$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/74b1fe31-3591-4da8-95f4-39ba57fac545.roa File: 74b1fe31-3591-4da8-95f4-39ba57fac545.roa (raw, json) Hash identifier: Wg+IAWimMAR+29njVECGYhM4yPYiFcUBThAtQw00s1E= Subject key identifier: 6F:A2:34:5F:1F:A3:E1:9E:6A:47:77:C3:EE:9E:CA:88:B6:07:AB:E2 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 435F3BCEACB406793E4A57A169399FD3E4221EEB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/74b1fe31-3591-4da8-95f4-39ba57fac545.roa Signing time: Fri 15 May 2026 00:00:14 +0000 ROA not before: Fri 15 May 2026 00:00:14 +0000 ROA not after: Thu 13 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf1:1000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 00:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:5f:3b:ce:ac:b4:06:79:3e:4a:57:a1:69:39:9f:d3:e4:22:1e:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 15 00:00:14 2026 GMT Not After : Aug 13 23:59:59 2026 GMT Subject: serialNumber=e0ac984053b9e8e6f019aa39e832299434b88524d340c24782486a5eda8e407f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:96:b6:61:ef:95:91:87:69:50:e4:94:02:28: 8c:a3:43:d7:84:4c:30:44:76:3a:a5:5c:1d:90:3a: 3d:89:d6:97:0e:ac:e2:00:65:8b:b9:a5:ec:4f:bc: e4:5d:04:83:26:a6:a3:05:70:91:f5:f0:71:9c:3d: 70:22:c7:6f:3d:81:3e:77:73:06:eb:2b:93:63:bf: 30:39:69:28:74:97:2f:73:9e:13:cb:a8:d5:ff:81: 6f:53:f2:8d:60:30:dc:c2:87:38:ef:cc:3e:15:ae: 6c:09:12:9a:b0:9d:05:78:4f:5d:78:e1:76:fd:e7: da:ff:89:6e:a0:1c:b5:3a:94:c7:e6:6c:0f:9f:26: 1a:78:59:01:33:53:0c:c1:1c:bf:ca:ed:86:cd:11: 69:66:b6:5f:c6:ee:0a:e3:ab:84:90:23:99:8c:dc: 75:ff:fb:27:aa:48:4a:33:fb:8c:37:be:3d:32:42: fc:39:92:c0:e0:61:53:67:0a:66:9f:80:3f:b8:80: 85:bf:6b:e3:7c:7b:b8:8f:0b:0d:5c:57:dd:b8:2a: d0:d0:30:e9:37:23:5b:c7:9c:78:b6:e9:2a:e4:21: 93:d2:4e:94:e1:93:75:1b:cf:ec:a5:6f:61:88:0e: b0:a4:32:af:c1:50:21:ca:79:37:41:f7:4f:fd:2e: 3f:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:A2:34:5F:1F:A3:E1:9E:6A:47:77:C3:EE:9E:CA:88:B6:07:AB:E2 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/74b1fe31-3591-4da8-95f4-39ba57fac545.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf1:1000::/40 Signature Algorithm: sha256WithRSAEncryption 11:8f:72:60:66:c0:0a:49:43:22:df:04:ec:88:a7:07:46:93: cf:f6:4a:27:e3:6f:ce:c3:77:0c:b9:5c:91:a3:7d:db:72:c4: 55:0e:c2:c4:35:08:c3:c2:d5:42:c2:79:83:b3:12:0f:ac:18: 53:dd:00:2e:70:ee:c3:1f:db:d6:2e:70:c7:73:09:8e:47:91: b5:d1:68:0e:ea:09:bd:9c:d6:81:d6:8f:a0:90:fe:e2:77:96: 75:c5:84:c3:9c:b8:b2:90:2e:7e:18:8b:74:37:04:3c:25:c5: a2:e8:63:a9:85:1c:61:f4:93:a2:7d:61:d2:07:c6:ba:c8:03: 2e:b3:87:15:39:4a:80:a5:72:69:a5:5a:9f:05:5c:72:0d:1b: 63:1a:dc:ce:b4:a3:15:b1:85:c6:09:42:3a:16:12:87:91:58: f1:76:9c:a6:f8:94:04:f1:dd:e3:a2:94:92:bb:e3:bc:18:ab: 27:4e:42:11:1d:4e:8c:9d:a9:1b:64:0f:28:31:2a:e1:58:00: ee:2b:e2:84:4c:d6:6c:95:3c:14:5d:04:d0:f7:ac:28:80:72: 39:bd:26:af:f9:02:ca:da:55:e1:f5:61:f6:83:c4:b4:05:38: a7:d7:6f:3e:59:d2:fd:17:76:78:00:1f:a8:64:5f:fe:57:6b: 9c:45:f0:6d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUQ187zqy0Bnk+SlehaTmf0+QiHuswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxNTAwMDAxNFoX DTI2MDgxMzIzNTk1OVowejFJMEcGA1UEBRNAZTBhYzk4NDA1M2I5ZThlNmYwMTlh YTM5ZTgzMjI5OTQzNGI4ODUyNGQzNDBjMjQ3ODI0ODZhNWVkYThlNDA3ZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJa2Ye+VkYdpUOSUAiiMo0PXhEww RHY6pVwdkDo9idaXDqziAGWLuaXsT7zkXQSDJqajBXCR9fBxnD1wIsdvPYE+d3MG 6yuTY78wOWkodJcvc54Ty6jV/4FvU/KNYDDcwoc478w+Fa5sCRKasJ0FeE9deOF2 /efa/4luoBy1OpTH5mwPnyYaeFkBM1MMwRy/yu2GzRFpZrZfxu4K46uEkCOZjNx1 //snqkhKM/uMN749MkL8OZLA4GFTZwpmn4A/uICFv2vjfHu4jwsNXFfduCrQ0DDp NyNbx5x4tukq5CGT0k6U4ZN1G8/spW9hiA6wpDKvwVAhynk3QfdP/S4/8QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFG+iNF8fo+Geakd3w+6eyoi2B6viMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc0YjFmZTMxLTM1OTEtNGRhOC05NWY0LTM5YmE1N2ZhYzU0NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8RAwDQYJKoZIhvcNAQELBQADggEBABGPcmBmwApJQyLfBOyI pwdGk8/2Sifjb87Ddwy5XJGjfdtyxFUOwsQ1CMPC1ULCeYOzEg+sGFPdAC5w7sMf 29YucMdzCY5HkbXRaA7qCb2c1oHWj6CQ/uJ3lnXFhMOcuLKQLn4Yi3Q3BDwlxaLo Y6mFHGH0k6J9YdIHxrrIAy6zhxU5SoClcmmlWp8FXHING2Ma3M60oxWxhcYJQjoW EoeRWPF2nKb4lATx3eOilJK747wYqydOQhEdToydqRtkDygxKuFYAO4r4oRM1myV PBRdBND3rCiAcjm9Jq/5AsraVeH1YfaDxLQFOKfXbz5Z0v0XdngAH6hkX/5Xa5xF 8G0= -----END CERTIFICATE-----Generated at Sat Jun 13 09:16:28 2026 by rpki-client