$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/20b65f51-27cd-433b-bcd7-610d4a586128.roa File: 20b65f51-27cd-433b-bcd7-610d4a586128.roa (raw, json) Hash identifier: xkOxAbGPsgmAZT1cym3f9+3XrpdkrUFHOgj/Q1DI5Ak= Subject key identifier: B6:0F:BC:FE:38:2E:6F:14:3F:C5:71:DA:9D:F9:11:08:7F:FB:C3:5C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0AC2DDDD1B5FAECFCA90A310B3CA7CF4DF97175F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/20b65f51-27cd-433b-bcd7-610d4a586128.roa Signing time: Wed 13 May 2026 00:10:49 +0000 ROA not before: Wed 13 May 2026 00:10:49 +0000 ROA not after: Tue 11 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da17::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Jun 2026 00:02:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:c2:dd:dd:1b:5f:ae:cf:ca:90:a3:10:b3:ca:7c:f4:df:97:17:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:10:49 2026 GMT Not After : Aug 11 23:59:59 2026 GMT Subject: serialNumber=d23ecd2e5aead8e59167cbc391b215d374e1b80d16321f246f77e1ff2930c196, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:ae:ec:fe:06:e1:ff:28:25:68:6e:b1:ac:d1: cf:89:e6:3f:f9:32:2a:c9:81:45:ca:b1:25:c9:93: bf:34:46:9d:fa:f5:de:c0:2c:c7:9d:36:02:f7:8e: bf:14:69:8d:42:af:3a:67:18:b2:74:43:5f:e6:7b: e9:fe:c0:58:27:1a:b7:e1:36:c5:c2:09:e5:bf:f6: a1:20:04:71:b7:dc:85:ca:75:48:ea:77:8b:2e:38: 87:13:84:ec:d8:34:f1:b3:ad:cb:7f:9a:ee:31:a0: 3f:2b:bd:a1:aa:75:dc:96:6b:9c:55:ce:29:31:4a: 10:aa:cb:bd:cb:d5:5f:ea:1a:36:60:7e:5f:57:f0: f4:6d:31:40:ac:df:c3:33:6a:98:c0:56:2d:3f:9d: 3b:31:c0:95:3b:c3:8c:f9:c5:ef:49:20:f2:b1:76: 72:23:97:8f:29:32:0f:54:cd:e8:3f:46:fa:89:84: 7b:fb:bd:4a:fc:0a:df:dc:b5:58:c0:1c:b4:fe:8a: 51:51:59:12:e3:35:70:62:d7:9b:1c:ba:44:97:ec: b4:f6:ee:48:38:43:c4:bd:0a:36:37:b4:98:d6:cf: 33:61:ce:9c:ca:b5:75:90:0a:23:5e:e6:8a:0b:1f: 18:40:a0:65:d1:b8:37:97:2f:01:ad:94:5c:c0:c3: a6:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:0F:BC:FE:38:2E:6F:14:3F:C5:71:DA:9D:F9:11:08:7F:FB:C3:5C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/20b65f51-27cd-433b-bcd7-610d4a586128.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da17::/38 Signature Algorithm: sha256WithRSAEncryption 36:5b:cb:a0:af:a4:59:fd:c7:d0:f4:05:91:18:61:62:6c:89: 7a:96:85:e3:9d:1c:02:74:6b:ca:e0:49:9b:98:6c:ed:e3:9c: bd:0b:f7:ae:21:2b:20:b2:d9:8e:37:b2:fc:06:78:50:c4:6f: df:8f:34:8c:eb:e1:e1:27:4c:e4:13:77:f6:d7:56:85:45:7b: 0a:9e:4a:9f:33:32:c6:0c:22:32:2f:c8:c0:57:a6:62:b2:dd: 8d:83:7c:b2:ef:75:98:6d:c3:ca:7e:a6:76:c6:28:fb:56:d0: 2e:54:ab:2b:e4:0d:29:0e:3d:79:2c:14:e1:0c:d3:c8:63:b3: d3:12:9e:bc:e4:fe:41:4a:c8:79:79:7a:8e:b9:9f:f1:67:68: 60:e9:ed:02:e5:3c:f7:98:49:94:5a:de:b5:01:74:25:14:69: 33:b1:23:dd:58:a7:dc:12:ad:03:59:c2:c9:da:d7:5f:56:f4: 47:3e:d8:f6:ae:1f:81:c0:ac:88:7c:35:6c:07:30:e9:20:13: 06:14:c9:3d:3a:2b:fd:47:4d:be:8b:eb:b0:21:48:f4:4b:a2: 09:ea:4b:7c:da:b0:59:47:3c:96:73:8b:23:44:66:b4:10:11: 20:7c:52:ca:fa:78:43:53:f2:40:74:6c:85:2c:60:28:4f:7f: c0:98:93:99 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCsLd3Rtfrs/KkKMQs8p89N+XF18wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMzAwMTA0OVoX DTI2MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAZDIzZWNkMmU1YWVhZDhlNTkxNjdj YmMzOTFiMjE1ZDM3NGUxYjgwZDE2MzIxZjI0NmY3N2UxZmYyOTMwYzE5NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtq7s/gbh/yglaG6xrNHPieY/+TIq yYFFyrElyZO/NEad+vXewCzHnTYC946/FGmNQq86ZxiydENf5nvp/sBYJxq34TbF wgnlv/ahIARxt9yFynVI6neLLjiHE4Ts2DTxs63Lf5ruMaA/K72hqnXclmucVc4p MUoQqsu9y9Vf6ho2YH5fV/D0bTFArN/DM2qYwFYtP507McCVO8OM+cXvSSDysXZy I5ePKTIPVM3oP0b6iYR7+71K/Arf3LVYwBy0/opRUVkS4zVwYtebHLpEl+y09u5I OEPEvQo2N7SY1s8zYc6cyrV1kAojXuaKCx8YQKBl0bg3ly8BrZRcwMOmgQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFLYPvP44Lm8UP8Vx2p35EQh/+8NcMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzIwYjY1ZjUxLTI3Y2QtNDMzYi1iY2Q3LTYxMGQ0YTU4NjEyOC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYCJAbaFwAwDQYJKoZIhvcNAQELBQADggEBADZby6CvpFn9x9D0BZEY YWJsiXqWheOdHAJ0a8rgSZuYbO3jnL0L964hKyCy2Y43svwGeFDEb9+PNIzr4eEn TOQTd/bXVoVFewqeSp8zMsYMIjIvyMBXpmKy3Y2DfLLvdZhtw8p+pnbGKPtW0C5U qyvkDSkOPXksFOEM08hjs9MSnrzk/kFKyHl5eo65n/FnaGDp7QLlPPeYSZRa3rUB dCUUaTOxI91Yp9wSrQNZwsna119W9Ec+2PauH4HArIh8NWwHMOkgEwYUyT06K/1H Tb6L67AhSPRLognqS3zasFlHPJZziyNEZrQQESB8Usr6eENT8kB0bIUsYChPf8CY k5k= -----END CERTIFICATE-----Generated at Wed Jun 17 08:56:47 2026 by rpki-client