$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/78e86ae1-df32-4b1a-9214-5e6a5ab5a684.roa File: 78e86ae1-df32-4b1a-9214-5e6a5ab5a684.roa (raw, json) Hash identifier: llJkIHEa9gMtuBeOnIyFjgU7hvuEMoqI4xzchk646Lg= Subject key identifier: 09:1E:7F:EB:6A:D3:42:1C:23:FD:74:75:16:A8:66:82:08:74:14:89 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 372847CCEA30F1BB4871EF05F8CB7C13AA077FA5 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/78e86ae1-df32-4b1a-9214-5e6a5ab5a684.roa Signing time: Sun 31 May 2026 00:00:42 +0000 ROA not before: Sun 31 May 2026 00:00:42 +0000 ROA not after: Sat 29 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dae9:f040::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 00:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:28:47:cc:ea:30:f1:bb:48:71:ef:05:f8:cb:7c:13:aa:07:7f:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 31 00:00:42 2026 GMT Not After : Aug 29 23:59:59 2026 GMT Subject: serialNumber=b3928774af0f92a11878457c4745403a1e2f4349db5ae0a36d7f026587a0b133, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:92:a6:a9:7d:f6:18:00:f4:e7:88:4c:c6:70: de:ba:87:75:f9:cc:3b:e2:cb:71:e1:af:7a:d8:7a: 92:56:a5:77:b4:70:c3:9e:bb:9b:34:0a:07:05:b7: 3f:83:a8:96:e4:ab:2a:17:0a:94:aa:75:21:13:27: ca:22:25:10:70:02:3b:9c:5c:36:6e:4e:55:b2:88: 22:91:99:02:73:80:3c:b6:32:b6:95:c0:91:86:fb: 33:66:7a:b0:00:33:75:63:8d:f8:a9:e4:e4:b9:ec: ab:e2:32:cb:1d:4b:b8:96:50:4b:18:93:d1:7b:23: 5f:c2:5e:ae:0d:6b:33:e2:7b:d9:17:f8:49:f2:ea: b7:9d:27:46:7d:5c:81:8e:e9:54:2c:88:b8:4b:c3: c2:a9:ee:a6:31:68:27:a3:48:fa:45:79:16:20:4e: c6:68:b8:cd:9b:12:40:2f:b4:1d:0d:35:98:55:80: a1:ea:a5:5b:95:ab:ca:69:fb:a2:e7:ea:6e:19:67: 88:72:d8:e7:cb:2b:18:fe:e4:b3:6e:24:29:12:85: ae:cd:6b:90:be:ea:12:93:98:22:22:56:60:3d:d2: 7b:54:3b:d4:49:46:cb:d0:95:2f:4b:ab:d2:4d:1e: 9f:48:e1:14:19:ba:f3:95:c2:84:7a:e9:9c:00:64: 00:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:1E:7F:EB:6A:D3:42:1C:23:FD:74:75:16:A8:66:82:08:74:14:89 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/78e86ae1-df32-4b1a-9214-5e6a5ab5a684.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dae9:f040::/48 Signature Algorithm: sha256WithRSAEncryption 04:d4:60:33:b8:c1:4f:1e:42:4b:8d:51:b0:14:5c:c2:ee:e1: 70:8c:83:fa:fb:b0:ae:77:7a:6c:ca:9f:47:51:35:80:40:3c: 1c:35:48:5a:79:81:7e:d5:4a:bc:33:aa:6e:4b:26:a5:d4:b3: 7f:a5:07:b1:bf:cb:21:2b:f0:6f:97:d5:d8:96:38:ae:70:0d: 0b:54:be:0d:41:02:36:d6:99:d3:57:91:ff:b4:1b:c9:26:b1: 15:75:9e:c8:10:5e:c7:f9:e6:71:b0:58:06:e8:1a:37:e0:fb: 57:8b:67:97:d3:ca:a7:5c:d5:9d:12:8e:3f:e7:32:24:8a:72: 0b:8e:a9:7e:37:43:c3:cb:64:2a:12:f4:f4:48:f8:93:77:c2: e4:1a:b0:49:a2:e4:2b:5c:f0:77:a2:83:e0:33:b0:23:26:c0: b6:08:c2:80:11:30:fb:c0:18:2f:18:d2:f6:f9:4a:2a:af:f1: e6:c0:45:af:a8:37:04:21:56:45:1a:b1:7e:1b:ac:4f:ee:24: 29:2b:32:7a:38:fc:d8:3d:10:80:dc:c5:e6:ed:e6:10:0a:d8: f4:bf:e3:f1:dc:1f:4e:5c:12:f6:d5:6c:32:79:26:d6:4d:e7: 64:e1:df:00:4b:af:7f:75:db:82:7c:b9:8e:eb:4a:23:fe:62: 96:ea:bb:6a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUNyhHzOow8btIce8F+Mt8E6oHf6UwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUzMTAwMDA0MloX DTI2MDgyOTIzNTk1OVowejFJMEcGA1UEBRNAYjM5Mjg3NzRhZjBmOTJhMTE4Nzg0 NTdjNDc0NTQwM2ExZTJmNDM0OWRiNWFlMGEzNmQ3ZjAyNjU4N2EwYjEzMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpKmqX32GAD054hMxnDeuod1+cw7 4stx4a962HqSVqV3tHDDnrubNAoHBbc/g6iW5KsqFwqUqnUhEyfKIiUQcAI7nFw2 bk5VsogikZkCc4A8tjK2lcCRhvszZnqwADN1Y434qeTkueyr4jLLHUu4llBLGJPR eyNfwl6uDWsz4nvZF/hJ8uq3nSdGfVyBjulULIi4S8PCqe6mMWgno0j6RXkWIE7G aLjNmxJAL7QdDTWYVYCh6qVblavKafui5+puGWeIctjnyysY/uSzbiQpEoWuzWuQ vuoSk5giIlZgPdJ7VDvUSUbL0JUvS6vSTR6fSOEUGbrzlcKEeumcAGQANQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFAkef+tq00IcI/10dRaoZoIIdBSJMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc4ZTg2YWUxLWRmMzItNGIxYS05MjE0LTVlNmE1YWI1YTY4NC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6fBAMA0GCSqGSIb3DQEBCwUAA4IBAQAE1GAzuMFPHkJLjVGw FFzC7uFwjIP6+7Cud3psyp9HUTWAQDwcNUhaeYF+1Uq8M6puSyal1LN/pQexv8sh K/Bvl9XYljiucA0LVL4NQQI21pnTV5H/tBvJJrEVdZ7IEF7H+eZxsFgG6Bo34PtX i2eX08qnXNWdEo4/5zIkinILjql+N0PDy2QqEvT0SPiTd8LkGrBJouQrXPB3ooPg M7AjJsC2CMKAETD7wBgvGNL2+Uoqr/HmwEWvqDcEIVZFGrF+G6xP7iQpKzJ6OPzY PRCA3MXm7eYQCtj0v+Px3B9OXBL21WwyeSbWTedk4d8AS69/dduCfLmO60oj/mKW 6rtq -----END CERTIFICATE-----Generated at Sat Jun 13 10:26:46 2026 by rpki-client