$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/602d113c-fdfa-44de-93f1-9d275ab83cae.roa File: 602d113c-fdfa-44de-93f1-9d275ab83cae.roa (raw, json) Hash identifier: U5PR2Uxt/omdICzCE1wk40DWbkpa4heX0Opdw5YnqtI= Subject key identifier: A2:C5:08:02:D1:B1:78:07:EB:E7:D1:48:C6:95:70:45:18:70:B8:63 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 4CECB22AEAD84D5F506E93C54A960AEED46A3FD2 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/602d113c-fdfa-44de-93f1-9d275ab83cae.roa Signing time: Fri 03 Apr 2026 00:10:08 +0000 ROA not before: Fri 03 Apr 2026 00:10:08 +0000 ROA not after: Thu 02 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daeb:7000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 22 Apr 2026 21:23:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:ec:b2:2a:ea:d8:4d:5f:50:6e:93:c5:4a:96:0a:ee:d4:6a:3f:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 3 00:10:08 2026 GMT Not After : Jul 2 23:59:59 2026 GMT Subject: serialNumber=d3edb61a3c274ef0ddb018fbef3c806b73c85b1b3f6ba9fb92931a6b9b7aa865, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:c8:dd:6b:4e:65:2a:43:93:ad:7b:47:4c:9f: 6e:19:9a:6f:9a:b9:46:3a:78:53:84:78:ba:73:e0: 0a:00:66:66:69:91:e0:27:bb:ac:c7:cd:4c:41:49: af:89:37:b0:da:94:4e:a9:a1:32:31:28:17:e3:03: 52:e1:12:1a:17:8f:00:27:ef:fc:72:45:25:fa:cd: 27:7e:de:50:df:93:42:5f:a9:62:f6:b4:42:d6:99: 7d:82:be:08:aa:25:8e:ab:6b:61:95:1d:62:0b:66: e4:73:60:78:06:47:d9:d3:cd:5b:8b:13:ca:19:af: e7:a6:3f:e3:c7:3d:e5:f4:49:4f:a9:20:61:0f:9b: 35:bd:78:57:83:45:40:6e:e2:10:58:2d:40:ca:5a: 70:54:92:df:af:5e:af:78:80:2a:92:70:63:91:ea: 1e:4d:c6:d5:dd:98:48:da:c2:fa:4a:78:ef:77:3a: cb:31:d5:97:aa:62:e7:2b:1f:da:ca:4f:89:11:83: f6:5a:7a:fa:6a:50:03:3b:ee:48:38:ea:ff:05:67: e2:c8:ee:19:df:83:46:54:a4:b2:21:e6:cd:6b:07: 32:b9:e2:4a:ca:f2:b8:be:80:2c:e4:65:1e:0a:99: 0e:27:1c:8e:d0:43:ac:12:75:dc:1f:de:e3:80:0f: 6b:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:C5:08:02:D1:B1:78:07:EB:E7:D1:48:C6:95:70:45:18:70:B8:63 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/602d113c-fdfa-44de-93f1-9d275ab83cae.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daeb:7000::/40 Signature Algorithm: sha256WithRSAEncryption 96:f4:ef:f1:b7:fd:0e:d3:27:4b:2f:d0:da:fb:55:ea:bd:bc: 3c:9e:bb:97:4b:d0:e5:f9:bd:32:43:3d:cb:01:2b:94:e3:c2: db:9c:43:28:23:a3:b9:ac:8e:f6:7d:45:bb:26:1c:77:84:d3: c7:3d:8a:fd:8d:e0:82:16:29:28:ea:06:8f:8a:5a:de:96:ba: 05:a4:9e:67:0a:08:d2:03:7b:01:d0:fa:c2:40:c9:0c:9d:3e: 1f:f2:78:2f:e8:37:ee:99:b8:99:45:23:80:7d:ab:cd:0e:3f: 29:13:64:01:a4:93:b3:17:03:32:de:87:a9:61:83:b8:12:54: 02:60:55:05:6a:f7:77:50:0f:15:7c:51:dc:5e:71:7a:1d:dd: e4:3d:42:09:94:53:9a:e3:a6:01:bf:33:cc:04:d3:fe:d1:ec: db:90:b5:41:63:ce:32:cd:17:fc:a5:28:1e:d0:da:d8:a8:d4: 40:6a:61:c3:fd:8f:93:27:20:f1:11:4e:17:95:16:b8:19:7b: 3b:48:68:cb:ed:f5:40:54:84:82:39:7d:13:27:0f:d9:3a:e5: d8:c2:ad:ac:d5:2a:72:93:2b:9e:cf:37:3a:25:32:28:77:ea: 58:1e:e5:b3:0a:3c:5c:fb:a0:a3:95:a7:00:29:92:f9:5c:65: c7:31:f2:96 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUTOyyKurYTV9QbpPFSpYK7tRqP9IwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDQwMzAwMTAwOFoX DTI2MDcwMjIzNTk1OVowejFJMEcGA1UEBRNAZDNlZGI2MWEzYzI3NGVmMGRkYjAx OGZiZWYzYzgwNmI3M2M4NWIxYjNmNmJhOWZiOTI5MzFhNmI5YjdhYTg2NTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcjda05lKkOTrXtHTJ9uGZpvmrlG OnhThHi6c+AKAGZmaZHgJ7usx81MQUmviTew2pROqaEyMSgX4wNS4RIaF48AJ+/8 ckUl+s0nft5Q35NCX6li9rRC1pl9gr4IqiWOq2thlR1iC2bkc2B4BkfZ081bixPK Ga/npj/jxz3l9ElPqSBhD5s1vXhXg0VAbuIQWC1AylpwVJLfr16veIAqknBjkeoe TcbV3ZhI2sL6SnjvdzrLMdWXqmLnKx/ayk+JEYP2Wnr6alADO+5IOOr/BWfiyO4Z 34NGVKSyIebNawcyueJKyvK4voAs5GUeCpkOJxyO0EOsEnXcH97jgA9rGQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFKLFCALRsXgH6+fRSMaVcEUYcLhjMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzYwMmQxMTNjLWZkZmEtNDRkZS05M2YxLTlkMjc1YWI4M2NhZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba63AwDQYJKoZIhvcNAQELBQADggEBAJb07/G3/Q7TJ0sv0Nr7 Veq9vDyeu5dL0OX5vTJDPcsBK5TjwtucQygjo7msjvZ9RbsmHHeE08c9iv2N4IIW KSjqBo+KWt6WugWknmcKCNIDewHQ+sJAyQydPh/yeC/oN+6ZuJlFI4B9q80OPykT ZAGkk7MXAzLeh6lhg7gSVAJgVQVq93dQDxV8UdxecXod3eQ9QgmUU5rjpgG/M8wE 0/7R7NuQtUFjzjLNF/ylKB7Q2tio1EBqYcP9j5MnIPERTheVFrgZeztIaMvt9UBU hII5fRMnD9k65djCrazVKnKTK57PNzolMih36lge5bMKPFz7oKOVpwApkvlcZccx 8pY= -----END CERTIFICATE-----Generated at Sun Apr 19 11:18:16 2026 by rpki-client