$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/22827311-fc81-4898-abc1-b5908f6d3f8f.roa File: 22827311-fc81-4898-abc1-b5908f6d3f8f.roa (raw, json) Hash identifier: xdTMxWswK/5T09AKk+oJ99yjxQZnkn/Zuwwa6k+29m4= Subject key identifier: 93:D3:2B:90:85:96:D3:13:23:A1:FB:27:4B:A7:22:63:75:3A:0D:D5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 01763B0CE8C58D1DA2712568EE9C13C2704BD3F6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/22827311-fc81-4898-abc1-b5908f6d3f8f.roa Signing time: Sat 02 May 2026 00:10:25 +0000 ROA not before: Sat 02 May 2026 00:10:25 +0000 ROA not after: Fri 31 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:8880::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 07 May 2026 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:76:3b:0c:e8:c5:8d:1d:a2:71:25:68:ee:9c:13:c2:70:4b:d3:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:10:25 2026 GMT Not After : Jul 31 23:59:59 2026 GMT Subject: serialNumber=2f49264aa7afe0cbd2b8ca136f96f98c1aae9c05ec5fdf3b4bae5618da17a43f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:70:2f:4e:13:b6:6f:5c:cb:6e:5f:5c:cb:29: 1d:8f:f0:9a:d9:97:21:d4:7d:01:b9:7a:c0:50:e7: f5:78:21:a9:85:2a:15:98:e0:83:97:3d:9a:86:bd: 83:30:b4:ca:6c:4a:43:b1:48:a0:62:68:5f:ec:fe: 63:1c:9a:a3:da:16:39:19:87:c8:2f:4e:8e:30:0c: 0a:f4:c9:fb:6d:7c:73:c3:eb:21:b4:90:d1:62:12: 3c:ba:8d:17:44:a1:04:e3:70:cd:d5:d0:b7:56:af: 76:78:96:48:81:18:a5:cc:86:6b:c7:ae:28:a5:2c: 3c:b9:11:23:cb:50:e6:b2:e9:70:34:6a:2d:f8:7e: 9f:e3:f1:f7:d2:b8:a5:a0:26:74:f4:d5:6f:9c:da: ec:6d:24:c5:e4:94:94:1f:56:3c:3f:e7:fe:20:9d: 79:72:01:9e:31:97:2f:7d:c8:1b:33:d8:48:5c:f8: be:fa:53:24:63:64:13:45:48:59:2f:c7:b5:26:0f: 1e:20:1e:24:11:b4:06:25:91:da:a0:70:49:ed:d5: 27:fc:9f:29:81:7c:23:c4:f9:22:1f:bc:0d:dc:31: 69:46:d0:09:38:90:35:af:6a:54:16:f0:6c:79:de: d0:55:34:18:a3:d4:29:85:7f:fc:af:c7:01:58:06: ca:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:D3:2B:90:85:96:D3:13:23:A1:FB:27:4B:A7:22:63:75:3A:0D:D5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/22827311-fc81-4898-abc1-b5908f6d3f8f.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:8880::/46 Signature Algorithm: sha256WithRSAEncryption 4c:73:46:ce:76:b6:ca:ae:3e:2e:25:b0:a6:cc:ff:1e:cb:bf: 7b:a5:a1:82:cf:f5:87:61:62:0d:a2:12:1f:76:32:0e:c2:41: 87:6f:01:2c:f2:5d:d3:eb:83:14:bf:f6:5a:db:51:b2:69:60: 41:ec:63:54:8f:2f:ee:61:d1:cf:29:56:7a:fc:4d:59:23:63: c1:ff:f2:09:2c:5c:31:d8:f7:c7:49:a6:57:8a:00:b0:57:1c: 07:64:5d:e4:3c:e9:c4:3d:fd:b8:79:ec:24:2d:05:a3:94:1e: 80:f2:22:0b:1e:d8:f8:70:c1:d4:a5:27:2d:01:9d:3f:78:f6: 94:f4:01:b6:2c:0a:7d:30:fc:6e:5e:12:f8:04:1a:24:53:e0: c6:db:ab:0b:bd:b1:23:b9:c8:a2:2a:1e:9e:16:58:47:63:67: ca:d9:d5:57:96:7a:42:47:08:25:59:ec:b7:f3:5f:ef:ba:b6: e0:37:b0:54:9a:21:4c:cc:d3:63:45:82:3b:bb:1e:c5:f4:09: 4c:22:44:5b:70:79:f5:8c:bf:47:d3:2a:0d:62:44:90:9a:a1: 6e:7f:30:7d:f7:c6:17:72:14:55:10:3f:af:7a:12:04:57:22: be:06:53:55:bf:0d:f3:5b:b6:8e:b8:f6:8f:ef:90:d5:4f:2d: c2:7b:09:fe -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUAXY7DOjFjR2icSVo7pwTwnBL0/YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwMjAwMTAyNVoX DTI2MDczMTIzNTk1OVowejFJMEcGA1UEBRNAMmY0OTI2NGFhN2FmZTBjYmQyYjhj YTEzNmY5NmY5OGMxYWFlOWMwNWVjNWZkZjNiNGJhZTU2MThkYTE3YTQzZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3AvThO2b1zLbl9cyykdj/Ca2Zch 1H0BuXrAUOf1eCGphSoVmOCDlz2ahr2DMLTKbEpDsUigYmhf7P5jHJqj2hY5GYfI L06OMAwK9Mn7bXxzw+shtJDRYhI8uo0XRKEE43DN1dC3Vq92eJZIgRilzIZrx64o pSw8uREjy1DmsulwNGot+H6f4/H30riloCZ09NVvnNrsbSTF5JSUH1Y8P+f+IJ15 cgGeMZcvfcgbM9hIXPi++lMkY2QTRUhZL8e1Jg8eIB4kEbQGJZHaoHBJ7dUn/J8p gXwjxPkiH7wN3DFpRtAJOJA1r2pUFvBsed7QVTQYo9QphX/8r8cBWAbKgQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJPTK5CFltMTI6H7J0unImN1Og3VMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzIyODI3MzExLWZjODEtNDg5OC1hYmMxLWI1OTA4ZjZkM2Y4Zi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba84iAMA0GCSqGSIb3DQEBCwUAA4IBAQBMc0bOdrbKrj4uJbCm zP8ey797paGCz/WHYWINohIfdjIOwkGHbwEs8l3T64MUv/Za21GyaWBB7GNUjy/u YdHPKVZ6/E1ZI2PB//IJLFwx2PfHSaZXigCwVxwHZF3kPOnEPf24eewkLQWjlB6A 8iILHtj4cMHUpSctAZ0/ePaU9AG2LAp9MPxuXhL4BBokU+DG26sLvbEjuciiKh6e FlhHY2fK2dVXlnpCRwglWey381/vurbgN7BUmiFMzNNjRYI7ux7F9AlMIkRbcHn1 jL9H0yoNYkSQmqFufzB998YXchRVED+vehIEVyK+BlNVvw3zW7aOuPaP75DVTy3C ewn+ -----END CERTIFICATE-----Generated at Sun May 3 15:32:59 2026 by rpki-client