$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b105a261-7baa-401b-b853-65b2635b3f6d.roa File: b105a261-7baa-401b-b853-65b2635b3f6d.roa (raw, json) Hash identifier: TCbD2mmMrRl+2SNIzeyg9K5+o/axeFTchheszIJfXmM= Subject key identifier: 34:82:43:19:63:09:90:24:C3:63:30:26:AB:96:5F:8B:1A:46:E4:F3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 23E2B5CD9695CC51F9E597F7EC578DE92D404A34 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b105a261-7baa-401b-b853-65b2635b3f6d.roa Signing time: Tue 28 Apr 2026 00:00:03 +0000 ROA not before: Tue 28 Apr 2026 00:00:03 +0000 ROA not after: Mon 27 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da24:8000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 07 May 2026 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:e2:b5:cd:96:95:cc:51:f9:e5:97:f7:ec:57:8d:e9:2d:40:4a:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 28 00:00:03 2026 GMT Not After : Jul 27 23:59:59 2026 GMT Subject: serialNumber=2c71f30e6f7bda16fbd1076fef377bf503713eb16f6feead4bba9f43d4299026, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:28:68:26:bd:97:40:88:0a:9e:e9:34:4a:44: 2e:fd:26:3e:be:68:16:cc:ab:08:52:d4:55:9d:42: 78:af:d0:e8:17:5b:7b:18:24:98:f4:c4:be:2a:90: 65:0b:f4:57:c8:a6:f6:78:0b:b7:9f:f7:81:aa:ad: e2:65:45:22:e1:a8:e1:c0:76:56:a9:36:cd:82:bc: c0:25:de:f8:7d:01:d4:ed:86:84:b1:a1:cd:9d:91: b9:f1:43:ae:e3:c8:0b:22:fe:8c:54:06:1c:09:12: ff:6c:d0:0b:25:b8:9f:62:c1:a7:2d:37:de:05:2e: 72:b8:f2:7b:03:b1:4f:d1:7a:f3:e9:71:46:ba:32: e5:71:e5:db:c5:dc:61:4a:7c:1a:13:a0:d7:50:1d: 80:60:4b:8b:29:00:eb:c7:97:ed:da:d3:7b:88:f9: 3b:08:fd:e6:33:c8:35:3d:16:af:2b:2f:55:a1:85: ae:44:96:9c:dd:32:68:e8:0c:57:33:5a:d7:05:b6: 90:09:eb:6a:c3:28:86:72:9f:79:88:ea:c2:7b:ea: e6:49:33:96:fc:81:a8:99:21:c9:7a:9f:1c:e7:e7: c7:38:71:3a:a9:8d:d8:ed:4e:27:13:a2:bc:73:cd: 5c:af:f4:49:56:8c:02:b0:bd:fc:bf:a9:b4:dd:89: 05:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:82:43:19:63:09:90:24:C3:63:30:26:AB:96:5F:8B:1A:46:E4:F3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b105a261-7baa-401b-b853-65b2635b3f6d.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da24:8000::/36 Signature Algorithm: sha256WithRSAEncryption 1d:53:0a:1f:e1:34:47:0c:fd:fa:93:19:71:a0:0f:48:9c:71: b2:63:11:1a:3d:c4:38:ef:0a:15:5a:11:f7:5d:8e:b7:da:e7: 93:55:f2:f5:cf:66:8e:33:48:d6:f5:ef:1a:78:21:f1:4c:da: 40:85:e4:05:fb:49:ce:c2:84:50:cb:15:f3:2d:07:d7:4b:a8: 9a:0c:ce:51:87:51:7c:ff:0d:a3:a0:fc:44:60:66:f4:62:de: d8:e7:a9:2c:51:40:73:e9:11:c0:c1:31:92:5c:b6:bd:49:b3: 89:47:fd:62:74:38:cf:8f:e7:5a:c5:6e:5f:d4:c8:dd:52:15: 10:8a:fa:b7:2e:40:95:6a:ef:f6:fc:15:2e:9c:9c:29:e0:63: c9:de:93:9c:15:3b:74:db:d3:dc:8c:26:ed:ad:4a:e1:84:dc: d7:7e:04:dd:28:b0:0a:c8:78:b3:43:16:ba:05:06:fc:9e:75: 93:0b:d3:4d:0f:1b:9f:f3:21:a0:da:e4:c0:3e:68:58:90:06: 33:99:61:12:84:4e:ed:27:01:1e:76:7a:c5:1a:15:75:74:d8: d8:29:22:ea:c3:dd:6a:34:f0:d1:08:39:b0:73:5b:0f:1f:c3: 44:ea:6c:34:81:ad:8c:a7:7c:87:31:d8:b0:7f:65:af:30:a8: de:ef:e2:f5 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUI+K1zZaVzFH55Zf37FeN6S1ASjQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDQyODAwMDAwM1oX DTI2MDcyNzIzNTk1OVowejFJMEcGA1UEBRNAMmM3MWYzMGU2ZjdiZGExNmZiZDEw NzZmZWYzNzdiZjUwMzcxM2ViMTZmNmZlZWFkNGJiYTlmNDNkNDI5OTAyNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuChoJr2XQIgKnuk0SkQu/SY+vmgW zKsIUtRVnUJ4r9DoF1t7GCSY9MS+KpBlC/RXyKb2eAu3n/eBqq3iZUUi4ajhwHZW qTbNgrzAJd74fQHU7YaEsaHNnZG58UOu48gLIv6MVAYcCRL/bNALJbifYsGnLTfe BS5yuPJ7A7FP0Xrz6XFGujLlceXbxdxhSnwaE6DXUB2AYEuLKQDrx5ft2tN7iPk7 CP3mM8g1PRavKy9VoYWuRJac3TJo6AxXM1rXBbaQCetqwyiGcp95iOrCe+rmSTOW /IGomSHJep8c5+fHOHE6qY3Y7U4nE6K8c81cr/RJVowCsL38v6m03YkFlwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFDSCQxljCZAkw2MwJquWX4saRuTzMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2IxMDVhMjYxLTdiYWEtNDAxYi1iODUzLTY1YjI2MzViM2Y2ZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYEJAbaJIAwDQYJKoZIhvcNAQELBQADggEBAB1TCh/hNEcM/fqTGXGg D0iccbJjERo9xDjvChVaEfddjrfa55NV8vXPZo4zSNb17xp4IfFM2kCF5AX7Sc7C hFDLFfMtB9dLqJoMzlGHUXz/DaOg/ERgZvRi3tjnqSxRQHPpEcDBMZJctr1Js4lH /WJ0OM+P51rFbl/UyN1SFRCK+rcuQJVq7/b8FS6cnCngY8nek5wVO3Tb09yMJu2t SuGE3Nd+BN0osArIeLNDFroFBvyedZML000PG5/zIaDa5MA+aFiQBjOZYRKETu0n AR52esUaFXV02NgpIurD3Wo08NEIObBzWw8fw0TqbDSBrYynfIcx2LB/Za8wqN7v 4vU= -----END CERTIFICATE-----Generated at Sun May 3 15:23:52 2026 by rpki-client