$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa File: 3407e5b6-a83d-4668-898f-fdbb23092502.roa (raw, json) Hash identifier: sqmhzfAuFPlH4QoK2na+v+GfhV8fLLG3moxK2B9Pkoc= Subject key identifier: 58:CE:2C:6D:31:44:53:84:25:84:66:CA:A8:FC:BF:08:86:B6:3F:6E Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 55936F629296DE544E95C75D61E0E769B7C010E5 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa Signing time: Mon 27 Apr 2026 00:00:36 +0000 ROA not before: Mon 27 Apr 2026 00:00:36 +0000 ROA not after: Sun 26 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:03:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:93:6f:62:92:96:de:54:4e:95:c7:5d:61:e0:e7:69:b7:c0:10:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: Apr 27 00:00:36 2026 GMT Not After : Jul 26 23:59:59 2026 GMT Subject: serialNumber=7b93bfcfd7097fc8d6586da21e817e4ac750eb78e4be9d7d92f7ab982f1762c6, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:10:df:21:af:08:26:3a:2e:96:9d:51:1a:f8: d4:d8:1f:ca:a7:c0:54:a1:f1:1b:98:6f:4b:1e:36: da:ec:c6:a1:5c:1c:94:d7:b8:ae:3b:20:71:f0:4d: 8c:cc:5b:1c:53:66:44:bc:9a:f7:01:ae:71:40:99: b5:eb:61:6d:51:f5:7d:02:95:c7:45:24:e3:8b:ce: 16:7d:70:87:db:c9:20:94:a2:29:a9:ec:90:91:f1: ed:96:70:82:0b:9a:35:f2:0d:29:66:64:11:07:5b: fe:7d:19:ad:00:ef:a8:6d:3e:d4:f2:9f:8e:65:0d: 03:e8:8e:da:78:32:e1:4d:8e:7f:73:a3:5b:39:7a: 45:ad:ed:6e:bf:00:3d:bc:f0:92:81:d5:cb:4a:12: fd:39:f0:21:66:1d:c1:c0:f3:95:9d:9f:2e:78:d8: b6:ff:45:30:f5:4b:71:42:60:41:70:03:3e:4d:29: fe:9c:03:d2:12:fa:56:e9:73:44:66:c7:43:ed:df: 3f:dc:bc:2a:ed:b0:68:d7:dc:71:aa:1d:99:1d:fc: b2:8c:34:6e:b9:df:89:19:ae:1a:0c:07:21:a3:72: 06:e3:43:77:13:ce:57:08:03:c7:8b:e0:e9:0d:b9: 57:61:df:61:0d:04:7d:1f:a0:3f:01:92:3a:e9:00: 43:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:CE:2C:6D:31:44:53:84:25:84:66:CA:A8:FC:BF:08:86:B6:3F:6E X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/3407e5b6-a83d-4668-898f-fdbb23092502.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700::/32 Signature Algorithm: sha256WithRSAEncryption 1d:c1:63:d7:03:92:46:00:fb:79:4e:16:48:96:4a:9d:1f:0b: c1:e0:17:37:b0:fc:28:f2:4f:f1:42:30:1a:a8:76:58:c5:c5: 9a:97:16:7d:cf:eb:90:54:d3:aa:bc:3e:69:2a:cf:a9:26:12: c9:fd:87:fd:07:0a:24:eb:2b:82:63:5f:8e:fc:5b:e4:78:89: 06:48:44:8f:00:2b:eb:e5:69:7d:20:29:5a:16:9e:0c:f3:a2: 1d:5c:8a:3f:ab:7e:74:e1:ee:98:fb:89:95:9c:47:92:7c:3a: 4b:54:b4:c7:a2:d4:5b:e4:06:51:50:7f:5d:0d:31:02:d3:88: 30:cc:80:71:87:5a:43:c4:29:ec:42:cd:60:1d:f7:5c:9f:f0: 3a:25:e1:c5:66:d4:fe:33:ea:27:d2:ab:c0:23:86:c3:77:81: 38:05:ee:4a:ab:16:28:06:73:d3:66:88:a8:0c:75:20:b9:79: 12:74:4a:07:03:b6:2e:e2:c9:46:c1:c7:77:f1:53:e4:32:5a: 1e:bd:b4:ee:d0:7e:71:5e:88:43:40:ef:a9:09:f7:c5:b7:41: f8:c6:a8:7a:cc:77:fb:3b:c5:2a:83:82:62:0c:9d:0e:9d:6f: e9:80:e7:8f:72:21:58:c6:5e:6a:42:5f:cb:4e:15:dd:d5:4d: 87:29:0a:9f -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUVZNvYpKW3lROlcddYeDnabfAEOUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI2MDQyNzAwMDAzNloX DTI2MDcyNjIzNTk1OVowejFJMEcGA1UEBRNAN2I5M2JmY2ZkNzA5N2ZjOGQ2NTg2 ZGEyMWU4MTdlNGFjNzUwZWI3OGU0YmU5ZDdkOTJmN2FiOTgyZjE3NjJjNjEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhDfIa8IJjoulp1RGvjU2B/Kp8BU ofEbmG9LHjba7MahXByU17iuOyBx8E2MzFscU2ZEvJr3Aa5xQJm162FtUfV9ApXH RSTji84WfXCH28kglKIpqeyQkfHtlnCCC5o18g0pZmQRB1v+fRmtAO+obT7U8p+O ZQ0D6I7aeDLhTY5/c6NbOXpFre1uvwA9vPCSgdXLShL9OfAhZh3BwPOVnZ8ueNi2 /0Uw9UtxQmBBcAM+TSn+nAPSEvpW6XNEZsdD7d8/3Lwq7bBo19xxqh2ZHfyyjDRu ud+JGa4aDAcho3IG40N3E85XCAPHi+DpDblXYd9hDQR9H6A/AZI66QBDXQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFFjOLG0xRFOEJYRmyqj8vwiGtj9uMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 LzM0MDdlNWI2LWE4M2QtNDY2OC04OThmLWZkYmIyMzA5MjUwMi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJABnADANBgkqhkiG9w0BAQsFAAOCAQEAHcFj1wOSRgD7eU4WSJZK nR8LweAXN7D8KPJP8UIwGqh2WMXFmpcWfc/rkFTTqrw+aSrPqSYSyf2H/QcKJOsr gmNfjvxb5HiJBkhEjwAr6+VpfSApWhaeDPOiHVyKP6t+dOHumPuJlZxHknw6S1S0 x6LUW+QGUVB/XQ0xAtOIMMyAcYdaQ8Qp7ELNYB33XJ/wOiXhxWbU/jPqJ9KrwCOG w3eBOAXuSqsWKAZz02aIqAx1ILl5EnRKBwO2LuLJRsHHd/FT5DJaHr207tB+cV6I Q0DvqQn3xbdB+Maoesx3+zvFKoOCYgydDp1v6YDnj3IhWMZeakJfy04V3dVNhykK nw== -----END CERTIFICATE-----Generated at Wed May 13 01:46:24 2026 by rpki-client