$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a357a3c2-7505-4453-93f8-9fa1bda3585d.roa File: a357a3c2-7505-4453-93f8-9fa1bda3585d.roa (raw, json) Hash identifier: O81xTiV6xJlJ5/Ibup8EOx6hz0BjBrGR4XPFlNzA6UQ= Subject key identifier: 68:7D:73:CB:4F:D1:0C:A1:A6:3F:81:9E:88:4F:C6:A9:BC:29:F2:C1 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6EC2A2051300CDBE3C5D30F513A2A142785C002F Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a357a3c2-7505-4453-93f8-9fa1bda3585d.roa Signing time: Fri 22 May 2026 16:52:06 +0000 ROA not before: Fri 22 May 2026 16:52:06 +0000 ROA not after: Thu 20 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da61:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 May 2026 17:17:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:c2:a2:05:13:00:cd:be:3c:5d:30:f5:13:a2:a1:42:78:5c:00:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 22 16:52:06 2026 GMT Not After : Aug 20 23:59:59 2026 GMT Subject: serialNumber=598243065d09564edf7e7a425b52dc5fc5369f1b887722e05c3360e5d7859403, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:f4:cb:b6:b2:63:27:24:b2:e3:17:6f:df:b8: a3:ed:31:83:8a:c2:9d:df:f6:60:e0:28:81:69:00: f8:0c:60:20:fc:9e:48:ae:aa:dd:f3:30:0e:ef:73: df:ef:d6:4d:0b:8f:c9:c5:4c:c2:93:1e:39:8d:2b: b7:56:ad:2f:fb:37:db:a2:ec:b6:c0:fc:46:54:fe: 87:b9:a8:38:be:93:f0:a0:fc:57:11:52:f2:4d:e9: e9:19:33:4f:78:08:fa:a3:f2:f7:61:a9:7b:63:c2: 6e:10:80:ee:04:76:24:32:c0:bf:b4:cb:52:47:06: 23:b8:52:c5:0d:66:af:0d:bf:03:9c:12:96:e2:e1: 42:6a:68:9c:bb:9e:63:cf:d0:c5:18:c2:b2:f3:b4: 78:c4:1a:5a:81:ba:30:58:87:6f:a4:59:d3:13:10: 21:a1:c1:d6:f2:3f:c3:7a:84:5c:e3:11:f9:12:ee: 38:61:14:30:6a:3e:ef:60:0b:db:28:90:67:82:87: 91:3a:3e:b0:46:1e:34:dd:6a:79:22:4e:82:c4:55: 0c:cc:61:9d:fc:d1:d8:68:e0:68:e6:53:8c:2e:70: 35:0b:e7:4a:7c:aa:9e:e0:9e:73:08:35:cf:16:ab: 83:5e:dd:da:0e:e7:71:e0:ec:87:b9:8d:a2:62:cf: a4:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:7D:73:CB:4F:D1:0C:A1:A6:3F:81:9E:88:4F:C6:A9:BC:29:F2:C1 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a357a3c2-7505-4453-93f8-9fa1bda3585d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da61:2800::/40 Signature Algorithm: sha256WithRSAEncryption 05:9d:a7:b5:97:cc:6f:eb:17:44:91:e7:97:3d:22:41:b4:46: 31:df:d2:55:c1:37:aa:d9:a1:18:2c:79:e4:7d:d3:d3:b2:14: 6e:30:aa:1e:19:61:91:93:61:d6:d1:01:71:c0:be:a0:4a:a7: 08:07:71:ad:35:1d:cc:66:bc:41:d5:27:35:3b:d3:80:c5:db: 12:c8:d1:eb:5f:f1:13:39:69:db:e3:a4:95:0a:fe:4b:cc:17: f7:66:9d:ea:4d:53:cf:68:a5:f8:0e:86:51:c3:36:65:ed:fb: 9b:59:93:56:a4:9d:76:13:57:16:70:fa:89:97:10:38:77:52: 0c:d3:32:0b:cd:71:c1:ea:b9:c0:21:41:7e:55:6e:30:4b:79: 23:ca:6f:28:89:2b:4c:e1:52:35:43:48:79:e3:e2:90:30:4f: 72:17:b5:cf:b8:b9:65:6c:fa:2b:c9:8d:6c:f6:38:d0:a1:27: 34:64:36:1f:53:8b:ed:bc:dc:18:01:af:6f:f7:50:b3:fb:63: 51:c6:ce:96:01:8e:9e:f9:27:4a:01:26:a3:a2:f5:a7:9e:6f: 04:cf:6d:5d:f2:92:22:61:12:93:0a:12:ee:05:d3:58:cf:7a: a0:b7:60:12:f1:fe:a0:81:a0:90:dd:70:86:07:a6:29:64:47: d5:56:71:62 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUbsKiBRMAzb48XTD1E6KhQnhcAC8wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUyMjE2NTIwNloX DTI2MDgyMDIzNTk1OVowejFJMEcGA1UEBRNANTk4MjQzMDY1ZDA5NTY0ZWRmN2U3 YTQyNWI1MmRjNWZjNTM2OWYxYjg4NzcyMmUwNWMzMzYwZTVkNzg1OTQwMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPTLtrJjJySy4xdv37ij7TGDisKd 3/Zg4CiBaQD4DGAg/J5Irqrd8zAO73Pf79ZNC4/JxUzCkx45jSu3Vq0v+zfbouy2 wPxGVP6Huag4vpPwoPxXEVLyTenpGTNPeAj6o/L3Yal7Y8JuEIDuBHYkMsC/tMtS RwYjuFLFDWavDb8DnBKW4uFCamicu55jz9DFGMKy87R4xBpagbowWIdvpFnTExAh ocHW8j/DeoRc4xH5Eu44YRQwaj7vYAvbKJBngoeROj6wRh403Wp5Ik6CxFUMzGGd /NHYaOBo5lOMLnA1C+dKfKqe4J5zCDXPFquDXt3aDudx4OyHuY2iYs+kCQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFGh9c8tP0Qyhpj+BnohPxqm8KfLBMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2EzNTdhM2MyLTc1MDUtNDQ1My05M2Y4LTlmYTFiZGEzNTg1ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYSgwDQYJKoZIhvcNAQELBQADggEBAAWdp7WXzG/rF0SR55c9 IkG0RjHf0lXBN6rZoRgseeR909OyFG4wqh4ZYZGTYdbRAXHAvqBKpwgHca01Hcxm vEHVJzU704DF2xLI0etf8RM5advjpJUK/kvMF/dmnepNU89opfgOhlHDNmXt+5tZ k1aknXYTVxZw+omXEDh3UgzTMgvNccHqucAhQX5VbjBLeSPKbyiJK0zhUjVDSHnj 4pAwT3IXtc+4uWVs+ivJjWz2ONChJzRkNh9Ti+283BgBr2/3ULP7Y1HGzpYBjp75 J0oBJqOi9aeebwTPbV3ykiJhEpMKEu4F01jPeqC3YBLx/qCBoJDdcIYHpilkR9VW cWI= -----END CERTIFICATE-----Generated at Sun May 24 12:19:42 2026 by rpki-client