$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4afcfbcc-a6d2-42d7-bee5-3b08bf62a861.roa File: 4afcfbcc-a6d2-42d7-bee5-3b08bf62a861.roa (raw, json) Hash identifier: qYSpBcbD4TUvXPsFvNfbXv/5tbTGvIJwbgKrA0UaqvM= Subject key identifier: A2:B9:7F:B5:24:4A:0D:E3:48:4E:A0:CF:69:17:3A:49:76:9B:C6:88 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 64F5DA9CD9359174169217BFEEC90E29B052A0C7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4afcfbcc-a6d2-42d7-bee5-3b08bf62a861.roa Signing time: Sat 02 May 2026 00:20:59 +0000 ROA not before: Sat 02 May 2026 00:20:59 +0000 ROA not after: Fri 31 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:a080::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 07 May 2026 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:f5:da:9c:d9:35:91:74:16:92:17:bf:ee:c9:0e:29:b0:52:a0:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:20:59 2026 GMT Not After : Jul 31 23:59:59 2026 GMT Subject: serialNumber=257c81226f194122a00c8e1c07439d6bc407ce519d29cf26bcaf58fa688eb0d6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:d4:18:1e:96:8e:e4:e8:88:a9:75:6a:8c:31: 1a:4f:c2:fc:8d:c5:ab:56:8a:32:f9:ac:e9:df:2d: 41:ce:b7:f8:a1:d8:3d:e3:01:5a:66:cd:7e:38:8f: c8:8c:7c:1c:5f:5d:08:39:9b:c6:bc:f7:78:a8:20: f0:3e:49:0d:a1:33:d8:f6:e8:08:e3:1d:d1:91:c1: 37:bb:48:90:2b:93:e1:a0:ee:76:36:3f:3a:18:02: aa:24:3a:b9:35:60:55:a3:a5:b9:b2:99:52:2c:2a: c9:c3:8d:97:e2:17:0b:4b:63:0f:36:d1:e8:bf:38: 80:15:89:46:f7:86:38:e9:9d:cd:43:dd:fd:e6:5e: f4:6d:9f:e7:06:80:d0:14:41:96:a5:24:b7:98:bc: bd:c9:36:d4:ec:a3:a7:0c:d9:b2:c7:ce:03:fa:ac: b0:84:69:63:24:4e:0c:52:f3:c5:84:51:3c:3a:90: e0:9c:46:5c:ee:97:0e:ff:64:a1:a2:38:43:98:ed: 3d:4a:63:b8:45:b3:47:48:72:48:5e:3f:0c:9a:cd: 17:5f:a5:82:4c:9b:8c:04:4b:f3:45:f1:5c:ef:65: 22:30:f8:14:97:81:d8:6c:5a:4c:7c:1b:17:ea:50: 5d:92:06:81:59:c8:f5:6b:a5:f7:f3:30:d9:b8:25: 48:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:B9:7F:B5:24:4A:0D:E3:48:4E:A0:CF:69:17:3A:49:76:9B:C6:88 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4afcfbcc-a6d2-42d7-bee5-3b08bf62a861.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:a080::/46 Signature Algorithm: sha256WithRSAEncryption 96:b3:c9:b0:49:13:91:56:d8:78:8d:2c:75:24:d2:6a:1a:35: 06:67:c8:de:55:9e:1c:7e:e8:48:1f:a4:63:cc:3f:d0:12:a1: 24:fa:4d:d7:ce:06:6b:6c:61:e1:1f:da:bd:66:43:81:f4:bc: 7a:9b:8a:f7:ae:80:31:92:2e:cd:02:da:1b:4f:a6:67:0b:77: ba:86:ea:3a:97:90:44:55:c9:37:63:dd:aa:aa:54:4d:b3:c8: a1:6a:71:26:fc:38:8b:dd:d7:c0:4a:ec:8c:86:5f:a4:a9:4c: 5d:d0:00:2a:ca:cf:eb:79:95:1c:c1:18:8c:59:ac:36:ad:4d: 0b:55:36:99:07:74:bb:fd:d7:29:43:e9:70:e2:95:26:db:5e: 71:ce:d9:79:05:99:b1:fa:c2:68:c0:84:5a:7d:95:a6:1b:59: 3e:fc:5f:61:b4:01:77:8c:c5:5d:c2:39:e9:55:fa:d9:73:76: f5:07:e7:0d:55:ce:5c:8f:96:b6:80:68:f4:8c:4f:6e:59:d0: 77:48:db:22:2e:10:15:a1:7a:4b:da:99:8d:5e:2f:6d:15:22: 34:79:68:66:25:26:07:a9:50:ab:95:84:08:5f:42:96:b9:3d: 17:a1:d4:9c:d5:de:64:b4:30:75:a5:32:21:10:9b:27:2a:20: 52:a0:54:44 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUZPXanNk1kXQWkhe/7skOKbBSoMcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwMjAwMjA1OVoX DTI2MDczMTIzNTk1OVowejFJMEcGA1UEBRNAMjU3YzgxMjI2ZjE5NDEyMmEwMGM4 ZTFjMDc0MzlkNmJjNDA3Y2U1MTlkMjljZjI2YmNhZjU4ZmE2ODhlYjBkNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9QYHpaO5OiIqXVqjDEaT8L8jcWr Vooy+azp3y1Bzrf4odg94wFaZs1+OI/IjHwcX10IOZvGvPd4qCDwPkkNoTPY9ugI 4x3RkcE3u0iQK5PhoO52Nj86GAKqJDq5NWBVo6W5splSLCrJw42X4hcLS2MPNtHo vziAFYlG94Y46Z3NQ9395l70bZ/nBoDQFEGWpSS3mLy9yTbU7KOnDNmyx84D+qyw hGljJE4MUvPFhFE8OpDgnEZc7pcO/2ShojhDmO09SmO4RbNHSHJIXj8Mms0XX6WC TJuMBEvzRfFc72UiMPgUl4HYbFpMfBsX6lBdkgaBWcj1a6X38zDZuCVIXwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFKK5f7UkSg3jSE6gz2kXOkl2m8aIMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzRhZmNmYmNjLWE2ZDItNDJkNy1iZWU1LTNiMDhiZjYyYTg2MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba86CAMA0GCSqGSIb3DQEBCwUAA4IBAQCWs8mwSRORVth4jSx1 JNJqGjUGZ8jeVZ4cfuhIH6RjzD/QEqEk+k3XzgZrbGHhH9q9ZkOB9Lx6m4r3roAx ki7NAtobT6ZnC3e6huo6l5BEVck3Y92qqlRNs8ihanEm/DiL3dfASuyMhl+kqUxd 0AAqys/reZUcwRiMWaw2rU0LVTaZB3S7/dcpQ+lw4pUm215xztl5BZmx+sJowIRa fZWmG1k+/F9htAF3jMVdwjnpVfrZc3b1B+cNVc5cj5a2gGj0jE9uWdB3SNsiLhAV oXpL2pmNXi9tFSI0eWhmJSYHqVCrlYQIX0KWuT0XodSc1d5ktDB1pTIhEJsnKiBS oFRE -----END CERTIFICATE-----Generated at Sun May 3 15:23:48 2026 by rpki-client