$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/423962f8-7751-42a3-a459-7a33fc536f8e.roa File: 423962f8-7751-42a3-a459-7a33fc536f8e.roa (raw, json) Hash identifier: IBBaHp1cXvMvo0km56+PmerbqklAdRtjeX8iwuZn570= Subject key identifier: 4D:38:2C:84:9C:CC:39:6E:03:AA:C9:C9:0B:43:04:5A:B5:A7:66:B3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 626660071C5EF0E344CA392C89B9442A4FB0028B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/423962f8-7751-42a3-a459-7a33fc536f8e.roa Signing time: Sun 31 May 2026 00:20:52 +0000 ROA not before: Sun 31 May 2026 00:20:52 +0000 ROA not after: Sat 29 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daba:8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 00:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:66:60:07:1c:5e:f0:e3:44:ca:39:2c:89:b9:44:2a:4f:b0:02:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 31 00:20:52 2026 GMT Not After : Aug 29 23:59:59 2026 GMT Subject: serialNumber=91bc15aea3c47af60be9817a7a98b653383d1d5fbeb8a6e604849d08a0c55143, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:d3:89:8d:cc:d9:43:d5:4c:ff:96:b6:bc:05: e8:e8:7d:d6:77:a6:e7:db:f5:55:1b:02:b6:93:8a: 0a:1a:42:9c:6b:4c:44:cf:cd:4d:3c:21:7c:3b:02: 12:45:57:14:ff:dc:d2:7d:a0:91:f4:ac:1a:8d:9e: a0:ac:2a:34:dd:2a:62:92:b6:78:84:5c:47:19:1a: 53:10:96:b8:cb:ef:9f:a5:16:ff:3b:1b:42:27:bb: 3e:d2:a0:9f:27:14:7c:d5:d6:97:f4:ad:4d:c3:24: 32:d4:9b:ce:ef:ba:b4:4b:dc:dc:84:59:ca:c6:c9: d5:09:31:2b:9f:50:7e:4f:7c:f2:d5:7c:95:16:5c: 5f:15:8e:f9:2b:82:9f:e5:34:0b:d0:72:21:ab:dd: ff:da:e7:53:1a:1b:b3:55:ce:f0:ae:1b:f6:6e:31: 6c:9e:77:b4:76:0a:f8:3d:14:39:97:34:4f:e0:ec: 84:a9:24:be:22:96:b5:2c:ca:00:a9:d4:4a:71:a5: 2e:79:7f:d6:43:b5:8e:b6:10:cb:4f:4a:ec:c5:69: 52:95:31:84:96:e9:4e:cb:a8:d5:cb:b7:e9:ff:bb: b3:da:50:09:b3:a6:e7:fc:4b:91:dd:31:54:e6:4c: 68:c4:7b:d5:8f:47:fe:33:fc:27:93:d7:66:98:20: e7:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:38:2C:84:9C:CC:39:6E:03:AA:C9:C9:0B:43:04:5A:B5:A7:66:B3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/423962f8-7751-42a3-a459-7a33fc536f8e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daba:8c0::/48 Signature Algorithm: sha256WithRSAEncryption c2:45:28:65:f8:2f:bc:a8:c5:09:6b:2c:4b:e4:2b:d7:ef:57: 46:2b:0f:c4:ae:c2:5b:a7:0e:06:92:7d:e4:83:b6:56:97:e3: 6b:25:ee:80:a8:93:fb:61:c0:ee:02:d6:0c:6e:e7:c2:10:ed: 93:ed:40:a9:fc:37:d4:7f:41:34:6b:86:b7:ec:a7:c0:bf:1b: ab:cf:9d:fe:07:fa:42:9b:15:7a:13:de:eb:03:2f:fd:48:b5: b3:cd:b2:e2:34:96:d3:83:5f:d7:dc:b6:87:cc:a1:af:87:b3: 33:55:8c:0d:cd:39:f2:9a:de:e5:aa:b4:3c:9a:a9:ef:0b:44: 05:79:d9:da:fa:d8:45:0d:b2:a5:9b:f3:c3:41:ac:62:8a:b5: 05:f5:76:9d:ba:b4:05:bd:22:16:03:df:d3:66:be:0d:0b:a9: 81:1f:30:07:92:38:90:cc:63:8f:4b:47:d5:d4:43:b8:2c:3e: de:c5:59:1f:58:f7:72:e3:8d:41:3d:66:cc:93:9d:84:4f:05: 0d:9f:ed:35:78:39:02:b6:fb:08:c9:d3:28:56:cf:ef:50:be: fd:9b:ec:78:24:74:fb:55:d5:a3:e3:73:a9:a6:53:06:2b:75: 19:a6:f7:1c:af:ea:91:a2:61:e2:b2:44:9c:ae:2c:06:1b:0f: 3a:2a:67:8e -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUYmZgBxxe8ONEyjksiblEKk+wAoswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUzMTAwMjA1MloX DTI2MDgyOTIzNTk1OVowejFJMEcGA1UEBRNAOTFiYzE1YWVhM2M0N2FmNjBiZTk4 MTdhN2E5OGI2NTMzODNkMWQ1ZmJlYjhhNmU2MDQ4NDlkMDhhMGM1NTE0MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1NOJjczZQ9VM/5a2vAXo6H3Wd6bn 2/VVGwK2k4oKGkKca0xEz81NPCF8OwISRVcU/9zSfaCR9KwajZ6grCo03SpikrZ4 hFxHGRpTEJa4y++fpRb/OxtCJ7s+0qCfJxR81daX9K1NwyQy1JvO77q0S9zchFnK xsnVCTErn1B+T3zy1XyVFlxfFY75K4Kf5TQL0HIhq93/2udTGhuzVc7wrhv2bjFs nne0dgr4PRQ5lzRP4OyEqSS+Ipa1LMoAqdRKcaUueX/WQ7WOthDLT0rsxWlSlTGE lulOy6jVy7fp/7uz2lAJs6bn/EuR3TFU5kxoxHvVj0f+M/wnk9dmmCDnWQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFE04LISczDluA6rJyQtDBFq1p2azMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQyMzk2MmY4LTc3NTEtNDJhMy1hNDU5LTdhMzNmYzUzNmY4ZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAbaugjAMA0GCSqGSIb3DQEBCwUAA4IBAQDCRShl+C+8qMUJayxL 5CvX71dGKw/ErsJbpw4Gkn3kg7ZWl+NrJe6AqJP7YcDuAtYMbufCEO2T7UCp/DfU f0E0a4a37KfAvxurz53+B/pCmxV6E97rAy/9SLWzzbLiNJbTg1/X3LaHzKGvh7Mz VYwNzTnymt7lqrQ8mqnvC0QFedna+thFDbKlm/PDQaxiirUF9XadurQFvSIWA9/T Zr4NC6mBHzAHkjiQzGOPS0fV1EO4LD7exVkfWPdy441BPWbMk52ETwUNn+01eDkC tvsIydMoVs/vUL79m+x4JHT7VdWj43OpplMGK3UZpvccr+qRomHiskScriwGGw86 KmeO -----END CERTIFICATE-----Generated at Sat Jun 13 09:16:24 2026 by rpki-client