$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5e7ad0b0-97f4-4102-b9b3-79840e3344da.roa File: 5e7ad0b0-97f4-4102-b9b3-79840e3344da.roa (raw, json) Hash identifier: QJqm6ZD3/EB53hA8T+N8q5Hj8jhKhX7R5rVFppZHN30= Subject key identifier: BE:B6:A7:3B:0E:46:79:25:02:67:06:2F:74:47:20:15:3E:ED:C7:3E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 02B3CAD1635F032C5B3A043E58B2357DABA7E4B0 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5e7ad0b0-97f4-4102-b9b3-79840e3344da.roa Signing time: Sat 02 May 2026 00:00:10 +0000 ROA not before: Sat 02 May 2026 00:00:10 +0000 ROA not after: Fri 31 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:28c0::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 07 May 2026 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:b3:ca:d1:63:5f:03:2c:5b:3a:04:3e:58:b2:35:7d:ab:a7:e4:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:00:10 2026 GMT Not After : Jul 31 23:59:59 2026 GMT Subject: serialNumber=b8a5f7e10feb10c0d94ec32f34e684a3cde75c36b7b029b91e59fa128269c24a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:5d:7f:20:a4:e8:42:01:fd:4b:79:59:5c:8e: 63:59:5c:de:9e:29:c7:11:66:5a:3c:a8:ea:61:f5: b9:b9:2a:b4:3d:db:57:c6:a7:ce:56:04:6d:e4:3c: 89:34:25:42:11:0e:56:22:c5:07:ef:a8:05:3a:8b: 85:2d:d1:e3:db:fe:84:cf:b4:46:a6:0f:70:33:70: fa:d4:32:ab:a5:53:f8:11:1a:66:3a:2d:21:60:1d: 3e:01:8c:dd:ff:c0:61:da:36:1f:d2:18:b9:f1:6d: fb:71:6d:88:22:77:ee:1f:12:b3:cc:0d:21:38:4e: 7a:c5:43:83:a4:af:03:4c:a4:7d:2c:b6:f1:12:3d: 74:5a:d9:6f:88:f5:18:f7:c9:b8:99:a1:fd:83:2d: da:1d:90:f1:11:20:c4:5a:c5:ca:0f:fd:fd:7d:ad: e8:3e:35:d0:c4:ed:90:7d:c0:3b:73:ff:e5:da:17: d0:ff:10:75:38:d8:5d:aa:b1:1b:a5:94:2f:7f:20: 1d:34:6a:b0:9c:0e:cb:29:fe:c6:2b:cc:89:96:df: 61:10:e1:5c:4c:85:22:71:32:1b:3c:b2:d3:66:5a: 09:26:45:a6:3e:6c:69:af:9d:34:d2:0a:7f:5c:f5: 8a:74:26:32:dc:e9:c3:3d:d1:59:7f:cf:17:58:c7: f9:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:B6:A7:3B:0E:46:79:25:02:67:06:2F:74:47:20:15:3E:ED:C7:3E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5e7ad0b0-97f4-4102-b9b3-79840e3344da.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:28c0::/46 Signature Algorithm: sha256WithRSAEncryption 66:f2:77:64:e3:5d:b5:f9:23:7b:cf:07:c6:da:5c:e0:81:78: ae:f8:1f:2f:8a:ca:db:b1:e1:c4:02:ec:c0:9d:8d:c0:f3:97: 8e:4d:9a:a5:5d:34:96:93:86:06:3d:19:f6:ed:90:e7:32:fd: 82:fd:45:e6:6e:f2:45:41:ac:0e:1a:79:80:75:39:a8:54:9c: a3:b9:1f:76:e0:6d:b9:93:dd:cc:af:75:33:01:10:d3:1c:76: 4a:d9:a3:9a:ce:7d:62:4d:2e:40:e5:83:39:0f:e0:3d:14:77: 0b:8e:8b:30:71:28:52:1f:4e:6b:98:0a:34:1a:03:1e:0b:5b: b0:50:ed:62:28:e3:f9:f0:f8:be:db:35:96:56:aa:5c:f6:f0: b6:2f:f4:c0:11:9c:2a:34:29:81:10:de:48:3e:0c:f4:94:6a: 4a:4d:bf:5f:60:e5:32:31:c7:a2:f6:7a:49:44:81:05:4e:1a: 1d:e5:d5:4d:cd:b1:d5:04:bc:60:42:52:36:fc:07:6b:19:b3: 5a:00:0f:bd:18:27:fc:a7:9b:7d:ec:aa:23:74:5e:09:b1:b1: c5:f0:74:f5:78:10:06:40:95:0a:61:49:6e:8f:d9:a9:ac:91: 19:30:44:40:90:7e:10:81:43:5b:62:58:11:6e:fd:29:2a:98: 96:65:d4:b3 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUArPK0WNfAyxbOgQ+WLI1faun5LAwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwMjAwMDAxMFoX DTI2MDczMTIzNTk1OVowejFJMEcGA1UEBRNAYjhhNWY3ZTEwZmViMTBjMGQ5NGVj MzJmMzRlNjg0YTNjZGU3NWMzNmI3YjAyOWI5MWU1OWZhMTI4MjY5YzI0YTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6l1/IKToQgH9S3lZXI5jWVzeninH EWZaPKjqYfW5uSq0PdtXxqfOVgRt5DyJNCVCEQ5WIsUH76gFOouFLdHj2/6Ez7RG pg9wM3D61DKrpVP4ERpmOi0hYB0+AYzd/8Bh2jYf0hi58W37cW2IInfuHxKzzA0h OE56xUODpK8DTKR9LLbxEj10WtlviPUY98m4maH9gy3aHZDxESDEWsXKD/39fa3o PjXQxO2QfcA7c//l2hfQ/xB1ONhdqrEbpZQvfyAdNGqwnA7LKf7GK8yJlt9hEOFc TIUicTIbPLLTZloJJkWmPmxpr5000gp/XPWKdCYy3OnDPdFZf88XWMf5JQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFL62pzsORnklAmcGL3RHIBU+7cc+MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzVlN2FkMGIwLTk3ZjQtNDEwMi1iOWIzLTc5ODQwZTMzNDRkYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcCJAba8yjAMA0GCSqGSIb3DQEBCwUAA4IBAQBm8ndk4121+SN7zwfG 2lzggXiu+B8visrbseHEAuzAnY3A85eOTZqlXTSWk4YGPRn27ZDnMv2C/UXmbvJF QawOGnmAdTmoVJyjuR924G25k93Mr3UzARDTHHZK2aOazn1iTS5A5YM5D+A9FHcL joswcShSH05rmAo0GgMeC1uwUO1iKOP58Pi+2zWWVqpc9vC2L/TAEZwqNCmBEN5I Pgz0lGpKTb9fYOUyMcei9npJRIEFThod5dVNzbHVBLxgQlI2/AdrGbNaAA+9GCf8 p5t97KojdF4JsbHF8HT1eBAGQJUKYUluj9mprJEZMERAkH4QgUNbYlgRbv0pKpiW ZdSz -----END CERTIFICATE-----Generated at Sun May 3 14:48:55 2026 by rpki-client