh/Z6vG0syifKcywg4fHX9e+QV+quh7JMThgb04F mkk= -----END CERTIFICATE-----Generated at Wed May 13 00:38:15 2026 by rpki-client