$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/498f6dc3-db03-415e-b534-d74ca6f01901.roa File: 498f6dc3-db03-415e-b534-d74ca6f01901.roa (raw, json) Hash identifier: XsjRy8IbZpWA+bQ9HVM5sbGvFqPDl6FrgQtZdUFTMK4= Subject key identifier: 96:A1:04:A1:30:F8:56:97:27:4B:C4:04:2B:F9:DF:35:C3:68:D6:17 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 55B6DD5BDDE26A21321242D8EEF6A143C7DAAE07 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/498f6dc3-db03-415e-b534-d74ca6f01901.roa Signing time: Fri 01 May 2026 00:00:07 +0000 ROA not before: Fri 01 May 2026 00:00:07 +0000 ROA not after: Thu 30 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:2000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 07 May 2026 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:b6:dd:5b:dd:e2:6a:21:32:12:42:d8:ee:f6:a1:43:c7:da:ae:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 1 00:00:07 2026 GMT Not After : Jul 30 23:59:59 2026 GMT Subject: serialNumber=9f36b6be706438646f84ac5359fbe4b3a71c960f7ca307e1ede9b409e563ebe0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:a5:2b:ef:24:69:34:41:77:49:6c:b2:d3:68: 23:05:62:ba:f4:30:ec:88:62:97:8e:95:c8:7f:bb: b7:9f:19:1f:86:ca:a9:60:f0:f6:e3:02:05:88:81: 26:5e:59:75:c9:78:ae:b2:79:19:66:7b:a9:c0:83: 20:55:f2:3c:94:de:33:1f:08:0b:7f:46:4a:9d:8a: de:87:ac:ee:23:e3:fb:e7:39:a2:43:4e:d5:49:20: c7:1c:6c:82:fa:ff:d6:f2:fe:05:5c:c8:02:a9:00: 7e:27:5e:01:35:cb:6f:bf:f4:0e:7f:65:b0:7a:d3: e6:3b:ab:c5:76:0f:0b:33:64:3f:c1:97:81:1b:d4: 64:cc:fa:98:65:d8:bb:21:3c:ce:49:af:ba:8a:0f: a9:e3:e1:3a:97:27:88:4e:87:ac:0d:9d:51:f9:1f: 4c:4c:e2:d4:d2:0e:0e:73:20:a3:6d:9f:cf:42:8c: 85:32:57:74:71:0c:f4:b0:e9:d5:af:c9:e8:2f:94: 23:bd:35:7e:d2:a1:02:00:77:c4:4c:b0:dd:9d:0a: 7e:4d:57:80:22:a4:d5:41:7b:62:99:03:10:0c:59: 21:d1:e4:2e:9d:34:70:ec:0a:ff:c8:86:5e:aa:9a: df:e4:8d:5a:67:70:47:cc:61:24:05:d0:8d:01:a9: c8:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:A1:04:A1:30:F8:56:97:27:4B:C4:04:2B:F9:DF:35:C3:68:D6:17 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/498f6dc3-db03-415e-b534-d74ca6f01901.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:2000::/40 Signature Algorithm: sha256WithRSAEncryption 87:da:cd:e2:7c:c0:1e:7f:85:13:0e:58:f9:da:44:ca:98:76: d9:2f:f8:1a:b1:94:0c:6f:65:c6:2b:79:ec:9d:79:96:39:ec: 79:70:7b:53:06:bb:81:2b:b6:ce:e8:9d:ec:51:ce:cc:ab:e9: 30:14:12:06:93:67:8f:89:55:70:a2:0c:04:6d:6e:2b:a2:6f: db:80:7a:c7:17:f5:a8:eb:fc:33:a7:2d:78:92:a5:6d:5c:98: 9c:f6:0a:b1:9e:60:46:1c:4d:d2:c9:72:8c:a7:03:e4:0c:43: d2:21:e1:90:49:ac:ba:1e:ec:49:45:3d:15:c9:ac:0d:78:06: b6:73:7b:41:bc:0d:f3:7e:4c:e5:a8:37:c2:3f:5c:70:35:5c: 8a:92:63:2d:aa:b6:17:09:81:8e:01:d1:b7:e7:e4:35:9f:c2: 09:96:6c:44:fc:9c:85:31:8f:a2:de:ab:9a:8a:03:9f:17:e7: b9:e0:1f:a1:12:c5:62:50:b0:58:a6:25:cc:a4:86:79:af:af: cc:1f:04:aa:d9:97:8e:00:e4:f1:a4:26:f0:2a:6d:6d:1b:f7: ae:cd:2a:02:84:b0:59:eb:a2:53:68:6a:82:11:5c:33:33:a4: c5:44:7e:d9:cd:7f:ec:9b:6f:89:81:ac:c9:d6:eb:cc:cd:79: c4:3d:ad:3f -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUVbbdW93iaiEyEkLY7vahQ8fargcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwMTAwMDAwN1oX DTI2MDczMDIzNTk1OVowejFJMEcGA1UEBRNAOWYzNmI2YmU3MDY0Mzg2NDZmODRh YzUzNTlmYmU0YjNhNzFjOTYwZjdjYTMwN2UxZWRlOWI0MDllNTYzZWJlMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaUr7yRpNEF3SWyy02gjBWK69DDs iGKXjpXIf7u3nxkfhsqpYPD24wIFiIEmXll1yXiusnkZZnupwIMgVfI8lN4zHwgL f0ZKnYreh6zuI+P75zmiQ07VSSDHHGyC+v/W8v4FXMgCqQB+J14BNctvv/QOf2Ww etPmO6vFdg8LM2Q/wZeBG9RkzPqYZdi7ITzOSa+6ig+p4+E6lyeIToesDZ1R+R9M TOLU0g4OcyCjbZ/PQoyFMld0cQz0sOnVr8noL5QjvTV+0qECAHfETLDdnQp+TVeA IqTVQXtimQMQDFkh0eQunTRw7Ar/yIZeqprf5I1aZ3BHzGEkBdCNAanI4QIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJahBKEw+FaXJ0vEBCv53zXDaNYXMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQ5OGY2ZGMzLWRiMDMtNDE1ZS1iNTM0LWQ3NGNhNmYwMTkwMS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMiAwDQYJKoZIhvcNAQELBQADggEBAIfazeJ8wB5/hRMOWPna RMqYdtkv+BqxlAxvZcYreeydeZY57Hlwe1MGu4Erts7onexRzsyr6TAUEgaTZ4+J VXCiDARtbiuib9uAescX9ajr/DOnLXiSpW1cmJz2CrGeYEYcTdLJcoynA+QMQ9Ih 4ZBJrLoe7ElFPRXJrA14BrZze0G8DfN+TOWoN8I/XHA1XIqSYy2qthcJgY4B0bfn 5DWfwgmWbET8nIUxj6Leq5qKA58X57ngH6ESxWJQsFimJcykhnmvr8wfBKrZl44A 5PGkJvAqbW0b967NKgKEsFnrolNoaoIRXDMzpMVEftnNf+ybb4mBrMnW68zNecQ9 rT8= -----END CERTIFICATE-----Generated at Sun May 3 16:52:50 2026 by rpki-client