$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b56fc96b-2136-401c-858f-028ad8879bdd.roa File: b56fc96b-2136-401c-858f-028ad8879bdd.roa (raw, json) Hash identifier: BY8M/DQcwZhMFFdzI/23FALDzYjFFZFT9aYydtEHhlc= Subject key identifier: 9B:9B:C6:0C:57:45:68:8C:5B:33:26:ED:86:A4:4B:71:91:9D:09:79 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7278DC9256702A640E28D3E06070282595B25FF7 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b56fc96b-2136-401c-858f-028ad8879bdd.roa Signing time: Fri 22 May 2026 17:03:17 +0000 ROA not before: Fri 22 May 2026 17:03:17 +0000 ROA not after: Thu 20 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dae8:c840::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 May 2026 17:17:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:78:dc:92:56:70:2a:64:0e:28:d3:e0:60:70:28:25:95:b2:5f:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 22 17:03:17 2026 GMT Not After : Aug 20 23:59:59 2026 GMT Subject: serialNumber=94ff04c9b4a782641132a39c7fb99be6964ee86e97c35c3d0633be69146901ed, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:a4:04:e1:91:13:53:db:ef:f1:0f:81:90:89: 07:10:5a:65:2f:5b:59:55:f8:d9:6e:e3:11:79:ae: 02:81:e9:65:e2:e6:65:05:51:55:cd:a7:c8:5e:9a: 50:4d:f9:ed:f3:ed:89:3a:38:5f:3c:be:52:45:41: 76:39:29:eb:8a:3e:42:f1:aa:8f:52:3a:96:e4:70: f9:da:f0:1e:8e:eb:49:9c:12:80:c5:89:6a:2a:76: 7e:bc:80:40:06:18:73:b2:14:14:f0:f3:09:46:99: 01:bb:d0:41:e7:e0:3f:e1:b1:d2:68:31:22:06:34: 5d:68:75:b8:fe:c7:5a:48:7d:43:06:d0:1a:bc:6d: df:8c:65:df:e7:40:fb:ad:66:e3:cf:4f:9f:96:4a: 31:b6:2f:35:e6:44:b1:19:04:b0:9a:40:98:35:2d: 49:f0:5a:aa:47:25:e3:b1:a1:fa:4f:c6:b7:f1:6c: 61:99:98:0b:0b:d4:c0:3f:b4:df:38:7f:54:fb:dc: 84:47:ba:ac:0b:d3:5c:8f:0c:19:02:ee:c8:0c:60: fe:7a:c1:97:43:f2:91:bb:61:fe:4e:de:d3:af:ed: 78:2a:1a:4a:b2:34:d7:2f:f5:91:1a:22:24:78:64: 45:79:20:25:d9:ac:0b:48:91:00:d6:85:e4:c9:6d: 88:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:9B:C6:0C:57:45:68:8C:5B:33:26:ED:86:A4:4B:71:91:9D:09:79 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b56fc96b-2136-401c-858f-028ad8879bdd.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dae8:c840::/48 Signature Algorithm: sha256WithRSAEncryption c2:ea:2b:a5:92:15:27:61:fe:36:81:c7:92:96:57:f8:67:f9: 45:95:01:65:b3:0c:23:68:6b:35:29:a8:81:72:31:e5:84:5a: 11:f7:eb:d1:d5:5a:f9:07:ef:f8:f7:4c:43:7a:10:cc:99:ee: 61:5f:74:40:b5:ed:1f:c8:38:c4:fd:5d:69:e4:e2:b4:e3:91: 85:98:76:35:d3:66:6c:a8:41:4f:0d:01:bf:55:a2:cf:68:79: 39:78:ee:43:1c:ac:6e:94:08:ab:f5:05:73:ba:10:d0:bd:be: 5c:b9:26:2f:a0:d8:f3:b2:82:87:6e:a6:8b:6d:4d:1a:e6:19: a9:4b:99:54:cf:50:5b:0c:5b:5e:0f:dd:a1:cb:ff:93:5e:98: 0d:d1:31:73:d4:f4:73:e3:67:60:e7:a4:b2:d4:7b:a2:d9:92: 06:0d:14:c2:bf:6e:7c:80:96:22:af:3e:95:ce:10:da:7e:2b: 20:e3:e8:f8:ca:69:21:63:ff:11:24:93:71:37:eb:a5:9f:34: 2e:9c:c6:b6:05:48:ea:56:30:e4:9f:f7:97:3c:6d:50:cd:2c: f7:f1:f5:94:f8:d5:da:4f:ec:02:6f:cd:50:f9:d0:5b:52:13: fe:f4:7b:5a:39:a3:74:d2:95:1a:e9:10:78:a1:4a:5b:96:86: e9:c2:0f:d4 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUcnjcklZwKmQOKNPgYHAoJZWyX/cwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUyMjE3MDMxN1oX DTI2MDgyMDIzNTk1OVowejFJMEcGA1UEBRNAOTRmZjA0YzliNGE3ODI2NDExMzJh MzljN2ZiOTliZTY5NjRlZTg2ZTk3YzM1YzNkMDYzM2JlNjkxNDY5MDFlZDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16QE4ZETU9vv8Q+BkIkHEFplL1tZ VfjZbuMRea4Cgell4uZlBVFVzafIXppQTfnt8+2JOjhfPL5SRUF2OSnrij5C8aqP UjqW5HD52vAejutJnBKAxYlqKnZ+vIBABhhzshQU8PMJRpkBu9BB5+A/4bHSaDEi BjRdaHW4/sdaSH1DBtAavG3fjGXf50D7rWbjz0+flkoxti815kSxGQSwmkCYNS1J 8FqqRyXjsaH6T8a38WxhmZgLC9TAP7TfOH9U+9yER7qsC9NcjwwZAu7IDGD+esGX Q/KRu2H+Tt7Tr+14KhpKsjTXL/WRGiIkeGRFeSAl2awLSJEA1oXkyW2IpwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJubxgxXRWiMWzMm7YakS3GRnQl5MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2I1NmZjOTZiLTIxMzYtNDAxYy04NThmLTAyOGFkODg3OWJkZC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6MhAMA0GCSqGSIb3DQEBCwUAA4IBAQDC6iulkhUnYf42gceS llf4Z/lFlQFlswwjaGs1KaiBcjHlhFoR9+vR1Vr5B+/490xDehDMme5hX3RAte0f yDjE/V1p5OK045GFmHY102ZsqEFPDQG/VaLPaHk5eO5DHKxulAir9QVzuhDQvb5c uSYvoNjzsoKHbqaLbU0a5hmpS5lUz1BbDFteD92hy/+TXpgN0TFz1PRz42dg56Sy 1Hui2ZIGDRTCv258gJYirz6VzhDafisg4+j4ymkhY/8RJJNxN+ulnzQunMa2BUjq VjDkn/eXPG1QzSz38fWU+NXaT+wCb81Q+dBbUhP+9HtaOaN00pUa6RB4oUpblobp wg/U -----END CERTIFICATE-----Generated at Sun May 24 12:19:09 2026 by rpki-client