$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67b122dd-c584-4c2f-ac76-fb1a660b79da.roa File: 67b122dd-c584-4c2f-ac76-fb1a660b79da.roa (raw, json) Hash identifier: DrY3d+lX1WYDTo+qlmRZHHHxtDwAd8iS2wwSvKZ4o0E= Subject key identifier: BE:2A:8E:AF:CF:FA:31:9D:87:FD:78:33:67:B4:78:E4:E2:D1:3A:C9 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 44DBBEDA4E50C792A315E8F9A6C7647039E46FAD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67b122dd-c584-4c2f-ac76-fb1a660b79da.roa Signing time: Mon 04 May 2026 00:00:32 +0000 ROA not before: Mon 04 May 2026 00:00:32 +0000 ROA not after: Sun 02 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da28::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 11 May 2026 00:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:db:be:da:4e:50:c7:92:a3:15:e8:f9:a6:c7:64:70:39:e4:6f:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 4 00:00:32 2026 GMT Not After : Aug 2 23:59:59 2026 GMT Subject: serialNumber=7da490dc5ea73fb08124866672a18b1fdd5f2b40017a21a6f4646d621ffc8978, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:1a:15:f4:a8:f3:bb:ed:9d:a1:4e:b5:02:44: fd:c6:cc:bc:3b:9a:c9:06:fb:89:6b:74:e2:2a:a1: 5a:3b:8e:c0:09:f8:5c:ba:ab:b8:b4:c0:d3:90:60: 2d:dd:de:4a:5c:9a:ec:b5:dc:88:63:c0:22:f1:a0: be:7f:85:50:9f:50:f6:ad:95:c8:60:a1:47:04:f6: c4:93:5d:63:ad:cc:ec:55:db:ac:c5:bd:14:4e:c5: cb:f4:b1:ef:41:fa:d3:a3:4e:f3:53:b1:93:cf:99: 18:78:9f:44:c4:71:7f:6c:fc:b1:19:42:6d:5e:db: 51:f1:37:7c:b5:ef:9c:4c:1f:c1:93:f5:ff:97:b8: d9:63:e9:12:da:a7:27:10:85:7a:93:64:81:08:8c: 13:03:bf:54:ff:ee:bc:00:3b:f1:be:59:2d:0c:2f: 6f:86:6b:f2:fd:c4:a2:60:9f:28:ff:25:20:23:af: e9:5c:ec:01:a9:c7:a9:09:1a:67:67:80:eb:ac:04: 44:bf:19:b4:47:02:c3:42:7c:31:ab:e1:bf:50:23: 34:98:cf:32:b8:7c:be:95:e2:f5:98:f8:0b:9a:af: c9:84:54:fd:6c:1b:00:9a:2a:9f:7d:bf:21:a1:24: 68:d8:5c:1b:7a:9e:cc:65:3b:c6:7c:a5:d8:33:84: 8a:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:2A:8E:AF:CF:FA:31:9D:87:FD:78:33:67:B4:78:E4:E2:D1:3A:C9 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67b122dd-c584-4c2f-ac76-fb1a660b79da.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da28::/36 Signature Algorithm: sha256WithRSAEncryption 14:c5:2d:92:ad:2e:6b:4b:79:19:40:45:1f:c1:cb:e4:34:23: 31:44:5b:fc:f7:ab:73:e8:1f:a8:8a:3d:9e:29:db:84:61:f6: 36:69:ec:3d:74:b7:f8:f8:98:a5:13:73:e8:6e:48:64:3b:88: 90:dc:63:d3:91:cb:e2:c6:09:88:d1:f5:c6:24:84:e2:98:16: e8:15:0d:44:b2:59:ca:55:aa:ac:2e:8b:37:7f:6b:bd:dc:b5: 8b:d1:3b:ec:c7:b7:99:ac:b2:74:17:26:63:1e:ca:3a:23:95: 80:ba:4b:2d:ad:af:92:ce:dd:1f:0b:35:74:54:3e:67:6d:03: fc:9f:bb:51:18:b7:31:46:5c:6d:72:5a:2b:42:15:c3:79:ec: 3f:b1:9f:fd:7f:7b:7a:d6:c2:90:3e:3a:71:c7:f7:58:5e:9b: af:be:94:32:8b:e0:8b:9d:f5:52:e0:2e:df:a0:d1:fa:81:60: f7:2c:60:0a:1e:dd:bd:d3:d3:f8:b6:7b:9a:0b:c9:7f:51:ee: eb:63:99:7c:f6:d2:ab:fd:cc:08:3f:2e:24:aa:af:3a:20:94: 8e:81:6f:90:db:17:b0:65:2f:89:14:92:db:27:49:a9:b6:ab: 34:4d:26:17:df:4e:90:7b:d0:fc:65:9d:d7:d9:09:5b:30:76: 95:f6:81:46 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIURNu+2k5Qx5KjFej5psdkcDnkb60wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwNDAwMDAzMloX DTI2MDgwMjIzNTk1OVowejFJMEcGA1UEBRNAN2RhNDkwZGM1ZWE3M2ZiMDgxMjQ4 NjY2NzJhMThiMWZkZDVmMmI0MDAxN2EyMWE2ZjQ2NDZkNjIxZmZjODk3ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8RoV9Kjzu+2doU61AkT9xsy8O5rJ BvuJa3TiKqFaO47ACfhcuqu4tMDTkGAt3d5KXJrstdyIY8Ai8aC+f4VQn1D2rZXI YKFHBPbEk11jrczsVdusxb0UTsXL9LHvQfrTo07zU7GTz5kYeJ9ExHF/bPyxGUJt XttR8Td8te+cTB/Bk/X/l7jZY+kS2qcnEIV6k2SBCIwTA79U/+68ADvxvlktDC9v hmvy/cSiYJ8o/yUgI6/pXOwBqcepCRpnZ4DrrAREvxm0RwLDQnwxq+G/UCM0mM8y uHy+leL1mPgLmq/JhFT9bBsAmiqffb8hoSRo2Fwbep7MZTvGfKXYM4SK/wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFL4qjq/P+jGdh/14M2e0eOTi0TrJMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzY3YjEyMmRkLWM1ODQtNGMyZi1hYzc2LWZiMWE2NjBiNzlkYS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaKAAwDQYJKoZIhvcNAQELBQADggEBABTFLZKtLmtLeRlARR/B y+Q0IzFEW/z3q3PoH6iKPZ4p24Rh9jZp7D10t/j4mKUTc+huSGQ7iJDcY9ORy+LG CYjR9cYkhOKYFugVDUSyWcpVqqwuizd/a73ctYvRO+zHt5mssnQXJmMeyjojlYC6 Sy2tr5LO3R8LNXRUPmdtA/yfu1EYtzFGXG1yWitCFcN57D+xn/1/e3rWwpA+OnHH 91hem6++lDKL4Iud9VLgLt+g0fqBYPcsYAoe3b3T0/i2e5oLyX9R7utjmXz20qv9 zAg/LiSqrzoglI6Bb5DbF7BlL4kUktsnSam2qzRNJhffTpB70PxlndfZCVswdpX2 gUY= -----END CERTIFICATE-----Generated at Thu May 7 03:56:32 2026 by rpki-client