$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c3824f8-42e9-4418-8966-1b2766cf39bd.roa File: 5c3824f8-42e9-4418-8966-1b2766cf39bd.roa (raw, json) Hash identifier: XwoP56bElQhrcdvH3QOMahkMSzpLlo6LS1akKHFtig0= Subject key identifier: 9C:32:EF:60:F4:98:E6:32:7D:7D:95:45:0A:BC:62:66:FA:9E:29:B1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 36100F3507C4D416A8E032A34EBFC8A470D3C8BD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c3824f8-42e9-4418-8966-1b2766cf39bd.roa Signing time: Wed 13 May 2026 00:10:43 +0000 ROA not before: Wed 13 May 2026 00:10:43 +0000 ROA not after: Tue 11 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:7000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 00:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:10:0f:35:07:c4:d4:16:a8:e0:32:a3:4e:bf:c8:a4:70:d3:c8:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:10:43 2026 GMT Not After : Aug 11 23:59:59 2026 GMT Subject: serialNumber=8c489c1e9aa86c770c0838db47f75ee23ab8af5afac6ec898a4c8a86e668af7c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:87:70:c0:be:09:93:a2:4b:e8:01:cc:50:c5: 18:bb:7e:7a:2d:4d:d4:0f:2c:18:0a:bb:30:32:1d: 6c:08:06:d4:c3:d6:cf:cb:64:d3:c7:1c:08:ca:9a: a9:03:99:71:1e:e5:7d:dc:0c:a5:a8:75:e7:7a:36: f6:c8:db:82:7b:c0:6a:de:2d:3b:f0:bd:95:be:2b: 1c:99:fa:1b:18:95:d6:f9:0f:b2:69:da:f3:86:13: bd:b4:da:e2:1d:43:34:a9:e1:97:04:05:05:99:c3: 86:a6:c2:7a:6c:2a:d9:c2:b5:a7:2c:dc:f3:f2:a2: 1f:dc:f9:b9:91:a3:d6:0e:d8:60:a4:bf:54:51:3b: df:9a:52:39:0a:2e:0e:23:c2:e9:4c:6d:48:96:0b: 1a:a4:88:f5:c5:54:26:b7:a2:b4:c5:79:69:32:20: 53:32:06:25:0d:21:ae:d1:2d:91:38:b3:19:fe:da: 78:87:3d:54:cb:a4:d8:29:5b:37:a0:4c:5c:c9:d5: 09:a3:06:2e:23:e8:45:f6:3e:a6:89:aa:15:2d:f1: 76:53:69:4b:43:8b:c5:b9:0f:52:30:26:08:de:2c: fa:6a:fc:36:76:24:38:46:6c:31:7c:d6:30:5b:e4: 6d:f9:d4:ce:07:d6:f3:d3:a3:13:d0:2d:40:1d:fb: c3:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:32:EF:60:F4:98:E6:32:7D:7D:95:45:0A:BC:62:66:FA:9E:29:B1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5c3824f8-42e9-4418-8966-1b2766cf39bd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:7000::/40 Signature Algorithm: sha256WithRSAEncryption 45:b1:a6:ef:3c:c8:35:e9:7d:64:5a:59:1d:85:be:f9:7f:a2: 38:f9:67:87:c9:32:50:88:9c:09:d4:6d:12:28:57:99:01:42: 64:b1:19:3b:a5:26:0f:80:d3:70:4c:5d:61:92:bb:bb:c6:55: 6f:6a:f8:fd:5d:13:08:77:aa:19:fc:41:c8:2d:db:5e:c6:d9: c6:75:82:25:15:51:09:ca:e7:42:15:7b:0d:ec:84:90:f5:91: 1a:dc:86:e5:43:bd:96:f3:4d:b9:a2:c0:09:cf:c3:b9:c0:e9: 5d:01:ee:3c:80:4e:3f:d7:4f:06:83:66:91:83:c8:ab:33:1c: 5e:3d:b4:f8:35:7f:88:ec:01:7e:af:c4:6c:f8:cb:0e:27:7b: 35:17:c0:fb:9e:ca:5b:ed:0a:01:45:92:a6:52:c9:36:4c:ea: a0:60:f1:46:d8:d8:a6:9e:14:26:35:a1:a1:05:d3:db:44:4f: 8c:5f:53:f0:89:70:08:56:92:11:0b:4a:76:a6:5c:91:44:b0: 5d:b2:15:ca:cc:40:04:dc:8a:b6:2d:a1:e2:bc:77:d8:bc:f6: 5d:aa:85:6b:70:82:de:bf:a9:4c:78:8d:8b:f9:b2:a4:b6:80: 81:8c:79:51:98:3c:63:31:d8:26:cd:8f:ab:94:ee:53:13:f9: 50:4b:1a:f2 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUNhAPNQfE1Bao4DKjTr/IpHDTyL0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMzAwMTA0M1oX DTI2MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAOGM0ODljMWU5YWE4NmM3NzBjMDgz OGRiNDdmNzVlZTIzYWI4YWY1YWZhYzZlYzg5OGE0YzhhODZlNjY4YWY3YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8YdwwL4Jk6JL6AHMUMUYu356LU3U DywYCrswMh1sCAbUw9bPy2TTxxwIypqpA5lxHuV93AylqHXnejb2yNuCe8Bq3i07 8L2VviscmfobGJXW+Q+yadrzhhO9tNriHUM0qeGXBAUFmcOGpsJ6bCrZwrWnLNzz 8qIf3Pm5kaPWDthgpL9UUTvfmlI5Ci4OI8LpTG1IlgsapIj1xVQmt6K0xXlpMiBT MgYlDSGu0S2ROLMZ/tp4hz1Uy6TYKVs3oExcydUJowYuI+hF9j6miaoVLfF2U2lL Q4vFuQ9SMCYI3iz6avw2diQ4RmwxfNYwW+Rt+dTOB9bz06MT0C1AHfvDvwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJwy72D0mOYyfX2VRQq8Ymb6nimxMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVjMzgyNGY4LTQyZTktNDQxOC04OTY2LTFiMjc2NmNmMzliZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8XAwDQYJKoZIhvcNAQELBQADggEBAEWxpu88yDXpfWRaWR2F vvl/ojj5Z4fJMlCInAnUbRIoV5kBQmSxGTulJg+A03BMXWGSu7vGVW9q+P1dEwh3 qhn8Qcgt217G2cZ1giUVUQnK50IVew3shJD1kRrchuVDvZbzTbmiwAnPw7nA6V0B 7jyATj/XTwaDZpGDyKszHF49tPg1f4jsAX6vxGz4yw4nezUXwPueylvtCgFFkqZS yTZM6qBg8UbY2KaeFCY1oaEF09tET4xfU/CJcAhWkhELSnamXJFEsF2yFcrMQATc irYtoeK8d9i89l2qhWtwgt6/qUx4jYv5sqS2gIGMeVGYPGMx2CbNj6uU7lMT+VBL GvI= -----END CERTIFICATE-----Generated at Sat Jun 13 09:16:32 2026 by rpki-client