$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f7b029e4-d122-46e8-a384-f2345eeb2843.roa File: f7b029e4-d122-46e8-a384-f2345eeb2843.roa (raw, json) Hash identifier: N9vxvCdCR7aPoyiJdR8+Wcgima1AJy8t9KQjJ31Migw= Subject key identifier: CF:57:98:5C:3B:7A:71:C5:2A:03:F2:17:A3:46:15:FF:01:F4:EE:0A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3F4548F2912453A28CAA1C63AA2B19322705FD1D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f7b029e4-d122-46e8-a384-f2345eeb2843.roa Signing time: Tue 12 May 2026 00:01:37 +0000 ROA not before: Tue 12 May 2026 00:01:37 +0000 ROA not after: Mon 10 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dafb:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:45:48:f2:91:24:53:a2:8c:aa:1c:63:aa:2b:19:32:27:05:fd:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 12 00:01:37 2026 GMT Not After : Aug 10 23:59:59 2026 GMT Subject: serialNumber=6b81962407e58c658c0fc2d5c6be61c968378c69d7f412c7d807d3edcbc4e11f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:97:44:14:a0:1d:c1:26:05:b0:88:c0:07:fa: ae:82:96:f8:3a:c7:b2:42:1a:01:8a:26:69:3f:e8: b9:17:f0:a8:50:bb:c3:9e:93:ae:78:0e:c9:7b:a7: 7e:b7:d5:5f:45:3d:9d:38:10:f4:8e:f5:e6:56:6d: 7d:f5:fe:43:91:d1:01:5d:6a:be:be:8c:5d:8b:1a: df:c3:49:cb:7b:85:e4:6c:d5:a5:2a:bf:72:fd:56: e4:4d:e7:4c:b3:aa:64:12:eb:a2:cf:c0:d5:f4:92: e6:23:36:bc:98:1b:fd:a1:e7:56:08:8c:dd:76:8d: 89:f9:e7:32:85:66:00:6b:24:78:2b:3c:a7:45:6f: 1c:1b:a7:34:85:be:a5:9f:72:3d:7e:1b:6b:50:0c: ba:a6:4b:10:cf:ed:ee:1a:aa:36:a2:54:39:e9:38: 27:d1:d3:3c:7d:f2:98:4c:22:e0:fa:6d:1f:eb:be: 13:04:fc:db:c5:2c:42:a1:46:a6:61:99:57:00:7b: 61:a9:41:2b:f6:b1:7d:ec:14:dc:ab:c8:80:5f:5c: 3e:7f:8b:9c:6a:4f:e2:c5:37:bb:0d:d6:0f:4e:62: ba:41:64:79:92:31:a3:8b:ce:d6:b4:5f:5d:c1:73: f1:30:26:0f:62:f1:4d:cc:df:87:7a:37:65:01:59: 6a:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:57:98:5C:3B:7A:71:C5:2A:03:F2:17:A3:46:15:FF:01:F4:EE:0A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f7b029e4-d122-46e8-a384-f2345eeb2843.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dafb:c800::/40 Signature Algorithm: sha256WithRSAEncryption 44:a5:05:34:67:43:f5:f7:1b:a1:24:c6:91:2f:0d:20:80:00: 02:e4:08:2b:b5:ac:9d:d7:29:4d:fd:4a:38:f4:d6:4b:e3:fd: 5d:a8:c0:d3:cd:06:5f:92:b5:69:e9:6f:08:bf:ec:90:d4:dd: 99:9f:39:b1:72:23:15:43:41:20:b2:c7:d0:0d:a1:68:44:3a: 15:7d:5b:2f:75:a6:b0:e8:a4:c8:ad:d4:b7:41:6f:38:a6:30: b8:55:06:a8:42:85:73:fb:89:43:b9:c8:1c:ad:e4:e1:12:7f: 3d:a1:e7:54:09:b7:9c:05:7b:e5:46:bb:36:c0:ac:5a:f2:a9: a0:26:06:21:25:e2:e1:e0:53:4e:4e:56:11:d3:3f:26:8a:57: a0:d6:f6:04:31:14:68:22:90:ca:a9:de:e8:b9:74:9b:9d:b2: 6d:15:a8:3f:dd:d1:c5:16:6f:fa:66:be:2b:32:85:ad:6a:06: 99:33:ff:97:08:85:87:c4:87:60:7d:e4:c4:48:54:f1:08:e4: 48:6c:ab:6f:a4:65:c3:29:72:61:3b:f8:79:8f:37:a5:78:26: 29:0e:04:95:47:71:c3:af:aa:7d:54:b1:22:d5:57:1a:c6:29: 6a:39:4b:fd:95:f1:f4:3b:ec:54:d1:11:a3:30:91:0c:ec:72: b1:09:1d:aa -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUP0VI8pEkU6KMqhxjqisZMicF/R0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMjAwMDEzN1oX DTI2MDgxMDIzNTk1OVowejFJMEcGA1UEBRNANmI4MTk2MjQwN2U1OGM2NThjMGZj MmQ1YzZiZTYxYzk2ODM3OGM2OWQ3ZjQxMmM3ZDgwN2QzZWRjYmM0ZTExZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA65dEFKAdwSYFsIjAB/qugpb4Osey QhoBiiZpP+i5F/CoULvDnpOueA7Je6d+t9VfRT2dOBD0jvXmVm199f5DkdEBXWq+ voxdixrfw0nLe4XkbNWlKr9y/VbkTedMs6pkEuuiz8DV9JLmIza8mBv9oedWCIzd do2J+ecyhWYAayR4KzynRW8cG6c0hb6ln3I9fhtrUAy6pksQz+3uGqo2olQ56Tgn 0dM8ffKYTCLg+m0f674TBPzbxSxCoUamYZlXAHthqUEr9rF97BTcq8iAX1w+f4uc ak/ixTe7DdYPTmK6QWR5kjGji87WtF9dwXPxMCYPYvFNzN+HejdlAVlqXwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFM9XmFw7enHFKgPyF6NGFf8B9O4KMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y3YjAyOWU0LWQxMjItNDZlOC1hMzg0LWYyMzQ1ZWViMjg0My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba+8gwDQYJKoZIhvcNAQELBQADggEBAESlBTRnQ/X3G6EkxpEv DSCAAALkCCu1rJ3XKU39Sjj01kvj/V2owNPNBl+StWnpbwi/7JDU3ZmfObFyIxVD QSCyx9ANoWhEOhV9Wy91prDopMit1LdBbzimMLhVBqhChXP7iUO5yByt5OESfz2h 51QJt5wFe+VGuzbArFryqaAmBiEl4uHgU05OVhHTPyaKV6DW9gQxFGgikMqp3ui5 dJudsm0VqD/d0cUWb/pmvisyha1qBpkz/5cIhYfEh2B95MRIVPEI5Ehsq2+kZcMp cmE7+HmPN6V4JikOBJVHccOvqn1UsSLVVxrGKWo5S/2V8fQ77FTREaMwkQzscrEJ Hao= -----END CERTIFICATE-----Generated at Wed May 13 01:03:13 2026 by rpki-client