$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24cd5ed4-3b35-4d90-8e44-d72d219dc120.roa File: 24cd5ed4-3b35-4d90-8e44-d72d219dc120.roa (raw, json) Hash identifier: DUazae0X0pXnb1/fZ5GQIhuHlT+/H5UDulcy+PkigYE= Subject key identifier: 19:AF:61:62:E9:42:90:EC:06:58:B0:35:F5:20:2E:CF:78:11:75:FA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 26B8D82AC77CF54522F9E2B5E70A4E21CD960119 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24cd5ed4-3b35-4d90-8e44-d72d219dc120.roa Signing time: Wed 13 May 2026 00:30:16 +0000 ROA not before: Wed 13 May 2026 00:30:16 +0000 ROA not after: Tue 11 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:6000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Jun 2026 00:02:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:b8:d8:2a:c7:7c:f5:45:22:f9:e2:b5:e7:0a:4e:21:cd:96:01:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:30:16 2026 GMT Not After : Aug 11 23:59:59 2026 GMT Subject: serialNumber=f901fd2dad89afd4ac488ac1e744ffbc8b05319f1ffa466d26addd8efc578979, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:88:58:0e:c2:e4:de:83:32:4b:f9:23:a5:d3: 93:49:3d:61:c1:2d:ee:02:8a:0a:a4:c3:d9:46:47: 7c:97:ce:a4:62:b0:25:bd:4b:8a:3b:30:15:25:97: db:db:7c:f0:5d:b2:7b:a2:d6:fb:b4:b0:ab:5a:fb: 30:12:27:e7:57:35:44:d3:3a:30:4a:a0:f5:00:90: 3c:f9:55:ff:1b:fd:37:98:8c:ce:b4:a3:4a:31:9d: 24:bd:5b:a7:e6:31:97:16:03:f8:79:5f:08:c4:24: 6b:9f:f2:e9:d1:41:9f:2b:a2:46:49:5f:23:2e:7b: c3:a4:4d:85:25:27:d3:8d:9f:89:dd:93:df:1d:cf: 79:64:3d:0d:1e:56:54:3e:d5:98:ed:f0:7c:89:04: ef:93:f0:f3:67:99:b7:0a:cc:6f:9d:84:46:85:44: 48:49:07:24:01:69:2f:fe:16:10:27:a4:60:58:8c: 43:25:ed:b5:b5:5c:81:cc:57:89:05:4a:cc:b5:78: d8:80:e8:99:9f:34:5b:ef:f6:2d:c0:c8:53:63:99: b9:e7:aa:da:2f:54:fc:f7:c2:97:9d:69:58:cc:06: bc:9c:ab:50:fa:4d:48:9d:7d:7d:f4:ca:14:7f:c9: 01:f2:97:0c:63:57:8f:8a:93:51:39:5b:a9:b2:48: 17:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:AF:61:62:E9:42:90:EC:06:58:B0:35:F5:20:2E:CF:78:11:75:FA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/24cd5ed4-3b35-4d90-8e44-d72d219dc120.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:6000::/40 Signature Algorithm: sha256WithRSAEncryption 65:e5:02:b6:fb:d1:bc:8a:96:76:9d:50:e0:85:87:38:46:ab: b9:bf:4d:ed:81:3e:1f:f0:2e:c0:15:a8:a5:13:86:df:1f:40: d8:87:18:26:8a:4a:7d:57:a9:9d:ad:5a:64:ea:85:96:35:b8: 95:08:e0:15:a5:d1:79:72:ea:48:44:30:14:de:6c:0e:70:d3: ad:f4:fb:fc:1d:46:0e:fc:b5:45:4c:b0:63:b9:6b:af:39:84: 64:64:a0:e2:b3:22:6c:fc:bc:54:af:23:15:44:84:4d:cf:7e: 67:82:44:f8:7e:7e:ba:04:07:e4:76:dd:ac:b7:60:96:a9:01: c1:e1:90:86:64:ab:95:98:a3:b8:43:0c:21:f6:25:72:2e:5d: a3:55:c3:44:db:27:10:74:81:fb:f4:65:80:aa:57:d1:2b:7c: ba:8b:54:74:e7:cf:3f:ea:1d:89:53:02:4d:03:d4:36:48:3d: 2b:1f:52:79:3a:4e:47:b5:8b:55:8a:6f:8f:4b:67:7a:75:87: 0b:a3:56:36:24:6d:19:bc:f4:6e:b6:7f:bf:f8:ce:da:59:63: aa:08:77:e2:59:09:ed:71:46:70:43:28:67:0b:9a:23:76:5d: f4:dd:50:c5:25:40:0c:cc:ff:ed:df:a0:de:ae:1e:58:74:d6: f4:be:87:3f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJrjYKsd89UUi+eK15wpOIc2WARkwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMzAwMzAxNloX DTI2MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAZjkwMWZkMmRhZDg5YWZkNGFjNDg4 YWMxZTc0NGZmYmM4YjA1MzE5ZjFmZmE0NjZkMjZhZGRkOGVmYzU3ODk3OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9ohYDsLk3oMyS/kjpdOTST1hwS3u AooKpMPZRkd8l86kYrAlvUuKOzAVJZfb23zwXbJ7otb7tLCrWvswEifnVzVE0zow SqD1AJA8+VX/G/03mIzOtKNKMZ0kvVun5jGXFgP4eV8IxCRrn/Lp0UGfK6JGSV8j LnvDpE2FJSfTjZ+J3ZPfHc95ZD0NHlZUPtWY7fB8iQTvk/DzZ5m3CsxvnYRGhURI SQckAWkv/hYQJ6RgWIxDJe21tVyBzFeJBUrMtXjYgOiZnzRb7/YtwMhTY5m556ra L1T898KXnWlYzAa8nKtQ+k1InX199MoUf8kB8pcMY1ePipNROVupskgXNQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBmvYWLpQpDsBliwNfUgLs94EXX6MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI0Y2Q1ZWQ0LTNiMzUtNGQ5MC04ZTQ0LWQ3MmQyMTlkYzEyMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMmAwDQYJKoZIhvcNAQELBQADggEBAGXlArb70byKlnadUOCF hzhGq7m/Te2BPh/wLsAVqKUTht8fQNiHGCaKSn1XqZ2tWmTqhZY1uJUI4BWl0Xly 6khEMBTebA5w0630+/wdRg78tUVMsGO5a685hGRkoOKzImz8vFSvIxVEhE3PfmeC RPh+froEB+R23ay3YJapAcHhkIZkq5WYo7hDDCH2JXIuXaNVw0TbJxB0gfv0ZYCq V9ErfLqLVHTnzz/qHYlTAk0D1DZIPSsfUnk6Tke1i1WKb49LZ3p1hwujVjYkbRm8 9G62f7/4ztpZY6oId+JZCe1xRnBDKGcLmiN2XfTdUMUlQAzM/+3foN6uHlh01vS+ hz8= -----END CERTIFICATE-----Generated at Wed Jun 17 08:42:38 2026 by rpki-client