$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/28c7fdef-48c4-4f4a-8efa-48ddf73bdfb6.roa File: 28c7fdef-48c4-4f4a-8efa-48ddf73bdfb6.roa (raw, json) Hash identifier: O+w07Jod9lZ3ZcBax+6Wx2K9IjrZ2HDR986fIUjalLU= Subject key identifier: 79:79:7D:C1:30:81:F5:13:74:8E:21:8F:21:1E:0E:60:0D:17:0C:BE Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0BC4948A60134499A79E60FD7EE46709AC95EE94 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/28c7fdef-48c4-4f4a-8efa-48ddf73bdfb6.roa Signing time: Fri 22 May 2026 17:01:33 +0000 ROA not before: Fri 22 May 2026 17:01:33 +0000 ROA not after: Thu 20 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dae8:90c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 May 2026 17:17:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:c4:94:8a:60:13:44:99:a7:9e:60:fd:7e:e4:67:09:ac:95:ee:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 22 17:01:33 2026 GMT Not After : Aug 20 23:59:59 2026 GMT Subject: serialNumber=6e115d8bf00765be7158d592509a8718b9d024d91659b17b1fc98e8c0d0f2a99, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:5a:54:c1:c1:0f:71:93:7b:e5:57:75:a0:37: 77:54:eb:63:55:bb:ac:30:7d:12:75:9f:35:be:ae: f2:bf:9a:66:56:d4:69:0e:7d:bc:bb:9e:ab:05:4e: 26:32:78:74:8f:15:fc:df:05:b3:47:ed:48:e6:a9: 96:79:dd:39:57:ae:3f:b1:cd:e1:53:16:56:73:31: 17:eb:d3:20:69:36:67:c3:fd:9a:cd:76:af:26:0e: 61:91:78:cf:12:88:1f:24:70:56:ea:62:b1:13:9c: 3d:e1:e2:09:6c:c5:ca:4c:d5:25:54:aa:fe:35:a5: 73:8b:79:eb:bb:04:71:9c:1a:c5:ee:83:12:e3:68: ea:59:5b:bf:51:5e:24:ee:cc:28:b6:35:a8:09:12: 8d:1d:8b:0f:a4:b5:4a:e2:9e:8c:d4:16:50:89:22: ed:54:64:0b:01:d2:31:2d:13:1f:62:9b:70:4e:09: 28:e8:72:ec:15:7f:1b:78:9b:ec:50:20:21:d6:e8: 24:8a:90:41:fd:53:97:8f:2e:b0:3d:4d:c2:b6:59: a8:6e:26:9e:81:9e:5c:01:db:3d:ed:4d:9d:98:94: f6:1c:42:1e:ec:5a:e2:f2:96:a8:96:63:7c:3e:f8: e6:30:dd:18:9c:37:31:88:8c:8b:e7:57:9c:57:5b: 96:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:79:7D:C1:30:81:F5:13:74:8E:21:8F:21:1E:0E:60:0D:17:0C:BE X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/28c7fdef-48c4-4f4a-8efa-48ddf73bdfb6.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dae8:90c0::/48 Signature Algorithm: sha256WithRSAEncryption 1d:63:06:04:78:5d:df:86:df:d7:6f:ef:2b:da:2b:da:d2:9a: 6e:d9:52:16:e7:65:a0:2e:5c:93:63:4b:2c:09:a3:9e:48:ec: 3a:aa:55:22:c2:5d:8a:8e:de:0e:54:40:aa:0c:b8:61:2b:e7: bd:e4:5f:83:c0:f9:58:24:8a:88:58:fe:3a:6e:32:0e:b8:9e: 26:0a:0a:ec:cf:98:0f:45:7f:36:f9:74:99:63:a0:0e:cb:74: b0:99:22:8b:30:b9:1b:25:7d:c6:5d:be:ba:ca:bc:ae:d2:0b: d8:49:75:c0:08:a8:33:41:b6:9d:7b:32:ba:8e:20:97:26:51: c1:1b:4d:55:eb:f4:85:43:e9:7d:ea:97:ca:f4:60:de:08:9a: c7:bc:77:20:a6:2d:64:5a:24:97:c9:e1:d5:44:be:28:fc:b3: 85:1a:10:e5:bb:71:90:ab:36:97:85:f1:03:f9:0a:1b:cb:70: ae:e0:fe:1d:f8:54:f5:e4:47:39:01:8f:c2:23:86:0f:ff:98: 01:8a:1e:50:97:75:60:e0:1a:57:01:a7:ce:0c:32:62:60:05: 11:f2:f0:6a:21:7d:65:df:87:17:da:cf:27:75:79:2d:03:d0: e2:48:86:fb:18:6e:49:11:6b:1f:15:22:65:f4:cd:5d:fd:3d: 2c:6a:cf:41 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUC8SUimATRJmnnmD9fuRnCayV7pQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUyMjE3MDEzM1oX DTI2MDgyMDIzNTk1OVowejFJMEcGA1UEBRNANmUxMTVkOGJmMDA3NjViZTcxNThk NTkyNTA5YTg3MThiOWQwMjRkOTE2NTliMTdiMWZjOThlOGMwZDBmMmE5OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFpUwcEPcZN75Vd1oDd3VOtjVbus MH0SdZ81vq7yv5pmVtRpDn28u56rBU4mMnh0jxX83wWzR+1I5qmWed05V64/sc3h UxZWczEX69MgaTZnw/2azXavJg5hkXjPEogfJHBW6mKxE5w94eIJbMXKTNUlVKr+ NaVzi3nruwRxnBrF7oMS42jqWVu/UV4k7swotjWoCRKNHYsPpLVK4p6M1BZQiSLt VGQLAdIxLRMfYptwTgko6HLsFX8beJvsUCAh1ugkipBB/VOXjy6wPU3Ctlmobiae gZ5cAds97U2dmJT2HEIe7Fri8paolmN8PvjmMN0YnDcxiIyL51ecV1uWhwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFHl5fcEwgfUTdI4hjyEeDmANFwy+MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzI4YzdmZGVmLTQ4YzQtNGY0YS04ZWZhLTQ4ZGRmNzNiZGZiNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6JDAMA0GCSqGSIb3DQEBCwUAA4IBAQAdYwYEeF3fht/Xb+8r 2iva0ppu2VIW52WgLlyTY0ssCaOeSOw6qlUiwl2Kjt4OVECqDLhhK+e95F+DwPlY JIqIWP46bjIOuJ4mCgrsz5gPRX82+XSZY6AOy3SwmSKLMLkbJX3GXb66yryu0gvY SXXACKgzQbadezK6jiCXJlHBG01V6/SFQ+l96pfK9GDeCJrHvHcgpi1kWiSXyeHV RL4o/LOFGhDlu3GQqzaXhfED+Qoby3Cu4P4d+FT15Ec5AY/CI4YP/5gBih5Ql3Vg 4BpXAafODDJiYAUR8vBqIX1l34cX2s8ndXktA9DiSIb7GG5JEWsfFSJl9M1d/T0s as9B -----END CERTIFICATE-----Generated at Sun May 24 12:18:43 2026 by rpki-client