$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7d88569-acfe-4860-8c8b-12796717e34f.roa File: c7d88569-acfe-4860-8c8b-12796717e34f.roa (raw, json) Hash identifier: ugG3VMf/4Zlx0fM2PsdJiKVDnbVU989scXo87H1YD+E= Subject key identifier: 93:4D:BA:CD:DD:62:1B:F8:46:A5:BA:AC:2D:83:EB:5A:DC:D4:1B:EF Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3DF96B4B0324EF8A420E2E1728ED497DED30D3EB Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7d88569-acfe-4860-8c8b-12796717e34f.roa Signing time: Sun 31 May 2026 00:20:50 +0000 ROA not before: Sun 31 May 2026 00:20:50 +0000 ROA not after: Sat 29 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dae9:a080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 21 Jun 2026 00:02:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:f9:6b:4b:03:24:ef:8a:42:0e:2e:17:28:ed:49:7d:ed:30:d3:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 31 00:20:50 2026 GMT Not After : Aug 29 23:59:59 2026 GMT Subject: serialNumber=d023185aa94a68d65dd6c51fbda95dc35a0e2ef0f89b03df3dfff4f949d63e64, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:38:22:87:fc:ef:10:ef:13:14:d9:b4:51:8a: 3b:52:7c:a0:57:59:e7:cc:0c:2e:a5:47:aa:fe:d0: 6d:a2:f9:5d:0a:cf:19:63:51:1c:d0:7f:0a:19:27: 57:5b:a4:59:72:56:f3:7c:65:e8:ef:9c:fd:ab:fc: ff:7d:4a:e1:5c:ef:61:17:d9:04:b1:bb:8b:2e:b9: ef:5a:7e:f8:0e:a0:f8:28:9a:c5:64:8d:74:70:cc: 79:31:bb:36:f6:0e:4f:8d:83:f9:b5:49:7a:fb:de: 7b:ad:54:6f:2e:1a:9c:79:ff:26:2d:9d:47:77:ff: 88:6f:b7:8e:3e:44:33:92:99:73:ce:d9:1d:f2:bd: 65:f9:50:c3:26:9b:47:9c:13:9e:a1:f9:75:0f:b6: 03:b9:fa:cd:8b:52:fa:34:3c:ef:c9:d4:0a:08:c8: 98:04:56:f4:6d:c3:e0:85:8c:23:c5:d2:79:62:d4: 4e:5d:4c:42:53:1c:5d:53:5c:8f:5b:af:83:3e:98: c6:49:bc:73:78:3c:12:48:67:26:d7:f4:65:6a:04: 15:40:55:a8:cc:17:45:5e:76:1d:c9:ce:1d:c4:48: 6f:cb:0a:49:96:a9:eb:da:da:75:03:04:db:1a:c5: 00:47:1a:f5:ee:92:19:19:2f:1c:61:cc:a0:44:f5: e9:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:4D:BA:CD:DD:62:1B:F8:46:A5:BA:AC:2D:83:EB:5A:DC:D4:1B:EF X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c7d88569-acfe-4860-8c8b-12796717e34f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dae9:a080::/48 Signature Algorithm: sha256WithRSAEncryption bd:b1:9a:b9:df:76:d5:14:15:25:36:75:77:cc:34:86:e0:7f: 95:7e:ba:3b:f7:f7:87:9f:68:36:51:04:51:a1:ec:e0:a6:de: d6:3a:0d:07:53:d9:85:f7:ee:f6:e3:ba:a1:bf:95:33:a0:32: e3:54:31:0f:20:21:a0:f9:47:d2:28:ed:11:3b:fb:02:ee:bd: e7:45:e5:00:b6:d3:e1:35:9f:ce:b5:1e:78:b0:f1:ee:53:8b: 6d:e1:a3:62:55:42:49:50:44:5d:cc:81:9d:44:17:4c:f4:5a: 39:9e:90:ba:3d:7f:ce:1f:4c:b0:7d:a1:0c:bd:cb:24:ee:c3: c8:66:e1:50:82:5d:9e:16:30:9f:20:57:a9:72:f0:9e:3c:42: bc:12:42:10:0f:36:48:c8:76:11:1d:bd:7c:5a:f1:47:e9:bd: fc:87:a5:96:45:0a:4e:f3:60:c0:59:12:69:ca:b4:79:d8:6b: a9:26:2a:5d:fc:c8:b9:5f:fd:bf:eb:12:d9:ee:d4:e7:c5:5d: f8:1d:7c:1f:83:c6:8d:fb:66:a0:23:8a:0f:13:34:5c:3e:a4: 38:c0:47:76:dc:91:97:87:3c:70:2a:df:2a:94:77:93:c9:39: 71:d7:b3:ee:5f:7d:9b:8f:96:85:91:ba:d6:95:65:aa:fd:2c: aa:bb:29:7a -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUPflrSwMk74pCDi4XKO1Jfe0w0+swDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUzMTAwMjA1MFoX DTI2MDgyOTIzNTk1OVowejFJMEcGA1UEBRNAZDAyMzE4NWFhOTRhNjhkNjVkZDZj NTFmYmRhOTVkYzM1YTBlMmVmMGY4OWIwM2RmM2RmZmY0Zjk0OWQ2M2U2NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTgih/zvEO8TFNm0UYo7UnygV1nn zAwupUeq/tBtovldCs8ZY1Ec0H8KGSdXW6RZclbzfGXo75z9q/z/fUrhXO9hF9kE sbuLLrnvWn74DqD4KJrFZI10cMx5Mbs29g5PjYP5tUl6+957rVRvLhqcef8mLZ1H d/+Ib7eOPkQzkplzztkd8r1l+VDDJptHnBOeofl1D7YDufrNi1L6NDzvydQKCMiY BFb0bcPghYwjxdJ5YtROXUxCUxxdU1yPW6+DPpjGSbxzeDwSSGcm1/RlagQVQFWo zBdFXnYdyc4dxEhvywpJlqnr2tp1AwTbGsUARxr17pIZGS8cYcygRPXpEQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJNNus3dYhv4RqW6rC2D61rc1BvvMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2M3ZDg4NTY5LWFjZmUtNDg2MC04YzhiLTEyNzk2NzE3ZTM0Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6aCAMA0GCSqGSIb3DQEBCwUAA4IBAQC9sZq533bVFBUlNnV3 zDSG4H+Vfro79/eHn2g2UQRRoezgpt7WOg0HU9mF9+7247qhv5UzoDLjVDEPICGg +UfSKO0RO/sC7r3nReUAttPhNZ/OtR54sPHuU4tt4aNiVUJJUERdzIGdRBdM9Fo5 npC6PX/OH0ywfaEMvcsk7sPIZuFQgl2eFjCfIFepcvCePEK8EkIQDzZIyHYRHb18 WvFH6b38h6WWRQpO82DAWRJpyrR52GupJipd/Mi5X/2/6xLZ7tTnxV34HXwfg8aN +2agI4oPEzRcPqQ4wEd23JGXhzxwKt8qlHeTyTlx17PuX32bj5aFkbrWlWWq/Syq uyl6 -----END CERTIFICATE-----Generated at Wed Jun 17 09:02:49 2026 by rpki-client