$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b7148a1a-4b2d-4045-ae74-1ae201ddcacc.roa File: b7148a1a-4b2d-4045-ae74-1ae201ddcacc.roa (raw, json) Hash identifier: F+c8iPWG5RtX8W+RwaK1hQIdp1mjz9SOzAvGgwHkFuk= Subject key identifier: 03:D6:8D:F7:9B:C1:96:17:9D:12:9E:E3:65:BB:A0:97:55:01:AB:F7 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 2150F892B5EFD155D3F648E88CC4D194E48D802D Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b7148a1a-4b2d-4045-ae74-1ae201ddcacc.roa Signing time: Wed 13 May 2026 00:11:08 +0000 ROA not before: Wed 13 May 2026 00:11:08 +0000 ROA not after: Tue 11 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da68:b000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 17 Jun 2026 00:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:50:f8:92:b5:ef:d1:55:d3:f6:48:e8:8c:c4:d1:94:e4:8d:80:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:11:08 2026 GMT Not After : Aug 11 23:59:59 2026 GMT Subject: serialNumber=a1c631b3426a77352fb2ac501de6b2b43e444e883f4b352f262c71da4b70ab53, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:46:10:5b:8c:31:53:b8:f0:ea:86:63:1f:c0: 72:d1:07:94:fc:a4:b1:6b:11:4f:be:37:af:c0:bb: 26:14:20:34:7b:de:c3:05:b7:27:32:5e:79:8c:ee: 2d:32:4a:c2:1c:b4:bb:38:80:2a:83:54:72:da:4d: c0:10:2e:1c:24:6d:aa:91:ef:23:8e:58:d0:c1:59: 73:11:04:76:c8:70:b8:72:88:9b:a5:81:fb:d3:03: d0:ee:8c:78:23:b6:a5:ae:82:5a:99:74:1f:4d:f1: 3d:ce:0b:65:1d:8c:9a:73:b4:0d:5a:99:6f:d9:fd: 4c:f4:ad:8b:c7:3e:50:24:61:72:ca:53:a1:e8:63: ae:b7:22:d3:84:75:bc:8c:69:4f:60:d2:ae:99:26: 6b:5a:18:58:db:ee:73:b7:a5:d1:7a:e6:ac:8b:bb: 86:5b:b5:ce:96:ee:76:4e:72:8f:69:02:b8:32:fc: 43:13:f5:02:af:af:8d:1a:09:6b:af:d8:11:4e:dc: b8:bb:82:53:cd:f9:ac:14:25:32:71:10:65:73:b9: 10:9b:7f:ee:b1:67:fd:14:33:b2:07:4f:e1:1d:51: c8:b0:77:a5:02:38:cb:d3:07:49:3e:5d:63:a4:3f: 5a:5a:2e:33:e2:45:3a:d1:ea:32:bf:5a:1f:80:30: de:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:D6:8D:F7:9B:C1:96:17:9D:12:9E:E3:65:BB:A0:97:55:01:AB:F7 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b7148a1a-4b2d-4045-ae74-1ae201ddcacc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da68:b000::/40 Signature Algorithm: sha256WithRSAEncryption af:2b:89:dd:b5:f5:c7:36:73:4e:6a:0c:d2:4e:d4:69:79:5b: cf:32:92:1c:ba:6b:98:cd:bb:83:48:12:75:26:03:03:dc:66: 98:31:5b:28:bc:92:50:48:04:ae:ef:c6:c7:9d:e9:ed:bd:e0: e3:e3:df:51:69:cd:7d:38:6b:36:c8:e0:0f:20:d1:40:22:08: 34:b5:30:3c:cd:22:71:ab:9c:d8:06:ef:7f:1b:0e:34:18:33: cb:c9:90:bc:9c:1a:d5:f3:6c:8f:a0:5c:95:8e:67:ed:01:a7: 97:ad:0b:ea:39:e7:af:41:11:4f:72:3a:fa:31:91:8e:7f:a8: 4c:81:86:7c:70:0a:e9:91:4e:61:a4:eb:7a:9a:a6:5e:31:ae: bb:f5:01:b4:25:79:a8:eb:c8:e8:0b:c8:02:6b:67:94:b7:0d: b5:da:48:58:7b:06:9e:79:5d:a0:5f:e8:2d:77:17:94:be:48: 20:fb:27:87:09:7d:14:bb:ea:d2:65:54:26:0f:46:5d:3a:29: b4:96:3f:f4:68:fa:d2:07:b3:c1:cb:c2:af:43:c1:21:01:65: 55:33:ff:00:e5:8e:8a:22:f4:fc:9c:1c:b6:5b:61:79:cf:0c: bf:2d:a9:30:69:9a:50:56:06:88:d6:ee:a1:84:2e:ea:c1:69: bb:36:91:46 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUIVD4krXv0VXT9kjojMTRlOSNgC0wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMzAwMTEwOFoX DTI2MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAYTFjNjMxYjM0MjZhNzczNTJmYjJh YzUwMWRlNmIyYjQzZTQ0NGU4ODNmNGIzNTJmMjYyYzcxZGE0YjcwYWI1MzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUYQW4wxU7jw6oZjH8By0QeU/KSx axFPvjevwLsmFCA0e97DBbcnMl55jO4tMkrCHLS7OIAqg1Ry2k3AEC4cJG2qke8j jljQwVlzEQR2yHC4coibpYH70wPQ7ox4I7alroJamXQfTfE9zgtlHYyac7QNWplv 2f1M9K2Lxz5QJGFyylOh6GOutyLThHW8jGlPYNKumSZrWhhY2+5zt6XReuasi7uG W7XOlu52TnKPaQK4MvxDE/UCr6+NGglrr9gRTty4u4JTzfmsFCUycRBlc7kQm3/u sWf9FDOyB0/hHVHIsHelAjjL0wdJPl1jpD9aWi4z4kU60eoyv1ofgDDewwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFAPWjfebwZYXnRKe42W7oJdVAav3MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I3MTQ4YTFhLTRiMmQtNDA0NS1hZTc0LTFhZTIwMWRkY2FjYy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaaLAwDQYJKoZIhvcNAQELBQADggEBAK8rid219cc2c05qDNJO 1Gl5W88ykhy6a5jNu4NIEnUmAwPcZpgxWyi8klBIBK7vxsed6e294OPj31FpzX04 azbI4A8g0UAiCDS1MDzNInGrnNgG738bDjQYM8vJkLycGtXzbI+gXJWOZ+0Bp5et C+o5569BEU9yOvoxkY5/qEyBhnxwCumRTmGk63qapl4xrrv1AbQleajryOgLyAJr Z5S3DbXaSFh7Bp55XaBf6C13F5S+SCD7J4cJfRS76tJlVCYPRl06KbSWP/Ro+tIH s8HLwq9DwSEBZVUz/wDljooi9PycHLZbYXnPDL8tqTBpmlBWBojW7qGELurBabs2 kUY= -----END CERTIFICATE-----Generated at Sat Jun 13 10:26:41 2026 by rpki-client