$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5e2e2a48-a4b5-497a-978d-68330e53db91.roa File: 5e2e2a48-a4b5-497a-978d-68330e53db91.roa (raw, json) Hash identifier: bcbpvwsfIxPqOHc23j5c9gEp5ujzrqEZvD1qJhHoTbE= Subject key identifier: 7B:B4:9A:DB:04:6A:35:57:AF:5C:1B:63:EE:1E:9F:3D:BA:A0:4D:BD Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 78740DD14A803C8CCD62F48CEE2968EDCDD61EA6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5e2e2a48-a4b5-497a-978d-68330e53db91.roa Signing time: Tue 19 May 2026 00:00:41 +0000 ROA not before: Tue 19 May 2026 00:00:41 +0000 ROA not after: Mon 17 Aug 2026 23:59:59 +0000 asID: 14618 IP address blocks: 2406:daef:f000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 26 May 2026 00:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:74:0d:d1:4a:80:3c:8c:cd:62:f4:8c:ee:29:68:ed:cd:d6:1e:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 19 00:00:41 2026 GMT Not After : Aug 17 23:59:59 2026 GMT Subject: serialNumber=7adb6832693984059b76d8c9b0dfa5f9d0ea8383b921f0e335f38f5644fb819a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:42:1e:d4:66:c5:80:91:cf:f0:20:5d:fa:4b: a8:7e:79:fb:a7:65:64:ba:bc:c3:5a:5d:9c:da:d3: f2:74:f3:a1:ac:0b:13:7d:4c:55:d2:9e:d9:98:24: 95:d3:ee:9c:1f:ca:e7:78:b7:a3:ae:2b:34:fd:25: 94:15:17:70:a6:a8:e4:f7:cf:60:a4:78:fd:b5:85: 30:31:47:e9:3d:dd:1e:c5:61:3a:a7:ca:98:99:32: d5:1b:d9:d5:8b:74:f4:60:19:aa:22:ed:63:ff:f2: b4:6c:24:f1:d2:c2:be:07:15:f6:67:aa:24:57:34: 15:96:56:77:cc:93:39:89:77:3e:c3:41:02:ed:b7: 4d:07:ef:f3:97:7f:e9:20:b2:1a:a2:91:dc:8b:b2: a3:37:ff:d5:b5:08:91:85:ab:48:8d:ca:0a:76:3d: 28:cf:47:c4:80:db:8b:51:53:f3:9b:09:72:8a:c2: e3:b0:42:1a:10:35:a9:83:67:4f:2f:cd:88:0f:3f: 5d:63:fe:1d:ce:8e:d5:8e:e5:6d:9f:91:df:d6:69: d5:d9:d7:68:c1:ce:3e:62:d1:84:52:5f:f7:f4:e8: ea:50:9e:d6:54:4a:4a:27:36:a7:85:0f:6c:54:f7: fa:4d:c1:89:c5:1a:c1:f2:84:55:a3:22:be:95:6e: c8:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:B4:9A:DB:04:6A:35:57:AF:5C:1B:63:EE:1E:9F:3D:BA:A0:4D:BD X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5e2e2a48-a4b5-497a-978d-68330e53db91.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daef:f000::/40 Signature Algorithm: sha256WithRSAEncryption 46:4d:a6:7d:a3:03:53:3f:1c:01:0f:3a:0f:96:2d:24:4d:86: a9:2e:a9:f9:d2:f8:a8:5c:ab:e8:01:9c:33:44:3f:8b:2d:8b: 8b:48:5b:7b:56:b9:03:86:4f:5c:24:3b:61:07:fa:64:65:ff: b3:84:f7:33:b9:90:34:b9:d1:d3:cc:d0:8f:4b:8c:37:a1:74: 49:82:f9:2f:2e:84:47:ca:ff:7c:8b:50:14:37:0c:9d:8f:66: cc:75:35:c9:82:a6:cf:ca:d6:2b:6a:de:a6:87:f0:49:4f:82: 67:81:d2:07:6e:b7:dd:82:b3:ce:7b:76:12:55:ef:8b:7f:7f: 1b:4c:b8:52:36:72:05:a8:7b:56:64:f6:8e:99:ac:84:da:f7: cc:d4:a1:57:b1:bd:03:02:9d:56:74:91:f4:3f:f9:af:1a:ff: c5:ac:57:df:67:a4:7f:97:bc:8f:66:c0:e3:d7:fa:0e:ba:b1: 7c:62:c2:d1:1b:d9:7b:d0:58:89:8d:5a:93:b3:94:d2:2d:12: fa:cd:95:a6:b1:8f:8d:aa:35:2e:a8:7b:36:b0:9e:9b:98:a1: 4d:f4:66:ae:a3:89:72:5c:96:a7:0e:f8:60:5c:44:7d:bc:ef: 2e:a7:8f:bf:e9:69:11:2e:ce:e6:3b:cc:2c:f9:85:ed:c3:d4: 61:34:6b:18 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUeHQN0UqAPIzNYvSM7ilo7c3WHqYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxOTAwMDA0MVoX DTI2MDgxNzIzNTk1OVowejFJMEcGA1UEBRNAN2FkYjY4MzI2OTM5ODQwNTliNzZk OGM5YjBkZmE1ZjlkMGVhODM4M2I5MjFmMGUzMzVmMzhmNTY0NGZiODE5YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkIe1GbFgJHP8CBd+kuofnn7p2Vk urzDWl2c2tPydPOhrAsTfUxV0p7ZmCSV0+6cH8rneLejris0/SWUFRdwpqjk989g pHj9tYUwMUfpPd0exWE6p8qYmTLVG9nVi3T0YBmqIu1j//K0bCTx0sK+BxX2Z6ok VzQVllZ3zJM5iXc+w0EC7bdNB+/zl3/pILIaopHci7KjN//VtQiRhatIjcoKdj0o z0fEgNuLUVPzmwlyisLjsEIaEDWpg2dPL82IDz9dY/4dzo7VjuVtn5Hf1mnV2ddo wc4+YtGEUl/39OjqUJ7WVEpKJzanhQ9sVPf6TcGJxRrB8oRVoyK+lW7IRQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFHu0mtsEajVXr1wbY+4enz26oE29MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVlMmUyYTQ4LWE0YjUtNDk3YS05NzhkLTY4MzMwZTUzZGI5MS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba7/AwDQYJKoZIhvcNAQELBQADggEBAEZNpn2jA1M/HAEPOg+W LSRNhqkuqfnS+Khcq+gBnDNEP4sti4tIW3tWuQOGT1wkO2EH+mRl/7OE9zO5kDS5 0dPM0I9LjDehdEmC+S8uhEfK/3yLUBQ3DJ2PZsx1NcmCps/K1itq3qaH8ElPgmeB 0gdut92Cs857dhJV74t/fxtMuFI2cgWoe1Zk9o6ZrITa98zUoVexvQMCnVZ0kfQ/ +a8a/8WsV99npH+XvI9mwOPX+g66sXxiwtEb2XvQWImNWpOzlNItEvrNlaaxj42q NS6oezawnpuYoU30Zq6jiXJclqcO+GBcRH287y6nj7/paREuzuY7zCz5he3D1GE0 axg= -----END CERTIFICATE-----Generated at Fri May 22 14:19:15 2026 by rpki-client