$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/244183a3-f7dc-496f-9560-77200b99c0c5.roa File: 244183a3-f7dc-496f-9560-77200b99c0c5.roa (raw, json) Hash identifier: QmaoxwgGTj81LN3TxpsYiqd3maPX7kLQqPmOJ0Tu17A= Subject key identifier: 82:E2:13:AD:68:45:77:60:F5:81:5D:00:31:4D:65:40:6D:9A:63:21 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7BFD5ED7CEC71E59411D61ED8B5E0914CDE7C50C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/244183a3-f7dc-496f-9560-77200b99c0c5.roa Signing time: Sun 31 May 2026 00:00:08 +0000 ROA not before: Sun 31 May 2026 00:00:08 +0000 ROA not after: Sat 29 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daba:8800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 00:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:fd:5e:d7:ce:c7:1e:59:41:1d:61:ed:8b:5e:09:14:cd:e7:c5:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 31 00:00:08 2026 GMT Not After : Aug 29 23:59:59 2026 GMT Subject: serialNumber=4a245b0777075ada8362b546c34b1ae7993228d26de5e197eeef7fa62f48bb15, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:e7:24:65:08:b3:da:6b:f8:6d:59:ba:e5:52: 95:7f:13:15:84:ea:29:0d:70:77:dc:dc:32:88:68: 2c:6c:54:44:98:f1:ca:2e:7a:20:11:31:c6:7e:77: 33:06:ec:a0:53:a0:12:1c:0a:a9:35:30:02:bd:75: d7:76:15:1e:1e:3d:84:64:e1:6f:8f:d6:2d:2c:ff: 26:54:2a:b7:fd:6e:e2:84:31:2a:dc:f4:ad:3f:1c: 22:07:61:73:44:60:f6:ed:e9:1e:38:ab:40:b4:54: 1d:93:e6:27:03:e4:bc:6b:3e:ff:c3:97:08:16:fc: da:46:7b:32:3e:4a:29:2d:d1:51:43:ef:24:01:e8: 70:3a:ce:2b:63:19:ce:c5:1f:c4:cf:2f:68:c7:9f: 03:a7:d2:dd:bb:99:2b:ad:c6:13:87:e6:fb:be:0b: bd:1c:77:23:fb:3b:de:3c:d1:a1:33:41:1a:1a:f7: 8a:d4:79:45:6f:b0:6c:44:55:69:ac:59:0a:a8:e9: f9:7e:e0:43:85:7e:59:06:33:02:7b:0f:83:ae:d3: f5:6a:12:26:1d:3c:5d:8f:d1:97:d3:87:39:73:bd: 2b:80:90:a5:86:09:b8:eb:c1:f8:f1:28:ab:c3:6e: 54:9a:dd:e2:40:a9:2f:20:71:d4:0a:21:60:43:ce: 90:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:E2:13:AD:68:45:77:60:F5:81:5D:00:31:4D:65:40:6D:9A:63:21 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/244183a3-f7dc-496f-9560-77200b99c0c5.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daba:8800::/40 Signature Algorithm: sha256WithRSAEncryption 16:2d:a0:54:0f:67:8b:16:b9:3d:10:45:91:4a:fb:fb:29:22: 31:eb:d3:a6:3b:ea:e1:84:9f:b3:f7:bf:a5:ca:85:19:77:dd: d6:e9:3d:20:92:b7:f0:b7:20:a8:d7:6d:da:d2:4d:fc:c4:6b: 78:8f:38:65:60:3c:09:78:e5:b0:d3:55:7b:dd:62:33:0e:13: 58:a9:63:ad:c1:53:51:72:dc:2d:8f:57:71:a1:81:f4:bb:c4: ea:27:c0:a8:f3:a6:46:bb:7f:26:30:ca:5b:5b:ac:2c:bc:f3: 14:5d:d0:b7:c2:f9:2b:9f:38:33:51:ff:f0:07:a2:42:5b:5e: 49:2d:59:36:5a:c1:54:81:c0:07:a6:86:92:37:a2:5c:46:8f: 6f:6b:7b:69:60:76:06:df:34:8b:08:99:5a:72:82:85:1c:06: 21:d2:b4:3f:ec:81:bd:6d:35:39:54:2d:6f:65:e1:a2:75:70: 67:a2:fa:f3:cc:a0:d3:c3:b1:c8:61:3d:29:91:6d:8c:27:6c: 02:3d:f3:f6:6c:73:00:65:91:bc:4b:be:d1:20:a4:e8:1a:9f: e3:8a:1d:ae:07:37:b5:49:9a:9e:ad:2b:ef:2f:a5:e1:df:8f: 7c:c6:f4:b3:ad:df:95:bc:63:9a:02:13:55:ce:3a:38:36:bc: d0:82:95:cc -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUe/1e187HHllBHWHti14JFM3nxQwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUzMTAwMDAwOFoX DTI2MDgyOTIzNTk1OVowejFJMEcGA1UEBRNANGEyNDViMDc3NzA3NWFkYTgzNjJi NTQ2YzM0YjFhZTc5OTMyMjhkMjZkZTVlMTk3ZWVlZjdmYTYyZjQ4YmIxNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+ckZQiz2mv4bVm65VKVfxMVhOop DXB33NwyiGgsbFREmPHKLnogETHGfnczBuygU6ASHAqpNTACvXXXdhUeHj2EZOFv j9YtLP8mVCq3/W7ihDEq3PStPxwiB2FzRGD27ekeOKtAtFQdk+YnA+S8az7/w5cI FvzaRnsyPkopLdFRQ+8kAehwOs4rYxnOxR/Ezy9ox58Dp9Ldu5krrcYTh+b7vgu9 HHcj+zvePNGhM0EaGveK1HlFb7BsRFVprFkKqOn5fuBDhX5ZBjMCew+DrtP1ahIm HTxdj9GX04c5c70rgJClhgm468H48Sirw25Umt3iQKkvIHHUCiFgQ86QbQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFILiE61oRXdg9YFdADFNZUBtmmMhMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI0NDE4M2EzLWY3ZGMtNDk2Zi05NTYwLTc3MjAwYjk5YzBjNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbauogwDQYJKoZIhvcNAQELBQADggEBABYtoFQPZ4sWuT0QRZFK +/spIjHr06Y76uGEn7P3v6XKhRl33dbpPSCSt/C3IKjXbdrSTfzEa3iPOGVgPAl4 5bDTVXvdYjMOE1ipY63BU1Fy3C2PV3GhgfS7xOonwKjzpka7fyYwyltbrCy88xRd 0LfC+SufODNR//AHokJbXkktWTZawVSBwAemhpI3olxGj29re2lgdgbfNIsImVpy goUcBiHStD/sgb1tNTlULW9l4aJ1cGei+vPMoNPDschhPSmRbYwnbAI98/ZscwBl kbxLvtEgpOgan+OKHa4HN7VJmp6tK+8vpeHfj3zG9LOt35W8Y5oCE1XOOjg2vNCC lcw= -----END CERTIFICATE-----Generated at Sat Jun 13 11:17:10 2026 by rpki-client