$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/621df6ac-9831-45cc-b256-a86a9b674a83.roa File: 621df6ac-9831-45cc-b256-a86a9b674a83.roa (raw, json) Hash identifier: X000/btN0KgzpT2IxHjJqhtnfvW56ECIQddZCc3Bf6o= Subject key identifier: 04:72:19:42:F9:DD:03:D0:E7:3E:D3:FD:26:B7:2B:BE:D8:B6:18:84 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 78416549715412E7DD6E71F4FC798D7802D3B73C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/621df6ac-9831-45cc-b256-a86a9b674a83.roa Signing time: Fri 22 May 2026 17:16:40 +0000 ROA not before: Fri 22 May 2026 17:16:40 +0000 ROA not after: Thu 20 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dae8:b000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 May 2026 17:17:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:41:65:49:71:54:12:e7:dd:6e:71:f4:fc:79:8d:78:02:d3:b7:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 22 17:16:40 2026 GMT Not After : Aug 20 23:59:59 2026 GMT Subject: serialNumber=64a24e61ea3aeb7f4c627a2bc5bc67d79e7fd52cf4d6d8abc4c60cdcddbd31df, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:df:f0:d2:9f:5d:39:65:7a:e4:e6:04:32:7a: 3f:cd:da:af:5e:f0:03:a1:1e:85:1e:38:1d:09:de: 9d:d5:08:10:46:7e:11:53:b3:fa:e6:3b:8a:ae:95: 6d:13:c0:3b:e2:5c:c8:57:37:aa:67:d0:b2:7d:0b: 46:90:4f:6e:79:e3:39:99:f7:67:8d:97:35:97:97: 4d:06:50:0e:f0:a1:7b:70:27:b2:47:a0:30:97:8f: 4b:0f:81:ac:96:a7:64:1f:2a:66:11:d2:5d:6b:97: 29:f9:65:94:9a:59:ee:4e:e5:6f:4e:8e:bd:e9:30: 09:ae:0f:78:05:b4:a5:82:f3:00:ff:3c:01:96:b8: cf:9b:16:27:06:78:eb:02:48:4a:d2:6c:ec:ea:d4: 6d:93:5e:3c:39:76:7b:f1:c5:e4:fd:51:4c:fd:9f: 84:80:25:d7:26:e5:7a:30:99:61:d6:20:68:ac:d5: e8:01:72:7e:d8:d9:f4:5c:1d:75:49:b7:0b:87:5c: 61:46:69:ee:6f:5a:31:d9:a4:b7:17:19:e3:65:20: 0d:2e:7e:24:32:4f:92:58:17:22:34:b7:dc:c2:0d: 42:df:5e:57:ec:47:8d:d3:48:65:86:23:83:1b:44: 3f:45:74:c9:66:a2:41:e7:cb:1b:a2:8f:47:34:2d: 8b:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:72:19:42:F9:DD:03:D0:E7:3E:D3:FD:26:B7:2B:BE:D8:B6:18:84 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/621df6ac-9831-45cc-b256-a86a9b674a83.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dae8:b000::/40 Signature Algorithm: sha256WithRSAEncryption 81:22:cf:06:f1:5d:a8:39:e0:e7:f3:40:cd:01:9b:0b:2c:f0: b3:6c:ec:eb:71:06:d3:80:aa:76:7d:9d:6d:70:8c:b2:03:82: d7:d6:07:ab:4d:e6:b2:c8:64:e6:9e:60:95:eb:da:ba:18:93: 76:33:8c:ed:4c:98:be:91:22:48:94:09:3a:3b:8a:6f:a8:67: a5:51:b3:7f:ee:52:7d:43:a7:38:6d:55:15:e0:c0:c3:c2:98: b0:24:7a:4f:0e:10:cb:34:38:bd:db:c9:8b:2d:51:a5:44:e9: 7b:d1:2b:93:24:70:3c:bb:ff:94:ad:46:51:06:42:c8:a6:0e: 1a:97:fe:37:49:6f:8f:86:8f:e3:ec:fd:6e:bc:50:65:2b:40: 64:43:56:3a:59:30:45:84:ea:bf:87:ba:7a:ac:81:90:90:39: 00:4c:0c:d6:22:13:f0:42:b0:42:d4:0b:16:65:a5:77:4b:93: 0d:60:af:14:47:c8:cc:5e:f2:23:02:10:91:b8:47:ca:74:35: e7:a1:c9:83:f8:b8:36:c0:2c:4e:5c:f7:33:2a:e0:71:ab:2e: d7:52:b1:84:35:42:59:a1:de:bf:01:be:fc:bb:33:59:95:f6: fb:0e:d9:2e:c2:51:57:9f:57:f4:4a:de:da:ec:ff:7c:c4:2c: 40:25:83:fd -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUeEFlSXFUEufdbnH0/HmNeALTtzwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUyMjE3MTY0MFoX DTI2MDgyMDIzNTk1OVowejFJMEcGA1UEBRNANjRhMjRlNjFlYTNhZWI3ZjRjNjI3 YTJiYzViYzY3ZDc5ZTdmZDUyY2Y0ZDZkOGFiYzRjNjBjZGNkZGJkMzFkZjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6N/w0p9dOWV65OYEMno/zdqvXvAD oR6FHjgdCd6d1QgQRn4RU7P65juKrpVtE8A74lzIVzeqZ9CyfQtGkE9ueeM5mfdn jZc1l5dNBlAO8KF7cCeyR6Awl49LD4GslqdkHypmEdJda5cp+WWUmlnuTuVvTo69 6TAJrg94BbSlgvMA/zwBlrjPmxYnBnjrAkhK0mzs6tRtk148OXZ78cXk/VFM/Z+E gCXXJuV6MJlh1iBorNXoAXJ+2Nn0XB11SbcLh1xhRmnub1ox2aS3FxnjZSANLn4k Mk+SWBciNLfcwg1C315X7EeN00hlhiODG0Q/RXTJZqJB58sboo9HNC2LIQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFARyGUL53QPQ5z7T/Sa3K77YthiEMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzYyMWRmNmFjLTk4MzEtNDVjYy1iMjU2LWE4NmE5YjY3NGE4My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba6LAwDQYJKoZIhvcNAQELBQADggEBAIEizwbxXag54OfzQM0B mwss8LNs7OtxBtOAqnZ9nW1wjLIDgtfWB6tN5rLIZOaeYJXr2roYk3YzjO1MmL6R IkiUCTo7im+oZ6VRs3/uUn1DpzhtVRXgwMPCmLAkek8OEMs0OL3byYstUaVE6XvR K5MkcDy7/5StRlEGQsimDhqX/jdJb4+Gj+Ps/W68UGUrQGRDVjpZMEWE6r+Hunqs gZCQOQBMDNYiE/BCsELUCxZlpXdLkw1grxRHyMxe8iMCEJG4R8p0NeehyYP4uDbA LE5c9zMq4HGrLtdSsYQ1Qlmh3r8Bvvy7M1mV9vsO2S7CUVefV/RK3trs/3zELEAl g/0= -----END CERTIFICATE-----Generated at Sun May 24 12:19:55 2026 by rpki-client