$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bcf07491-4148-4ad5-82e1-58df8b2e226c.roa File: bcf07491-4148-4ad5-82e1-58df8b2e226c.roa (raw, json) Hash identifier: mY4tWQpbyRRtaG142C7HKBYG4dLjr/4m2tkLtyZyX4M= Subject key identifier: 7B:50:77:7A:FF:06:E9:8E:89:42:03:B9:F8:C4:2E:C9:1C:3E:E0:87 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 424332A8A32CF438DA30031BE521BB745AA2A60C Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bcf07491-4148-4ad5-82e1-58df8b2e226c.roa Signing time: Sat 02 May 2026 00:11:04 +0000 ROA not before: Sat 02 May 2026 00:11:04 +0000 ROA not after: Fri 31 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daea:40c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 07 May 2026 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:43:32:a8:a3:2c:f4:38:da:30:03:1b:e5:21:bb:74:5a:a2:a6:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 2 00:11:04 2026 GMT Not After : Jul 31 23:59:59 2026 GMT Subject: serialNumber=77699cf1f5066d0c4cfc6b9d8a4aea0e5a58c9265802c979d00abaaf9ace1eb3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:0b:40:fa:c9:b3:1a:7a:26:c3:5b:18:36:69: 13:cc:15:46:39:b3:3e:6b:07:f4:d8:89:14:2a:8c: 9e:b2:6d:ea:d6:2a:fc:ff:03:e6:cb:ae:70:57:7c: 2e:25:5f:b6:14:be:b0:0b:90:77:a7:44:48:af:e1: 70:f3:54:d4:9e:ba:e0:7b:d7:00:b8:99:38:6c:e4: 7e:b3:ff:74:a5:ad:0c:df:8b:d8:d5:91:1a:38:aa: f5:95:53:18:65:c3:0f:f6:ce:f7:38:f0:09:96:e7: a2:11:ed:a8:2f:33:af:e2:95:c9:0e:42:c9:69:86: 70:50:a8:38:47:cc:20:67:b2:4f:ff:51:6d:01:cd: 2d:68:36:11:e2:51:5e:29:7f:63:b5:c4:89:9a:7d: 7a:5d:6d:9c:7d:89:a7:95:c5:b6:cd:e6:45:42:4f: 10:04:c1:de:7b:ad:e2:87:ba:fb:49:3c:25:5a:06: 82:db:91:26:3e:4f:16:79:65:8a:69:9f:cb:8d:eb: 99:22:40:b0:af:b0:55:3b:c8:de:4d:59:03:de:3e: 7f:73:a8:af:9d:86:3c:0e:ae:79:9c:d9:e1:3f:4c: b7:d6:a7:02:71:3f:1d:05:8a:4e:a6:04:ab:a3:1b: ba:2f:6a:48:d9:88:42:c7:71:c7:8e:52:f4:8a:53: f2:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:50:77:7A:FF:06:E9:8E:89:42:03:B9:F8:C4:2E:C9:1C:3E:E0:87 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bcf07491-4148-4ad5-82e1-58df8b2e226c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daea:40c0::/48 Signature Algorithm: sha256WithRSAEncryption 35:fb:f8:65:c4:a9:46:a7:13:54:f5:2a:3f:68:5a:6a:d5:7c: ce:2a:d6:48:aa:9e:1e:53:fc:d1:a8:61:b1:77:bf:fc:82:3c: 49:c1:9f:65:e5:4f:90:39:d5:78:80:8b:2e:2f:f1:17:06:2c: 2d:88:da:9c:6d:00:d0:ab:96:a3:e0:39:d9:37:6c:b8:34:5a: 50:28:4e:f0:f3:8d:3f:e2:30:6d:00:3a:46:c6:a9:16:d2:8c: 90:dc:be:17:b5:c3:78:ef:a1:b1:5b:c2:da:66:6f:ba:df:c7: ba:53:ef:a6:0c:af:1a:63:b6:98:7d:65:1d:b8:f2:09:05:00: 03:84:79:20:67:cf:39:79:29:93:15:d7:23:bb:77:e3:39:13: 67:b0:b7:69:27:42:77:09:87:97:d2:c0:6e:e6:0b:17:ab:68: ee:1a:5c:f8:f1:d8:12:42:ac:7a:67:9b:80:91:1a:41:d2:bc: 1a:31:c2:62:a4:8c:e4:5b:61:75:1c:76:63:7b:05:6b:ab:b1: ac:3e:60:a8:4f:cc:33:07:85:af:d3:a2:4a:ee:b2:79:be:84: 6e:75:23:fc:ff:73:ed:18:cb:c7:22:4b:e0:40:69:4d:0c:37: ee:60:c7:a1:0a:35:23:af:5d:c0:ba:f0:e1:63:e1:ff:73:28: 74:75:0c:fb -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUQkMyqKMs9DjaMAMb5SG7dFqipgwwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwMjAwMTEwNFoX DTI2MDczMTIzNTk1OVowejFJMEcGA1UEBRNANzc2OTljZjFmNTA2NmQwYzRjZmM2 YjlkOGE0YWVhMGU1YTU4YzkyNjU4MDJjOTc5ZDAwYWJhYWY5YWNlMWViMzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5gtA+smzGnomw1sYNmkTzBVGObM+ awf02IkUKoyesm3q1ir8/wPmy65wV3wuJV+2FL6wC5B3p0RIr+Fw81TUnrrge9cA uJk4bOR+s/90pa0M34vY1ZEaOKr1lVMYZcMP9s73OPAJlueiEe2oLzOv4pXJDkLJ aYZwUKg4R8wgZ7JP/1FtAc0taDYR4lFeKX9jtcSJmn16XW2cfYmnlcW2zeZFQk8Q BMHee63ih7r7STwlWgaC25EmPk8WeWWKaZ/LjeuZIkCwr7BVO8jeTVkD3j5/c6iv nYY8Dq55nNnhP0y31qcCcT8dBYpOpgSroxu6L2pI2YhCx3HHjlL0ilPyMwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFHtQd3r/BumOiUIDufjELskcPuCHMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2JjZjA3NDkxLTQxNDgtNGFkNS04MmUxLTU4ZGY4YjJlMjI2Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6kDAMA0GCSqGSIb3DQEBCwUAA4IBAQA1+/hlxKlGpxNU9So/ aFpq1XzOKtZIqp4eU/zRqGGxd7/8gjxJwZ9l5U+QOdV4gIsuL/EXBiwtiNqcbQDQ q5aj4DnZN2y4NFpQKE7w840/4jBtADpGxqkW0oyQ3L4XtcN476GxW8LaZm+638e6 U++mDK8aY7aYfWUduPIJBQADhHkgZ885eSmTFdcju3fjORNnsLdpJ0J3CYeX0sBu 5gsXq2juGlz48dgSQqx6Z5uAkRpB0rwaMcJipIzkW2F1HHZjewVrq7GsPmCoT8wz B4Wv06JK7rJ5voRudSP8/3PtGMvHIkvgQGlNDDfuYMehCjUjr13AuvDhY+H/cyh0 dQz7 -----END CERTIFICATE-----Generated at Sun May 3 16:52:48 2026 by rpki-client