$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa File: aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa (raw, json) Hash identifier: LUb/cdT/9E6pdwNNopFF0er3pVMqWidC6Vck1txX5bE= Subject key identifier: 51:9A:46:4B:76:5E:34:52:D2:13:24:37:79:32:A8:70:ED:1A:82:0E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7C800B9B0C7A137F2EFDD809E3CBF46B9D2164B7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa Signing time: Fri 01 May 2026 00:00:06 +0000 ROA not before: Fri 01 May 2026 00:00:06 +0000 ROA not after: Thu 30 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da32:a000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 07 May 2026 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:80:0b:9b:0c:7a:13:7f:2e:fd:d8:09:e3:cb:f4:6b:9d:21:64:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 1 00:00:06 2026 GMT Not After : Jul 30 23:59:59 2026 GMT Subject: serialNumber=2b8273f7119ee7cb26200b5da828559c0cdf25027089cf9db3a12bc33b0b2ca4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:8f:ef:1b:66:ae:a2:8e:8b:58:6b:2e:49:ee: ac:06:cf:34:a7:ec:e4:a8:e0:21:64:9f:4b:dc:5c: ce:4e:3b:3b:c2:fc:76:b8:f3:72:7e:e4:e4:ec:f5: 0e:35:5b:1f:e2:7d:76:3c:37:8e:8a:f6:73:93:41: 24:5b:78:e2:3c:2c:1e:46:fc:b4:96:aa:0b:2c:1c: a4:d3:22:16:0c:fb:dc:aa:e5:8c:d1:e8:09:e8:f3: e5:3e:e2:73:a4:c6:41:aa:21:a4:98:0b:c0:45:58: 20:5b:f6:61:fc:71:24:b2:19:25:b2:01:aa:b7:0a: 2f:df:ec:6f:bd:81:e5:b6:9b:5d:51:24:b2:32:68: 6e:40:17:fb:c8:91:6a:24:63:15:20:3e:e5:90:a8: e9:d2:72:76:95:04:3c:ae:c9:f7:cb:32:a5:d1:3c: 33:87:a4:bc:22:de:8c:7a:17:ff:86:c3:d3:b2:36: 76:c4:36:0a:cf:83:d9:40:68:16:58:d6:3a:26:8b: 04:24:a3:18:c7:ae:06:4a:c8:98:97:f6:c6:d0:73: fb:47:35:b7:d3:8c:39:6e:e1:eb:81:4a:ce:4c:d5: 56:df:cc:38:19:a6:4d:19:fd:c9:98:0d:5a:45:bb: df:47:94:39:9c:72:82:2f:8c:99:c0:45:1e:8d:1b: cf:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:9A:46:4B:76:5E:34:52:D2:13:24:37:79:32:A8:70:ED:1A:82:0E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/aba2318c-e96a-4058-8e0c-5aca2b56aad9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da32:a000::/40 Signature Algorithm: sha256WithRSAEncryption 8d:11:c1:73:e2:74:f7:d2:4f:4d:31:e8:a6:1c:23:3b:cf:fe: 41:6e:e3:d1:e1:2b:b8:4e:39:a9:ff:f6:c8:5d:45:c8:0f:b5: 30:7b:8d:81:38:43:d8:0a:76:f3:f7:13:35:fb:0c:80:a6:48: c6:84:e2:c0:ea:44:26:a8:5c:68:0f:98:11:29:17:e0:12:c2: 5c:cd:1b:d5:b2:34:5c:71:c7:28:0d:40:96:01:3a:bd:16:1c: b1:41:f7:07:8b:91:da:8b:fa:30:ca:b2:32:9e:01:40:de:b4: 9c:80:57:51:7e:c3:01:6f:13:a3:27:12:7c:07:16:0c:96:e4: 57:b2:7e:cb:47:7b:fa:e2:53:1d:b8:f5:f2:01:7f:66:19:d6: cb:2e:23:76:3b:fe:b8:58:61:1a:d5:c5:80:c3:f5:6e:63:41: 18:02:b7:b7:7f:68:55:db:a2:86:51:b2:b3:87:de:98:0a:a4: 95:c7:97:0b:c4:28:53:73:4f:c9:08:a0:38:20:c2:f3:65:25: 3f:8f:59:a3:27:97:05:9f:ff:58:d6:1a:37:40:33:c9:24:f4: 2a:58:c8:9a:51:03:ae:d2:95:7f:55:f5:29:e2:54:da:33:f9: 28:9d:52:a9:05:7a:55:35:bf:49:29:0d:14:42:e3:c1:ed:45: 6f:1e:e3:ab -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUfIALmwx6E38u/dgJ48v0a50hZLcwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwMTAwMDAwNloX DTI2MDczMDIzNTk1OVowejFJMEcGA1UEBRNAMmI4MjczZjcxMTllZTdjYjI2MjAw YjVkYTgyODU1OWMwY2RmMjUwMjcwODljZjlkYjNhMTJiYzMzYjBiMmNhNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8o/vG2auoo6LWGsuSe6sBs80p+zk qOAhZJ9L3FzOTjs7wvx2uPNyfuTk7PUONVsf4n12PDeOivZzk0EkW3jiPCweRvy0 lqoLLByk0yIWDPvcquWM0egJ6PPlPuJzpMZBqiGkmAvARVggW/Zh/HEkshklsgGq twov3+xvvYHltptdUSSyMmhuQBf7yJFqJGMVID7lkKjp0nJ2lQQ8rsn3yzKl0Twz h6S8It6Mehf/hsPTsjZ2xDYKz4PZQGgWWNY6JosEJKMYx64GSsiYl/bG0HP7RzW3 04w5buHrgUrOTNVW38w4GaZNGf3JmA1aRbvfR5Q5nHKCL4yZwEUejRvP0wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFFGaRkt2XjRS0hMkN3kyqHDtGoIOMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2FiYTIzMThjLWU5NmEtNDA1OC04ZTBjLTVhY2EyYjU2YWFkOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaMqAwDQYJKoZIhvcNAQELBQADggEBAI0RwXPidPfST00x6KYc IzvP/kFu49HhK7hOOan/9shdRcgPtTB7jYE4Q9gKdvP3EzX7DICmSMaE4sDqRCao XGgPmBEpF+ASwlzNG9WyNFxxxygNQJYBOr0WHLFB9weLkdqL+jDKsjKeAUDetJyA V1F+wwFvE6MnEnwHFgyW5FeyfstHe/riUx249fIBf2YZ1ssuI3Y7/rhYYRrVxYDD 9W5jQRgCt7d/aFXbooZRsrOH3pgKpJXHlwvEKFNzT8kIoDggwvNlJT+PWaMnlwWf /1jWGjdAM8kk9CpYyJpRA67SlX9V9SniVNoz+SidUqkFelU1v0kpDRRC48HtRW8e 46s= -----END CERTIFICATE-----Generated at Sun May 3 14:48:09 2026 by rpki-client