$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/791379f0-fd5d-4abd-b91c-cd60f33d45a9.roa File: 791379f0-fd5d-4abd-b91c-cd60f33d45a9.roa (raw, json) Hash identifier: YT6Xk1CIq4R5pQJFcMzxR7cLp6Lz5zFjI+atmvA8a68= Subject key identifier: FF:09:63:5D:EE:E5:26:46:D6:2C:2A:4D:CC:66:53:AA:4E:63:73:8C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 60A57E166F202E3954A0F476CC98548C95983495 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/791379f0-fd5d-4abd-b91c-cd60f33d45a9.roa Signing time: Fri 03 Apr 2026 00:00:12 +0000 ROA not before: Fri 03 Apr 2026 00:00:12 +0000 ROA not after: Thu 02 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daeb:880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 20 Apr 2026 21:22:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:a5:7e:16:6f:20:2e:39:54:a0:f4:76:cc:98:54:8c:95:98:34:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 3 00:00:12 2026 GMT Not After : Jul 2 23:59:59 2026 GMT Subject: serialNumber=04b15b3bbfd1aa318808b00b434bfa6627cefb9d8c7152f1bcddc4d08a78fcf5, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:03:c8:7e:22:71:74:19:35:ab:ec:6d:64:74: 27:50:55:8b:11:0b:d0:99:5f:cd:a3:c9:7c:85:f9: 67:cd:bf:89:a5:39:e2:f6:73:9f:10:68:7f:f9:a8: 95:75:bc:00:35:ff:db:1a:1e:b6:d1:14:3f:1e:94: 8d:9a:0c:9e:4e:2b:67:cb:e6:f8:45:da:24:ca:f6: d8:74:f9:b7:12:d1:a2:19:75:eb:fb:64:05:eb:f0: 93:b7:f1:92:4d:eb:e1:44:ca:fc:0c:63:15:de:a7: a6:40:32:37:01:f8:22:18:0d:71:34:98:4b:fb:b8: 66:81:6f:d5:b2:a8:bc:8e:15:7d:e4:2c:63:23:c8: 7c:5b:02:88:38:1b:88:4e:a1:56:4a:8e:e0:00:b9: 0b:58:91:6c:66:82:07:f4:0f:02:47:55:bc:a4:46: f2:ab:bd:a4:74:6c:20:ea:9f:7c:6e:e2:60:78:f1: bd:b0:39:f8:d5:ca:31:e7:78:ca:aa:32:29:25:b0: d9:f9:b9:d1:42:d0:ae:3d:0b:32:80:a9:92:bc:01: d5:9a:40:8d:8a:f3:05:42:4c:cf:44:d0:be:31:e6: f8:b9:2a:3f:68:22:68:61:89:5f:ab:eb:a1:f8:e7: df:64:0e:8c:f7:6e:05:70:75:13:ce:28:42:73:06: 07:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:09:63:5D:EE:E5:26:46:D6:2C:2A:4D:CC:66:53:AA:4E:63:73:8C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/791379f0-fd5d-4abd-b91c-cd60f33d45a9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daeb:880::/48 Signature Algorithm: sha256WithRSAEncryption be:51:a3:0f:26:8a:99:57:c3:09:d2:53:e9:4c:6b:03:21:e9: b3:45:c0:04:96:53:1d:2d:0d:8c:bb:ed:cd:97:6a:32:df:b1: 3e:79:27:00:36:95:39:fa:97:dc:89:ac:1e:10:ff:b2:ae:29: d2:9a:40:2b:9b:8b:8a:2a:35:17:83:84:8d:ba:47:c9:1b:5c: 20:51:f4:1d:37:54:3c:71:30:d9:2a:4f:53:a3:5e:12:82:67: 7d:60:96:55:15:f8:29:84:3e:64:ac:8c:d4:ff:2c:4e:0f:a0: 12:bf:8b:4a:6b:7d:65:4c:49:35:18:5c:66:dd:39:39:91:ef: ed:aa:f9:c7:6b:2a:26:b8:4d:40:86:31:a3:46:e0:36:74:11: f0:e3:37:e6:d6:55:27:11:28:65:e7:0f:a9:f5:70:c0:92:c8: 2f:7f:c8:37:1b:18:35:e2:7a:3c:bc:82:63:e7:53:14:e6:b8: 71:e2:d2:27:45:c6:54:67:04:57:49:32:77:24:86:eb:b7:a4: 98:4a:16:cc:9b:83:4d:7b:14:72:04:2e:88:76:9c:d9:ee:3e: 49:c9:3f:d0:5c:5b:72:be:a0:56:2c:79:76:f4:64:7e:99:fb: 4c:0a:16:b7:27:c1:30:b9:2d:c2:d8:33:8f:b4:59:f8:2b:ce: d0:b3:0e:72 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUYKV+Fm8gLjlUoPR2zJhUjJWYNJUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDQwMzAwMDAxMloX DTI2MDcwMjIzNTk1OVowejFJMEcGA1UEBRNAMDRiMTViM2JiZmQxYWEzMTg4MDhi MDBiNDM0YmZhNjYyN2NlZmI5ZDhjNzE1MmYxYmNkZGM0ZDA4YTc4ZmNmNTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwPIfiJxdBk1q+xtZHQnUFWLEQvQ mV/No8l8hflnzb+JpTni9nOfEGh/+aiVdbwANf/bGh620RQ/HpSNmgyeTitny+b4 RdokyvbYdPm3EtGiGXXr+2QF6/CTt/GSTevhRMr8DGMV3qemQDI3AfgiGA1xNJhL +7hmgW/Vsqi8jhV95CxjI8h8WwKIOBuITqFWSo7gALkLWJFsZoIH9A8CR1W8pEby q72kdGwg6p98buJgePG9sDn41cox53jKqjIpJbDZ+bnRQtCuPQsygKmSvAHVmkCN ivMFQkzPRNC+Meb4uSo/aCJoYYlfq+uh+OffZA6M924FcHUTzihCcwYHiwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFP8JY13u5SZG1iwqTcxmU6pOY3OMMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx Lzc5MTM3OWYwLWZkNWQtNGFiZC1iOTFjLWNkNjBmMzNkNDVhOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6wiAMA0GCSqGSIb3DQEBCwUAA4IBAQC+UaMPJoqZV8MJ0lPp TGsDIemzRcAEllMdLQ2Mu+3Nl2oy37E+eScANpU5+pfciaweEP+yrinSmkArm4uK KjUXg4SNukfJG1wgUfQdN1Q8cTDZKk9To14Sgmd9YJZVFfgphD5krIzU/yxOD6AS v4tKa31lTEk1GFxm3Tk5ke/tqvnHayomuE1AhjGjRuA2dBHw4zfm1lUnEShl5w+p 9XDAksgvf8g3Gxg14no8vIJj51MU5rhx4tInRcZUZwRXSTJ3JIbrt6SYShbMm4NN exRyBC6IdpzZ7j5JyT/QXFtyvqBWLHl29GR+mftMCha3J8EwuS3C2DOPtFn4K87Q sw5y -----END CERTIFICATE-----Generated at Fri Apr 17 05:53:05 2026 by rpki-client