$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a4e1135e-0450-439a-84a4-3c19c06f382b.roa File: a4e1135e-0450-439a-84a4-3c19c06f382b.roa (raw, json) Hash identifier: s04UN/apBm5cK2elrah8W/DabZfnDhh+VgOEEjH0J+U= Subject key identifier: E1:E7:3F:3C:3B:99:A5:B7:B0:D1:14:83:3B:C8:0F:DA:5E:F4:FF:1A Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 49A1603B14AF30CD11474FAF88290CA4D0F7FBBE Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a4e1135e-0450-439a-84a4-3c19c06f382b.roa Signing time: Sat 02 May 2026 00:21:00 +0000 ROA not before: Sat 02 May 2026 00:21:00 +0000 ROA not after: Fri 31 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf3:8800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 07 May 2026 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:a1:60:3b:14:af:30:cd:11:47:4f:af:88:29:0c:a4:d0:f7:fb:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:21:00 2026 GMT Not After : Jul 31 23:59:59 2026 GMT Subject: serialNumber=1d91eff98b27212495edbfe3dd1e3c16813a66c8d6fb5815a671ac41c1daa154, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:4e:cd:59:56:d4:94:c5:7f:83:bc:a7:09:74: 97:56:f5:85:9c:ba:ca:93:1d:74:dd:27:d3:c0:62: 0f:67:b3:b3:d9:78:3a:fd:2a:f0:31:e5:f7:c8:5e: 70:04:a7:4e:19:23:15:40:9e:25:0f:de:bf:47:e8: c1:9d:d4:5b:0b:b8:f2:46:13:6d:cf:de:e8:36:33: 40:9e:1a:61:75:91:41:9e:16:ab:00:90:c7:6d:13: 2c:e8:bb:4a:c3:5c:e1:51:98:6a:34:0f:7a:4b:0c: 79:7c:58:d8:3a:8f:7c:12:77:74:a1:94:9d:87:e0: 94:c1:9f:36:50:11:20:ef:72:d4:f4:d6:74:7f:f6: af:97:70:63:03:9a:c7:e6:d1:af:9c:0d:12:e1:d3: a5:3e:4d:3d:99:02:83:f4:b5:a0:37:fd:d2:db:b8: d9:1d:e5:a6:65:d4:50:6a:60:f0:e3:1d:0c:1e:84: 45:2a:d7:be:92:17:80:b9:fc:9b:45:7b:f5:80:50: f9:e2:89:ce:97:6c:1c:15:71:2f:a4:e5:9f:44:3b: 61:68:be:da:d2:4d:57:c0:ac:dc:a7:5c:f0:69:61: 3f:0a:3d:22:c0:7e:b6:2b:13:78:06:35:ff:2b:1d: 7b:c0:d8:c1:4b:35:c7:ce:d9:90:8b:6c:3b:d8:d0: 13:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:E7:3F:3C:3B:99:A5:B7:B0:D1:14:83:3B:C8:0F:DA:5E:F4:FF:1A X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a4e1135e-0450-439a-84a4-3c19c06f382b.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf3:8800::/40 Signature Algorithm: sha256WithRSAEncryption b9:8a:76:9c:ea:7b:dc:9e:51:00:ee:d5:70:a4:06:f7:f5:ac: 22:ce:0c:0d:39:06:6c:0a:a2:4c:ab:8a:14:31:3a:7e:03:7e: 80:fc:b5:0c:48:77:a6:6d:70:33:40:9b:7a:37:2c:3c:a0:5c: d3:fa:a5:a1:cc:35:dc:e0:7a:61:b2:1b:5f:f1:84:11:2e:d8: 84:f1:68:38:30:84:8a:c3:74:81:e4:4a:bb:2d:a4:04:03:a5: fe:69:81:fa:9f:b3:d8:b6:b3:d8:50:af:d9:4c:65:10:ca:b6: 29:e8:a4:59:30:37:1a:dc:f2:a8:e6:d9:32:47:24:f0:0a:66: 1e:62:67:c5:35:89:28:c4:f5:3c:ba:1b:1d:1f:0b:95:1c:1b: 73:1a:fa:0b:6b:5a:1f:71:18:58:67:8e:8f:c8:25:b0:21:b8: db:04:9c:14:9c:d5:96:e5:46:c6:4c:c1:a6:94:96:c2:4a:59: 3b:d1:02:9d:e6:5a:6f:ad:d0:69:ad:4f:c6:e8:83:d5:ff:c3: 84:b2:ae:cd:d2:b6:21:d2:5b:ba:dd:fb:ca:4f:e0:87:37:f6: 04:70:1a:dc:7f:9e:64:14:5c:e7:50:9a:f0:b4:0f:7d:88:db: 25:69:07:0d:50:a0:36:78:b8:e2:7f:96:80:cb:75:5e:ab:c5: 55:69:66:c1 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUSaFgOxSvMM0RR0+viCkMpND3+74wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwMjAwMjEwMFoX DTI2MDczMTIzNTk1OVowejFJMEcGA1UEBRNAMWQ5MWVmZjk4YjI3MjEyNDk1ZWRi ZmUzZGQxZTNjMTY4MTNhNjZjOGQ2ZmI1ODE1YTY3MWFjNDFjMWRhYTE1NDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA107NWVbUlMV/g7ynCXSXVvWFnLrK kx103SfTwGIPZ7Oz2Xg6/SrwMeX3yF5wBKdOGSMVQJ4lD96/R+jBndRbC7jyRhNt z97oNjNAnhphdZFBnharAJDHbRMs6LtKw1zhUZhqNA96Swx5fFjYOo98End0oZSd h+CUwZ82UBEg73LU9NZ0f/avl3BjA5rH5tGvnA0S4dOlPk09mQKD9LWgN/3S27jZ HeWmZdRQamDw4x0MHoRFKte+kheAufybRXv1gFD54onOl2wcFXEvpOWfRDthaL7a 0k1XwKzcp1zwaWE/Cj0iwH62KxN4BjX/Kx17wNjBSzXHztmQi2w72NATCQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFOHnPzw7maW3sNEUgzvID9pe9P8aMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2E0ZTExMzVlLTA0NTAtNDM5YS04NGE0LTNjMTljMDZmMzgyYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba84gwDQYJKoZIhvcNAQELBQADggEBALmKdpzqe9yeUQDu1XCk Bvf1rCLODA05BmwKokyrihQxOn4DfoD8tQxId6ZtcDNAm3o3LDygXNP6paHMNdzg emGyG1/xhBEu2ITxaDgwhIrDdIHkSrstpAQDpf5pgfqfs9i2s9hQr9lMZRDKtino pFkwNxrc8qjm2TJHJPAKZh5iZ8U1iSjE9Ty6Gx0fC5UcG3Ma+gtrWh9xGFhnjo/I JbAhuNsEnBSc1ZblRsZMwaaUlsJKWTvRAp3mWm+t0GmtT8bog9X/w4Syrs3StiHS W7rd+8pP4Ic39gRwGtx/nmQUXOdQmvC0D32I2yVpBw1QoDZ4uOJ/loDLdV6rxVVp ZsE= -----END CERTIFICATE-----Generated at Sun May 3 15:22:58 2026 by rpki-client