$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/137d9d03-dc05-4253-8892-907b39d3007b.roa File: 137d9d03-dc05-4253-8892-907b39d3007b.roa (raw, json) Hash identifier: z0pvUi6DzLYX01V1M9Gp8ZpOkNFYaM3aZsrOG+0lQYA= Subject key identifier: FF:CC:3D:96:8A:C7:E5:B9:11:63:85:21:9C:9E:2A:98:1B:D2:DC:AC Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 505A9227160EAEF03C5A94031DD8A15EAC9BEBBA Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/137d9d03-dc05-4253-8892-907b39d3007b.roa Signing time: Fri 22 May 2026 16:53:51 +0000 ROA not before: Fri 22 May 2026 16:53:51 +0000 ROA not after: Thu 20 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dae0:c800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 May 2026 17:17:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:5a:92:27:16:0e:ae:f0:3c:5a:94:03:1d:d8:a1:5e:ac:9b:eb:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 22 16:53:51 2026 GMT Not After : Aug 20 23:59:59 2026 GMT Subject: serialNumber=d96336a3496a710d99ae7b0b762b300323ccc0a6eea9f2c25ea095d1d79cee14, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:df:ed:96:d5:9a:8d:05:b5:16:f0:71:19:30: 6d:0b:03:de:ba:14:e6:01:2a:0c:c6:cd:3d:7b:bd: 82:7c:99:e0:c0:41:a9:50:9c:2b:1d:61:8f:75:d3: 3c:09:b4:1c:f1:0b:4e:09:06:62:c8:81:a2:20:af: a2:08:08:45:0a:ab:7f:83:76:28:f5:63:d5:63:0c: 53:08:36:dd:34:76:71:83:74:ce:d3:c8:d4:04:b0: bf:23:bc:bc:ad:79:12:0c:82:ae:c6:5f:bb:dd:68: 75:e7:23:76:71:64:61:64:a1:41:11:f1:d6:73:e4: 1f:48:a4:eb:ee:3a:bb:bf:8c:44:aa:b9:b2:ab:a5: 87:7e:9d:17:05:77:01:cf:1f:93:32:04:15:c9:af: 8c:da:87:08:f2:60:79:ed:65:16:83:e7:4f:c0:cf: 03:b2:84:cf:37:0a:23:29:9e:02:2c:37:6c:8f:46: d1:a4:8c:dc:34:27:b3:68:47:0a:b4:08:ab:d2:cc: 30:61:77:39:93:cc:c8:02:c9:f7:63:85:46:d6:bd: 34:c1:60:00:88:ec:b8:c2:4e:55:c8:73:2d:c0:0f: 74:06:ee:a1:d8:85:d8:fd:7c:39:bd:cb:99:5d:b8: 39:36:d8:17:65:2e:87:c2:10:04:15:c3:76:93:c6: 2e:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:CC:3D:96:8A:C7:E5:B9:11:63:85:21:9C:9E:2A:98:1B:D2:DC:AC X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/137d9d03-dc05-4253-8892-907b39d3007b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dae0:c800::/40 Signature Algorithm: sha256WithRSAEncryption b1:05:e3:b7:79:d3:0b:eb:98:42:d1:b0:08:68:d1:01:1a:39: 50:ad:92:14:3d:49:b9:3b:94:f9:e6:c8:7e:6c:56:57:58:be: 15:fc:3f:14:8f:af:66:24:af:95:ba:f8:ad:b1:3c:0b:eb:d1: 0a:b6:3b:2a:ea:9b:f1:4b:91:ae:05:70:91:e7:81:0c:16:c3: b2:8f:c9:2a:2a:9b:ef:82:88:c4:a7:bd:a8:f6:cd:9e:d9:20: a0:24:aa:d3:f7:35:0c:af:43:bb:04:60:2b:9b:03:88:f5:9c: 74:06:40:24:3b:2e:91:87:08:77:f8:04:ba:d2:5a:83:19:b2: df:20:45:b1:12:37:05:b0:5a:10:c5:ff:5c:40:ad:c5:d7:a4: 66:e0:82:ad:92:f3:f1:b1:54:59:b0:2f:7a:18:4f:d0:d6:df: c6:98:8e:f2:83:7c:95:34:29:8f:67:20:eb:97:02:04:7c:7c: d9:4f:5a:19:aa:28:be:6f:e5:f0:24:7b:7d:1b:5c:90:20:8d: 95:4d:95:09:c1:37:46:7f:ea:6a:80:80:74:e5:c3:db:cf:eb: f3:41:ae:9b:d4:c5:e4:42:7e:a0:41:83:46:61:e6:6d:c5:64: 0e:2f:eb:eb:59:1e:c7:a4:cd:9c:04:33:1f:8b:e5:14:7b:cd: 9c:91:e3:77 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUUFqSJxYOrvA8WpQDHdihXqyb67owDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUyMjE2NTM1MVoX DTI2MDgyMDIzNTk1OVowejFJMEcGA1UEBRNAZDk2MzM2YTM0OTZhNzEwZDk5YWU3 YjBiNzYyYjMwMDMyM2NjYzBhNmVlYTlmMmMyNWVhMDk1ZDFkNzljZWUxNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst/tltWajQW1FvBxGTBtCwPeuhTm ASoMxs09e72CfJngwEGpUJwrHWGPddM8CbQc8QtOCQZiyIGiIK+iCAhFCqt/g3Yo 9WPVYwxTCDbdNHZxg3TO08jUBLC/I7y8rXkSDIKuxl+73Wh15yN2cWRhZKFBEfHW c+QfSKTr7jq7v4xEqrmyq6WHfp0XBXcBzx+TMgQVya+M2ocI8mB57WUWg+dPwM8D soTPNwojKZ4CLDdsj0bRpIzcNCezaEcKtAir0swwYXc5k8zIAsn3Y4VG1r00wWAA iOy4wk5VyHMtwA90Bu6h2IXY/Xw5vcuZXbg5NtgXZS6HwhAEFcN2k8YuFQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFP/MPZaKx+W5EWOFIZyeKpgb0tysMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzEzN2Q5ZDAzLWRjMDUtNDI1My04ODkyLTkwN2IzOWQzMDA3Yi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba4MgwDQYJKoZIhvcNAQELBQADggEBALEF47d50wvrmELRsAho 0QEaOVCtkhQ9Sbk7lPnmyH5sVldYvhX8PxSPr2Ykr5W6+K2xPAvr0Qq2Oyrqm/FL ka4FcJHngQwWw7KPySoqm++CiMSnvaj2zZ7ZIKAkqtP3NQyvQ7sEYCubA4j1nHQG QCQ7LpGHCHf4BLrSWoMZst8gRbESNwWwWhDF/1xArcXXpGbggq2S8/GxVFmwL3oY T9DW38aYjvKDfJU0KY9nIOuXAgR8fNlPWhmqKL5v5fAke30bXJAgjZVNlQnBN0Z/ 6mqAgHTlw9vP6/NBrpvUxeRCfqBBg0Zh5m3FZA4v6+tZHsekzZwEMx+L5RR7zZyR 43c= -----END CERTIFICATE-----Generated at Sun May 24 12:19:53 2026 by rpki-client