$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae0a9132-a36f-4c0a-b43f-117d8932361e.roa File: ae0a9132-a36f-4c0a-b43f-117d8932361e.roa (raw, json) Hash identifier: f3BBoSFqiNtAYKiMgHddYY6S3q9zNXN2+VmCGDZav1c= Subject key identifier: 7C:6D:9C:99:02:EB:01:60:85:CF:3A:CC:73:B4:62:66:66:CB:34:AD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2739CAEB6A6A0F1ADCF093BEEE476DA041E2A420 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae0a9132-a36f-4c0a-b43f-117d8932361e.roa Signing time: Sun 31 May 2026 00:10:29 +0000 ROA not before: Sun 31 May 2026 00:10:29 +0000 ROA not after: Sat 29 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daba:c000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 00:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:39:ca:eb:6a:6a:0f:1a:dc:f0:93:be:ee:47:6d:a0:41:e2:a4:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 31 00:10:29 2026 GMT Not After : Aug 29 23:59:59 2026 GMT Subject: serialNumber=7a4cedfec5510592df389870ff2aba11f5cf84ed1e3d8f7854960d1f47583776, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:ec:c1:70:35:39:b2:dd:86:a7:66:8f:1a:2a: f5:55:bf:8e:8d:60:bd:82:8f:f0:6b:5d:ad:79:1c: 5e:23:e2:4f:75:ec:e4:68:be:cf:46:eb:7c:07:82: 0a:5d:df:bc:73:f3:ac:ba:c5:64:6e:4e:c9:97:8f: c6:9c:33:57:34:9f:18:eb:1a:af:cc:c0:3b:ca:a4: af:1b:d8:09:72:3e:f4:a7:13:51:e5:41:f3:e0:45: 76:c4:be:fb:b7:a7:26:93:31:be:63:33:6b:4d:32: a4:11:e4:bb:f3:88:0f:d7:2f:7b:3b:b4:07:61:b8: 2b:cf:63:bd:14:d6:e8:c1:32:bf:c1:de:78:3f:df: b8:17:ab:47:d5:07:b3:aa:d4:dd:0c:ce:0f:68:2c: 15:68:10:d1:54:4e:44:96:91:a4:f0:10:f7:6d:83: 3f:42:d5:d0:d9:6e:60:27:ff:b9:00:7c:d7:6b:ae: 5a:7b:a6:7f:50:7d:24:2a:c2:57:06:b1:aa:19:da: d5:e9:ad:03:11:64:18:f9:d7:b9:a6:81:86:c4:be: 0b:b8:7f:00:d5:8c:7c:d4:c3:48:f8:f8:ae:8b:b9: 21:50:b3:be:c2:01:85:c7:75:db:09:db:24:26:f8: c0:eb:a9:80:e9:6d:7d:ca:93:ba:be:4a:e7:47:53: 61:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:6D:9C:99:02:EB:01:60:85:CF:3A:CC:73:B4:62:66:66:CB:34:AD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae0a9132-a36f-4c0a-b43f-117d8932361e.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daba:c000::/40 Signature Algorithm: sha256WithRSAEncryption 52:63:cc:a3:c7:21:c7:5e:2e:31:3d:1d:47:7b:29:a6:ff:04: 52:b8:d6:ec:37:23:6d:c3:71:17:f8:8c:e9:08:00:16:19:63: 35:67:d1:53:78:3b:86:96:e0:85:9a:ce:a7:2b:4e:d4:8b:88: b6:2b:a4:62:fd:c3:e1:66:2a:4e:02:88:e9:15:07:b8:59:01: c4:86:2d:ba:83:10:ec:33:ef:18:53:b2:7b:39:4d:26:15:63: 63:f2:dc:de:5c:37:0e:8a:5a:65:45:3f:4a:74:c2:85:c4:cc: 22:42:64:60:4b:a9:6e:1e:14:c8:e0:5d:de:fd:24:ad:07:93: 1a:1c:8b:13:20:7d:03:1e:39:ab:29:6c:99:b3:65:f0:11:5a: f9:67:b4:82:24:c8:e0:31:fe:15:0e:80:dc:7a:ef:d9:10:fe: a6:b5:73:a1:6d:00:1d:75:5a:73:8e:49:a3:80:bc:86:fc:62: 11:d9:b3:1b:c0:a6:d2:c0:05:07:5f:19:a9:d7:49:25:a9:c8: 2c:02:17:38:23:82:05:c6:e4:09:ee:b1:74:0a:12:dd:ec:90: d3:a3:67:db:31:af:d9:15:2b:24:4f:91:4e:37:28:cd:77:b3: d1:b3:fd:5c:89:56:9e:ac:45:4f:34:7f:06:07:03:e8:34:c2: 3d:6a:f0:6b -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUJznK62pqDxrc8JO+7kdtoEHipCAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUzMTAwMTAyOVoX DTI2MDgyOTIzNTk1OVowejFJMEcGA1UEBRNAN2E0Y2VkZmVjNTUxMDU5MmRmMzg5 ODcwZmYyYWJhMTFmNWNmODRlZDFlM2Q4Zjc4NTQ5NjBkMWY0NzU4Mzc3NjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9OzBcDU5st2Gp2aPGir1Vb+OjWC9 go/wa12teRxeI+JPdezkaL7PRut8B4IKXd+8c/OsusVkbk7Jl4/GnDNXNJ8Y6xqv zMA7yqSvG9gJcj70pxNR5UHz4EV2xL77t6cmkzG+YzNrTTKkEeS784gP1y97O7QH Ybgrz2O9FNbowTK/wd54P9+4F6tH1QezqtTdDM4PaCwVaBDRVE5ElpGk8BD3bYM/ QtXQ2W5gJ/+5AHzXa65ae6Z/UH0kKsJXBrGqGdrV6a0DEWQY+de5poGGxL4LuH8A 1Yx81MNI+Piui7khULO+wgGFx3XbCdskJvjA66mA6W19ypO6vkrnR1NhHQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHxtnJkC6wFghc86zHO0YmZmyzStMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FlMGE5MTMyLWEzNmYtNGMwYS1iNDNmLTExN2Q4OTMyMzYxZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbausAwDQYJKoZIhvcNAQELBQADggEBAFJjzKPHIcdeLjE9HUd7 Kab/BFK41uw3I23DcRf4jOkIABYZYzVn0VN4O4aW4IWazqcrTtSLiLYrpGL9w+Fm Kk4CiOkVB7hZAcSGLbqDEOwz7xhTsns5TSYVY2Py3N5cNw6KWmVFP0p0woXEzCJC ZGBLqW4eFMjgXd79JK0HkxocixMgfQMeOaspbJmzZfARWvlntIIkyOAx/hUOgNx6 79kQ/qa1c6FtAB11WnOOSaOAvIb8YhHZsxvAptLABQdfGanXSSWpyCwCFzgjggXG 5AnusXQKEt3skNOjZ9sxr9kVKyRPkU43KM13s9Gz/VyJVp6sRU80fwYHA+g0wj1q 8Gs= -----END CERTIFICATE-----Generated at Sat Jun 13 09:15:59 2026 by rpki-client