$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25a8d841-0fbc-4ced-ac4c-aeb5fe9ab816.roa File: 25a8d841-0fbc-4ced-ac4c-aeb5fe9ab816.roa (raw, json) Hash identifier: B89OJe30fIR9D1ps+DgHJGQLJsTTAH8rHCOpPrdDzcY= Subject key identifier: 1D:B2:9D:92:1F:BD:8A:D5:6D:C6:D9:00:C3:4E:19:12:D8:65:5A:3C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 336093B9DE3BB1037C40D47AAB810FA643089E24 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25a8d841-0fbc-4ced-ac4c-aeb5fe9ab816.roa Signing time: Wed 13 May 2026 00:01:29 +0000 ROA not before: Wed 13 May 2026 00:01:29 +0000 ROA not after: Tue 11 Aug 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daf4:c000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 May 2026 00:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:60:93:b9:de:3b:b1:03:7c:40:d4:7a:ab:81:0f:a6:43:08:9e:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 13 00:01:29 2026 GMT Not After : Aug 11 23:59:59 2026 GMT Subject: serialNumber=b59cd14875f3dbe059f95e4b83296535109e43259c7ad644769704c0f5e7b0bf, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:85:ab:50:d2:73:ef:21:b8:37:0e:1a:f2:05: 05:49:ba:85:0b:b5:26:a5:0e:fc:32:bf:9b:e0:a0: d1:15:ef:f6:af:b4:fe:43:a8:2d:ea:3a:5e:14:48: 98:ac:07:c8:41:6d:9b:a8:3c:f3:19:60:fe:1c:8f: bd:4a:f6:0e:18:81:71:03:8d:75:9e:69:4c:5c:45: f9:a1:59:54:9d:f5:87:5c:5a:f7:de:78:68:ed:34: 00:53:71:45:c5:ab:b0:ba:d1:c2:33:3f:bf:25:4f: 50:9c:fc:a4:97:6d:32:eb:2d:23:d6:72:62:46:98: bb:bf:17:8b:00:9f:0d:d4:a3:d7:69:99:0b:25:e4: 05:f8:fa:75:d2:2a:51:b1:8f:75:c2:85:0b:cd:78: 81:77:74:c7:30:ac:37:78:96:85:73:b1:5e:6f:46: 2c:2f:3a:70:de:8b:9f:d1:c2:e2:f9:77:21:f4:e9: fa:e8:3a:ae:be:92:f2:e1:23:af:0a:90:76:a2:b4: ba:32:91:ed:ee:49:5f:2f:04:92:2b:eb:c4:57:d6: 3a:e2:a0:8c:a0:f4:4c:99:01:df:fa:5b:ea:a2:d2: 16:1a:54:74:7e:55:08:93:97:98:de:ac:32:a6:34: 5a:52:8a:9d:75:88:1a:8a:f8:bd:d2:9d:85:4a:4d: b2:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:B2:9D:92:1F:BD:8A:D5:6D:C6:D9:00:C3:4E:19:12:D8:65:5A:3C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25a8d841-0fbc-4ced-ac4c-aeb5fe9ab816.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:c000::/40 Signature Algorithm: sha256WithRSAEncryption 91:57:74:dc:38:35:48:58:68:21:7e:51:f0:b5:2b:ac:b8:1d: c3:64:6d:ae:35:78:17:f5:69:ad:21:8e:85:41:74:d2:db:58: 15:42:4c:2a:d2:bd:6b:0d:51:fc:ac:82:c0:a4:c6:70:d7:01: 7e:0e:7e:17:07:30:4b:1d:b9:ac:7b:ca:36:da:60:6d:d3:fa: a3:72:b8:36:e1:d0:d6:8d:34:26:14:01:0f:7a:8c:2a:20:1a: 2e:c6:a9:e3:77:8a:1f:55:e3:6e:33:d0:4c:4b:0d:66:62:31: 24:ac:47:ad:08:5c:f5:42:58:80:12:3c:02:23:af:fa:32:a2: e7:e1:d0:d6:77:4d:80:7e:6f:fb:e1:e1:78:25:f7:d3:ac:b6: 81:4c:fe:cd:c5:3b:86:e4:bf:5e:85:0c:dd:83:28:6a:61:ff: 24:1a:2e:e5:aa:b7:4c:0b:e1:f6:b5:72:b9:86:73:c6:88:00: 84:01:44:36:9c:d6:c4:59:83:00:dd:42:41:c9:f5:c2:90:30: 67:55:54:66:43:0f:46:fb:fb:88:37:37:7c:6a:ca:3e:cc:ea: ee:5d:d3:dc:e7:75:d7:8a:3c:f3:1e:57:6c:30:8a:54:5e:95: 26:9b:1a:47:29:61:07:b9:cd:04:71:3f:39:dd:ad:fa:ee:d6: 21:4a:aa:db -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUM2CTud47sQN8QNR6q4EPpkMIniQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMzAwMDEyOVoX DTI2MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAYjU5Y2QxNDg3NWYzZGJlMDU5Zjk1 ZTRiODMyOTY1MzUxMDllNDMyNTljN2FkNjQ0NzY5NzA0YzBmNWU3YjBiZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4WrUNJz7yG4Nw4a8gUFSbqFC7Um pQ78Mr+b4KDRFe/2r7T+Q6gt6jpeFEiYrAfIQW2bqDzzGWD+HI+9SvYOGIFxA411 nmlMXEX5oVlUnfWHXFr33nho7TQAU3FFxauwutHCMz+/JU9QnPykl20y6y0j1nJi Rpi7vxeLAJ8N1KPXaZkLJeQF+Pp10ipRsY91woULzXiBd3THMKw3eJaFc7Feb0Ys Lzpw3ouf0cLi+Xch9On66DquvpLy4SOvCpB2orS6MpHt7klfLwSSK+vEV9Y64qCM oPRMmQHf+lvqotIWGlR0flUIk5eY3qwypjRaUoqddYgaivi90p2FSk2yywIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFB2ynZIfvYrVbcbZAMNOGRLYZVo8MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI1YThkODQxLTBmYmMtNGNlZC1hYzRjLWFlYjVmZTlhYjgxNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9MAwDQYJKoZIhvcNAQELBQADggEBAJFXdNw4NUhYaCF+UfC1 K6y4HcNkba41eBf1aa0hjoVBdNLbWBVCTCrSvWsNUfysgsCkxnDXAX4OfhcHMEsd uax7yjbaYG3T+qNyuDbh0NaNNCYUAQ96jCogGi7GqeN3ih9V424z0ExLDWZiMSSs R60IXPVCWIASPAIjr/oyoufh0NZ3TYB+b/vh4Xgl99OstoFM/s3FO4bkv16FDN2D KGph/yQaLuWqt0wL4fa1crmGc8aIAIQBRDac1sRZgwDdQkHJ9cKQMGdVVGZDD0b7 +4g3N3xqyj7M6u5d09znddeKPPMeV2wwilRelSabGkcpYQe5zQRxPzndrfru1iFK qts= -----END CERTIFICATE-----Generated at Fri May 22 14:19:12 2026 by rpki-client