$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ec8e23bf-c8d6-4a69-9151-124b795d815a.roa File: ec8e23bf-c8d6-4a69-9151-124b795d815a.roa (raw, json) Hash identifier: jVdU7GygqkMAU5wbWpKionIm9NvWsvpxHSEnHXmLy+4= Subject key identifier: 4D:99:6B:F2:EB:43:60:86:AF:CB:9B:A3:55:37:14:0A:14:91:8A:61 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0D06C814563B3074A3CDB852D2D50A05C664CDA8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ec8e23bf-c8d6-4a69-9151-124b795d815a.roa Signing time: Mon 11 May 2026 00:21:13 +0000 ROA not before: Mon 11 May 2026 00:21:13 +0000 ROA not after: Sun 09 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da00:6040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:06:c8:14:56:3b:30:74:a3:cd:b8:52:d2:d5:0a:05:c6:64:cd:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 11 00:21:13 2026 GMT Not After : Aug 9 23:59:59 2026 GMT Subject: serialNumber=ae95e8e98d8dc007cf99022f97d540804526fb18f61b63bca63965315a2daaa4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:4c:3c:eb:b5:6c:3d:04:68:a7:67:f3:bf:01: bf:dc:46:19:e8:f2:f3:be:b9:be:5b:dd:e5:ab:1f: 72:1b:54:33:60:bb:f8:c0:7c:c4:fd:19:5c:1a:e9: 2e:89:57:a1:06:db:c8:9a:a3:82:91:53:9b:71:5c: 0c:94:0f:3a:4d:5c:b2:98:6b:5e:ed:34:a0:81:38: 9b:ec:c7:a0:03:e0:ba:9f:a9:73:bb:31:ea:a3:59: 00:6f:48:ca:30:be:e2:6c:43:b5:46:58:64:ae:9c: 2e:d8:0b:ec:54:77:49:b3:c6:b4:be:3c:ab:b4:f5: 3a:3e:8b:03:7a:fd:ed:15:50:36:d4:db:19:dc:9f: 60:be:0f:35:9b:0c:80:f4:d2:f7:95:3a:e7:8b:51: 9b:1d:f7:18:43:2f:51:38:75:fc:be:00:4e:62:e6: 86:3a:99:92:a2:83:e7:93:e9:90:c3:c3:8e:64:29: d6:68:f4:50:fc:6b:e4:68:be:6b:b7:29:b9:f0:f2: 2f:d1:92:dc:c1:97:3b:73:31:b9:ab:a8:b0:60:41: 00:42:75:9b:9c:a7:3c:5a:b6:8c:84:96:d9:ce:9f: c5:a4:ea:b2:c8:f9:93:fe:4f:8d:5a:d2:89:4a:74: ba:fa:9b:28:8c:08:19:d7:7f:eb:a4:8d:9f:72:6a: d3:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:99:6B:F2:EB:43:60:86:AF:CB:9B:A3:55:37:14:0A:14:91:8A:61 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ec8e23bf-c8d6-4a69-9151-124b795d815a.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da00:6040::/48 Signature Algorithm: sha256WithRSAEncryption 59:81:38:ac:9f:50:fe:a6:4f:72:e5:59:94:fd:6e:53:48:68: e5:f2:f9:b0:5e:69:ab:a2:4b:f9:65:cf:fa:a7:8e:29:5d:65: e1:82:d7:7d:66:3e:ac:49:ae:ff:45:4e:f8:d5:79:ae:d4:01: 35:4f:00:11:e4:8b:73:1a:77:18:85:8b:7f:6f:2b:a3:ed:4c: af:da:a9:2f:2b:79:5d:3a:67:4d:10:52:4f:04:3a:f4:fa:c0: 65:d9:50:56:9e:af:fd:4f:f7:e3:b1:3c:de:df:af:e2:d6:d2: 02:c3:05:dd:b5:c3:f9:d4:90:a9:95:9b:43:8a:20:95:92:1b: 65:e2:d0:06:dd:e1:8d:26:40:a8:b0:cf:d8:10:2f:42:08:e1: ee:95:5f:5e:36:02:08:c2:9d:95:8c:c9:99:04:77:91:74:d6: 20:4a:79:f3:61:93:43:63:1b:58:91:00:3b:e1:48:51:ad:3f: 38:df:db:a1:f1:c5:6e:84:cf:38:74:a2:11:f4:62:92:7e:74: dd:1e:a4:23:ca:1e:4c:67:66:cd:8a:4b:f0:74:92:75:88:f0: 45:7e:cb:fe:ba:d4:ab:2c:7c:c8:af:2c:66:91:b1:c1:0e:27: cb:a7:f3:07:9a:c0:44:dd:3d:23:2b:24:42:f0:3c:3e:8a:7f: 34:62:2d:b4 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUDQbIFFY7MHSjzbhS0tUKBcZkzagwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMTAwMjExM1oX DTI2MDgwOTIzNTk1OVowejFJMEcGA1UEBRNAYWU5NWU4ZTk4ZDhkYzAwN2NmOTkw MjJmOTdkNTQwODA0NTI2ZmIxOGY2MWI2M2JjYTYzOTY1MzE1YTJkYWFhNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Ew867VsPQRop2fzvwG/3EYZ6PLz vrm+W93lqx9yG1QzYLv4wHzE/RlcGukuiVehBtvImqOCkVObcVwMlA86TVyymGte 7TSggTib7MegA+C6n6lzuzHqo1kAb0jKML7ibEO1Rlhkrpwu2AvsVHdJs8a0vjyr tPU6PosDev3tFVA21NsZ3J9gvg81mwyA9NL3lTrni1GbHfcYQy9ROHX8vgBOYuaG OpmSooPnk+mQw8OOZCnWaPRQ/GvkaL5rtym58PIv0ZLcwZc7czG5q6iwYEEAQnWb nKc8WraMhJbZzp/FpOqyyPmT/k+NWtKJSnS6+psojAgZ13/rpI2fcmrT4wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFE2Za/LrQ2CGr8ubo1U3FAoUkYphMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2VjOGUyM2JmLWM4ZDYtNGE2OS05MTUxLTEyNGI3OTVkODE1YS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaAGBAMA0GCSqGSIb3DQEBCwUAA4IBAQBZgTisn1D+pk9y5VmU /W5TSGjl8vmwXmmrokv5Zc/6p44pXWXhgtd9Zj6sSa7/RU741Xmu1AE1TwAR5Itz GncYhYt/byuj7Uyv2qkvK3ldOmdNEFJPBDr0+sBl2VBWnq/9T/fjsTze36/i1tIC wwXdtcP51JCplZtDiiCVkhtl4tAG3eGNJkCosM/YEC9CCOHulV9eNgIIwp2VjMmZ BHeRdNYgSnnzYZNDYxtYkQA74UhRrT8439uh8cVuhM84dKIR9GKSfnTdHqQjyh5M Z2bNikvwdJJ1iPBFfsv+utSrLHzIryxmkbHBDifLp/MHmsBE3T0jKyRC8Dw+in80 Yi20 -----END CERTIFICATE-----Generated at Tue May 12 23:53:12 2026 by rpki-client