$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa File: cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa (raw, json) Hash identifier: kIQquhGVEcAvabpPXVXZt+As4t5sh2W4yCXCsbRhSVc= Subject key identifier: C4:49:F5:D9:17:27:D4:97:D3:F7:3C:8C:E5:A1:6F:1F:56:06:BC:24 Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Certificate serial: 5B55327FFCF7DAB92D6DE3911083920C2A4A0091 Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa Signing time: Mon 27 Apr 2026 00:00:07 +0000 ROA not before: Mon 27 Apr 2026 00:00:07 +0000 ROA not after: Sun 26 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6500::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 17 May 2026 00:03:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:55:32:7f:fc:f7:da:b9:2d:6d:e3:91:10:83:92:0c:2a:4a:00:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D Validity Not Before: Apr 27 00:00:07 2026 GMT Not After : Jul 26 23:59:59 2026 GMT Subject: serialNumber=f683dfe7ed516da3ab86324914af65649f3f29946b23a9cedac720723543172f, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:e7:c8:35:ae:2c:d8:f7:29:b8:ef:b5:c4:71: 2b:72:7b:58:28:69:7f:bb:6c:e3:aa:7f:d8:24:9f: 47:3c:4e:a3:b9:07:ec:92:a5:3e:63:b9:2b:28:1b: e1:76:7e:9d:3f:d8:88:9d:13:66:17:f5:b1:7e:01: 07:63:8e:38:8e:a9:fe:47:fa:89:68:09:0c:c4:25: db:e6:10:3b:40:8a:f9:1e:7d:87:5b:ab:b0:87:b0: ad:21:86:3c:fb:39:21:c8:69:e4:9f:3c:1c:91:20: 2e:f3:d5:1e:f8:e9:c4:f3:60:7b:58:7b:a4:bf:e3: 04:f9:26:79:35:1d:44:2f:54:c8:18:a5:04:cf:32: 51:10:3f:2f:e8:f3:46:bb:64:f2:2c:f9:40:b9:41: b5:e4:c7:6a:93:17:2e:c5:30:38:1f:dc:e4:56:91: 07:47:5a:48:f8:b7:c4:76:21:82:41:ea:24:03:2a: bf:7d:02:aa:76:9f:46:2a:cf:c6:62:fc:a6:0b:bb: 3a:8b:45:a8:c0:46:7f:f0:f3:2b:6e:b2:7b:21:39: f1:9f:bf:7d:5b:55:1b:ed:da:33:47:a7:db:4f:4f: 16:2d:e3:a0:a5:80:fe:be:a6:a5:df:ad:79:51:0f: f7:30:ec:90:a5:d9:52:9e:63:b8:97:b0:d6:85:08: 75:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:49:F5:D9:17:27:D4:97:D3:F7:3C:8C:E5:A1:6F:1F:56:06:BC:24 X509v3 Authority Key Identifier: keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/cebef322-460c-4f6e-8a8a-2f4b41debd9b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6500::/32 Signature Algorithm: sha256WithRSAEncryption f1:6b:30:97:c6:f4:28:c4:f7:cb:69:66:17:7d:20:36:bd:6f: 80:c3:60:38:a7:72:93:39:91:42:40:d9:a3:b8:f2:f8:e1:56: 73:dd:73:42:7f:09:c5:d3:c9:86:ce:2e:e9:05:fe:ef:b1:23: c1:98:cd:2d:0d:c2:bf:83:07:ee:1d:8c:db:cc:50:6e:1b:8d: a6:0b:79:af:c9:4c:22:53:9c:1b:4f:70:a9:8e:f8:a6:03:b3: 5a:bb:a5:b9:57:b9:54:bc:8d:bc:7a:75:60:34:8a:bb:37:23: b4:77:21:70:0a:37:4a:6e:0f:de:c9:3b:20:76:88:6d:f2:63: a8:75:9d:62:57:5f:d5:41:c4:5b:f7:c1:4b:1a:3d:d8:a9:99: f3:b7:66:71:15:98:7e:04:0a:fd:e0:63:3c:93:75:6b:c5:17: a1:40:9c:13:3e:d9:b4:dc:6e:eb:b6:99:3c:d4:2e:c3:4e:95: 7c:61:81:ae:d9:7d:be:6a:a5:e9:2e:eb:fa:c0:95:8e:a9:41: 5c:08:a8:6a:a4:1d:b5:4e:a7:8f:0e:6a:3e:3a:e2:08:20:b2: 65:72:8c:d9:56:2e:ad:56:bd:fd:2e:9a:11:aa:46:c5:2d:0c: 03:14:0a:24:7d:96:e3:20:45:a8:d6:86:ae:68:0e:23:71:c7: 0c:d4:8a:e1 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUW1Uyf/z32rktbeOREIOSDCpKAJEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5 MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI2MDQyNzAwMDAwN1oX DTI2MDcyNjIzNTk1OVowejFJMEcGA1UEBRNAZjY4M2RmZTdlZDUxNmRhM2FiODYz MjQ5MTRhZjY1NjQ5ZjNmMjk5NDZiMjNhOWNlZGFjNzIwNzIzNTQzMTcyZjEtMCsG A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ufINa4s2PcpuO+1xHErcntYKGl/ u2zjqn/YJJ9HPE6juQfskqU+Y7krKBvhdn6dP9iInRNmF/WxfgEHY444jqn+R/qJ aAkMxCXb5hA7QIr5Hn2HW6uwh7CtIYY8+zkhyGnknzwckSAu89Ue+OnE82B7WHuk v+ME+SZ5NR1EL1TIGKUEzzJRED8v6PNGu2TyLPlAuUG15MdqkxcuxTA4H9zkVpEH R1pI+LfEdiGCQeokAyq/fQKqdp9GKs/GYvymC7s6i0WowEZ/8PMrbrJ7ITnxn799 W1Ub7dozR6fbT08WLeOgpYD+vqal3615UQ/3MOyQpdlSnmO4l7DWhQh15QIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFMRJ9dkXJ9SX0/c8jOWhbx9WBrwkMB8GA1UdIwQY MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0 L2NlYmVmMzIyLTQ2MGMtNGY2ZS04YThhLTJmNGI0MWRlYmQ5Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2 Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABlADANBgkqhkiG9w0BAQsFAAOCAQEA8Wswl8b0KMT3y2lmF30g Nr1vgMNgOKdykzmRQkDZo7jy+OFWc91zQn8JxdPJhs4u6QX+77EjwZjNLQ3Cv4MH 7h2M28xQbhuNpgt5r8lMIlOcG09wqY74pgOzWruluVe5VLyNvHp1YDSKuzcjtHch cAo3Sm4P3sk7IHaIbfJjqHWdYldf1UHEW/fBSxo92KmZ87dmcRWYfgQK/eBjPJN1 a8UXoUCcEz7ZtNxu67aZPNQuw06VfGGBrtl9vmql6S7r+sCVjqlBXAioaqQdtU6n jw5qPjriCCCyZXKM2VYurVa9/S6aEapGxS0MAxQKJH2W4yBFqNaGrmgOI3HHDNSK 4Q== -----END CERTIFICATE-----Generated at Wed May 13 08:43:08 2026 by rpki-client