$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f3ba3251-a502-4cf8-9bc5-449b1376be0f.roa File: f3ba3251-a502-4cf8-9bc5-449b1376be0f.roa (raw, json) Hash identifier: ceLz+Oa05t3OfAPoXRmZiOzrUK+b3gMCN3Jo6JEk1So= Subject key identifier: A3:F1:B0:2C:2E:27:A6:A2:10:78:6B:19:1B:ED:EB:BF:A0:C0:9B:9C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 19DBB592D1333F139F75D8F3A8AA2116B8B63C28 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f3ba3251-a502-4cf8-9bc5-449b1376be0f.roa Signing time: Mon 11 May 2026 00:20:46 +0000 ROA not before: Mon 11 May 2026 00:20:46 +0000 ROA not after: Sun 09 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:2020::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:db:b5:92:d1:33:3f:13:9f:75:d8:f3:a8:aa:21:16:b8:b6:3c:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 11 00:20:46 2026 GMT Not After : Aug 9 23:59:59 2026 GMT Subject: serialNumber=8fe708c999380daecdb92b1366d904d5d2717408c0450c8682b15e2de39b9df2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:73:e6:a2:5f:f7:e4:63:cc:a5:bb:48:1d:be: d1:84:42:fe:1f:6f:73:a1:04:18:0a:bc:d1:48:af: 30:3a:23:60:4c:a5:a1:d8:ee:f3:1d:50:e7:02:4e: 97:5c:ee:b3:c4:37:2c:73:55:e6:ab:e5:23:df:c8: a7:57:3a:9a:e8:37:20:fb:4e:5a:b6:b5:5f:93:28: 38:06:be:9b:04:2a:eb:96:af:3e:39:70:d6:9c:b6: 0f:59:ed:55:17:cc:08:47:2a:f7:46:ba:ae:b2:67: 6b:4f:2d:83:f6:e8:97:cf:17:12:ed:50:b1:11:c8: be:c8:05:33:1c:63:e9:1a:8d:e0:5c:09:6d:33:f1: 28:3d:ee:7d:15:ed:ea:2f:b0:f8:aa:ab:b3:ee:72: aa:d2:2f:07:57:07:4a:c1:6b:ec:1b:da:37:6f:11: 9c:df:1e:b7:38:5b:2e:26:8a:04:b3:30:78:d2:2a: 9b:77:8a:2b:27:13:8d:c2:3a:e6:d0:37:dc:d0:14: 7c:1e:60:2f:5f:67:9a:68:ea:96:8c:29:d0:14:db: c8:52:cc:78:64:3a:47:6d:80:3a:18:0a:e6:14:3a: 6d:99:9a:ef:38:bd:a5:a9:1f:0f:90:44:8e:b0:db: 03:8b:8a:b9:6d:ba:ae:0a:7c:5e:47:9f:21:c0:db: 39:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:F1:B0:2C:2E:27:A6:A2:10:78:6B:19:1B:ED:EB:BF:A0:C0:9B:9C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f3ba3251-a502-4cf8-9bc5-449b1376be0f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:2020::/48 Signature Algorithm: sha256WithRSAEncryption 4a:30:79:a4:7a:e7:42:99:66:a9:fc:4f:b2:91:12:8b:fa:5f: 4a:7e:61:fd:7f:83:54:01:4f:27:67:b2:a3:1e:c4:65:44:7d: fc:69:a1:2c:b1:0d:7a:97:73:c5:f9:d0:e2:9c:ef:5a:00:47: ca:9c:7d:bf:5c:cf:67:12:07:40:8e:66:d2:eb:36:db:26:92: c0:5f:6a:f0:96:1b:4a:86:3b:fe:70:87:2b:22:18:00:18:ee: 82:66:eb:be:04:0c:08:99:e9:6b:ed:9a:de:22:ec:6d:78:79: be:3c:83:6e:3c:c2:9a:d2:a2:c8:7c:2c:53:ac:d9:2d:27:5a: a0:3e:f8:24:8c:8d:ff:b1:cb:a3:18:38:57:92:4b:30:aa:20: f1:76:e8:05:59:6e:63:7b:cd:ad:63:50:77:62:12:18:77:e9: 69:ee:2a:e5:c8:0e:1c:82:ea:f3:d1:da:47:02:bd:94:a1:da: db:81:d7:cc:63:df:8b:4e:30:bb:b3:7b:72:05:48:8f:c0:e8: 25:f3:5f:35:b7:1c:c5:ff:d8:70:36:01:af:44:56:3f:10:4c: e9:47:80:3b:97:8d:22:8f:01:aa:b9:46:38:b7:bf:63:c5:94: 64:ee:c8:df:c0:cc:f2:70:19:90:37:44:63:2f:11:03:54:86: 3c:20:fb:20 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUGdu1ktEzPxOfddjzqKohFri2PCgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMTAwMjA0NloX DTI2MDgwOTIzNTk1OVowejFJMEcGA1UEBRNAOGZlNzA4Yzk5OTM4MGRhZWNkYjky YjEzNjZkOTA0ZDVkMjcxNzQwOGMwNDUwYzg2ODJiMTVlMmRlMzliOWRmMjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnPmol/35GPMpbtIHb7RhEL+H29z oQQYCrzRSK8wOiNgTKWh2O7zHVDnAk6XXO6zxDcsc1Xmq+Uj38inVzqa6Dcg+05a trVfkyg4Br6bBCrrlq8+OXDWnLYPWe1VF8wIRyr3RrqusmdrTy2D9uiXzxcS7VCx Eci+yAUzHGPpGo3gXAltM/EoPe59Fe3qL7D4qquz7nKq0i8HVwdKwWvsG9o3bxGc 3x63OFsuJooEszB40iqbd4orJxONwjrm0Dfc0BR8HmAvX2eaaOqWjCnQFNvIUsx4 ZDpHbYA6GArmFDptmZrvOL2lqR8PkESOsNsDi4q5bbquCnxeR58hwNs56QIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKPxsCwuJ6aiEHhrGRvt67+gwJucMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2YzYmEzMjUxLWE1MDItNGNmOC05YmM1LTQ0OWIxMzc2YmUwZi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYSAgMA0GCSqGSIb3DQEBCwUAA4IBAQBKMHmkeudCmWap/E+y kRKL+l9KfmH9f4NUAU8nZ7KjHsRlRH38aaEssQ16l3PF+dDinO9aAEfKnH2/XM9n EgdAjmbS6zbbJpLAX2rwlhtKhjv+cIcrIhgAGO6CZuu+BAwImelr7ZreIuxteHm+ PINuPMKa0qLIfCxTrNktJ1qgPvgkjI3/scujGDhXkkswqiDxdugFWW5je82tY1B3 YhIYd+lp7irlyA4cgurz0dpHAr2UodrbgdfMY9+LTjC7s3tyBUiPwOgl8181txzF /9hwNgGvRFY/EEzpR4A7l40ijwGquUY4t79jxZRk7sjfwMzycBmQN0RjLxEDVIY8 IPsg -----END CERTIFICATE-----Generated at Tue May 12 23:42:56 2026 by rpki-client