$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/faf03c26-86cc-4b80-a160-2861ff66c03b.roa File: faf03c26-86cc-4b80-a160-2861ff66c03b.roa (raw, json) Hash identifier: wmIWw5L2j0/7stRMUNp4FQCVQWv4XN2YorY1CTQ0Adg= Subject key identifier: 03:63:4B:3A:BD:13:08:37:B2:9F:3C:9D:5C:CC:A4:E0:71:CD:CB:26 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 49C4838439647609D198D41D3201A2834B1142F3 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/faf03c26-86cc-4b80-a160-2861ff66c03b.roa Signing time: Sat 09 May 2026 00:00:39 +0000 ROA not before: Sat 09 May 2026 00:00:39 +0000 ROA not after: Fri 07 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:c0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:c4:83:84:39:64:76:09:d1:98:d4:1d:32:01:a2:83:4b:11:42:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 9 00:00:39 2026 GMT Not After : Aug 7 23:59:59 2026 GMT Subject: serialNumber=4f5945bacda9382dd143fb99a9e91c6d474c90cf4cb786c04e767747b68bdd62, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:d3:e8:cb:31:cd:dd:49:45:7a:d7:ae:91:bb: 91:a6:9c:3f:31:2b:99:5b:cf:1e:a3:84:14:14:a6: 00:95:b5:b1:80:af:32:fd:8b:62:df:86:9f:9a:6d: 37:52:42:b8:86:da:ec:02:5b:64:3e:2b:46:10:d6: 18:ce:9c:ad:d8:5f:9f:ab:5e:c6:52:99:61:bc:c7: a8:a4:47:dd:74:bb:eb:be:a7:1f:5b:35:85:e8:4b: 95:ee:fb:95:66:48:c4:67:6b:ed:cf:47:d0:d2:86: 76:c2:b5:e9:de:56:e4:18:e1:48:1c:39:48:98:5c: b9:37:fb:e7:54:27:05:c6:5a:d8:03:3b:e1:60:8f: 24:1d:b2:fc:e1:c5:c6:f5:07:10:60:2d:63:0c:e2: 28:6a:e6:0e:d6:76:31:d2:5b:a4:56:35:42:d6:cb: 14:ca:a9:2b:11:32:30:d3:b6:fd:cc:7b:38:f3:c5: 4a:21:5b:8f:46:29:83:e1:d3:ba:79:38:8d:dc:3b: 30:3b:15:11:ac:eb:2c:6d:c4:d8:f4:c9:8c:03:df: 6e:cd:86:08:17:14:fa:97:b4:51:86:5a:a0:ca:c4: be:fb:69:a6:d5:e9:20:2d:44:1c:71:ba:ba:94:0f: ff:4f:15:e5:04:4f:af:f5:4e:c4:23:7d:d5:b7:b1: f3:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:63:4B:3A:BD:13:08:37:B2:9F:3C:9D:5C:CC:A4:E0:71:CD:CB:26 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/faf03c26-86cc-4b80-a160-2861ff66c03b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:c0c0::/48 Signature Algorithm: sha256WithRSAEncryption 35:ee:46:1e:13:ad:eb:46:d0:e1:da:7e:10:13:4c:51:b9:3e: 78:92:47:f9:79:89:f9:b2:15:96:fa:5b:0f:7e:d8:33:cc:ac: 34:ea:5c:f1:7a:09:62:a2:2c:13:7c:b1:6a:55:16:27:75:7a: 53:c6:d2:d4:4a:97:39:b3:a1:26:5e:9a:6f:ae:7a:89:3a:b4: 3e:77:9f:f8:5b:75:b4:f7:d6:11:3f:28:b2:d9:f6:96:96:50: fc:5e:da:ab:c7:89:38:8f:ae:a7:4e:36:a7:12:11:35:ab:d0: 5e:a3:c4:49:5a:c1:2a:c4:d9:fc:a8:3b:96:f6:36:fe:b5:80: 19:92:52:55:46:f2:33:04:92:c4:16:1c:7f:fb:1f:19:5b:4d: 12:56:44:5d:26:63:e3:9a:a7:4e:b5:db:e9:28:07:1a:e7:02: 96:bf:2b:a0:e4:f6:78:dd:8c:d0:f0:b4:5d:b4:0b:cf:13:ff: c8:84:b6:05:5c:6f:13:08:80:aa:ea:3d:06:1c:57:a2:16:97: ff:14:97:1e:e1:ab:7b:8f:2e:e1:3a:39:9f:a5:14:3c:d4:4a: 1a:65:c8:cc:91:a3:db:b6:5a:2b:78:c5:94:ad:a6:db:be:4e: 7c:38:06:cd:99:b8:fa:5c:15:a1:fe:d8:2b:e2:5c:ca:9d:c6: 05:56:13:f8 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUScSDhDlkdgnRmNQdMgGig0sRQvMwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwOTAwMDAzOVoX DTI2MDgwNzIzNTk1OVowejFJMEcGA1UEBRNANGY1OTQ1YmFjZGE5MzgyZGQxNDNm Yjk5YTllOTFjNmQ0NzRjOTBjZjRjYjc4NmMwNGU3Njc3NDdiNjhiZGQ2MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydPoyzHN3UlFeteukbuRppw/MSuZ W88eo4QUFKYAlbWxgK8y/Yti34afmm03UkK4htrsAltkPitGENYYzpyt2F+fq17G UplhvMeopEfddLvrvqcfWzWF6EuV7vuVZkjEZ2vtz0fQ0oZ2wrXp3lbkGOFIHDlI mFy5N/vnVCcFxlrYAzvhYI8kHbL84cXG9QcQYC1jDOIoauYO1nYx0lukVjVC1ssU yqkrETIw07b9zHs488VKIVuPRimD4dO6eTiN3DswOxURrOssbcTY9MmMA99uzYYI FxT6l7RRhlqgysS++2mm1ekgLUQccbq6lA//TxXlBE+v9U7EI33Vt7HzyQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFANjSzq9Ewg3sp88nVzMpOBxzcsmMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2ZhZjAzYzI2LTg2Y2MtNGI4MC1hMTYwLTI4NjFmZjY2YzAzYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaYcDAMA0GCSqGSIb3DQEBCwUAA4IBAQA17kYeE63rRtDh2n4Q E0xRuT54kkf5eYn5shWW+lsPftgzzKw06lzxeglioiwTfLFqVRYndXpTxtLUSpc5 s6EmXppvrnqJOrQ+d5/4W3W099YRPyiy2faWllD8Xtqrx4k4j66nTjanEhE1q9Be o8RJWsEqxNn8qDuW9jb+tYAZklJVRvIzBJLEFhx/+x8ZW00SVkRdJmPjmqdOtdvp KAca5wKWvyug5PZ43YzQ8LRdtAvPE//IhLYFXG8TCICq6j0GHFeiFpf/FJce4at7 jy7hOjmfpRQ81EoaZcjMkaPbtloreMWUrabbvk58OAbNmbj6XBWh/tgr4lzKncYF VhP4 -----END CERTIFICATE-----Generated at Tue May 12 23:42:47 2026 by rpki-client