$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ddf1fd51-2931-44db-98dc-55d53e796595.roa File: ddf1fd51-2931-44db-98dc-55d53e796595.roa (raw, json) Hash identifier: 4Uwjbi6ysDs8ddPez6keDaDhFB2FJiGUyBNphJqtqis= Subject key identifier: 32:11:FC:32:1C:D1:40:6A:04:8C:F0:10:33:A3:FB:82:28:BB:AA:10 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 0778089E063825B5F3401340B6ACF513271A1D4B Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ddf1fd51-2931-44db-98dc-55d53e796595.roa Signing time: Fri 22 May 2026 17:01:30 +0000 ROA not before: Fri 22 May 2026 17:01:30 +0000 ROA not after: Thu 20 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dae8:8080::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 May 2026 17:17:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:78:08:9e:06:38:25:b5:f3:40:13:40:b6:ac:f5:13:27:1a:1d:4b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 22 17:01:30 2026 GMT Not After : Aug 20 23:59:59 2026 GMT Subject: serialNumber=ed4def28410572fcd2d417dda53322bed56c7fa8c59407195492e016485f6d7b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:78:6e:7c:74:18:98:40:44:db:b6:74:22:fb: 08:66:b0:8a:df:b6:00:25:c8:76:7b:58:70:d1:f6: be:8c:7e:4d:28:1d:c4:c2:17:8b:48:af:3f:1b:10: 61:c9:06:88:40:a8:35:a1:b5:a8:8b:93:67:51:06: 0e:cc:8a:f1:7e:ad:b6:44:57:25:c5:af:eb:96:79: 7b:fa:48:fc:6e:54:d0:fd:ab:e6:af:1c:96:8a:ad: 36:16:b7:f1:a8:99:e5:12:96:98:a3:f9:de:8b:84: 4d:ba:22:b8:04:8d:a4:9d:a1:5d:59:79:46:f9:dd: d7:e3:96:7c:7e:0a:8d:83:c9:50:17:bb:01:ea:23: ab:74:df:ed:88:0a:99:20:50:85:ce:f3:38:b0:28: a3:f7:78:18:fb:24:fe:bb:b6:c1:e6:33:3b:54:a2: f8:ec:19:4b:c7:87:05:d5:17:a1:a0:20:bf:03:d2: c9:5c:0c:bb:f2:5d:d1:21:27:50:86:75:a7:62:64: 11:f8:8b:a7:3a:97:8d:04:81:43:95:ff:e0:78:92: 6e:a3:69:bc:df:ce:27:c4:f6:a7:35:31:02:40:ad: a8:2c:5f:ab:59:c7:b2:c6:e6:dc:cf:58:cc:63:21: db:56:53:65:72:2a:d7:1c:30:25:07:7c:b3:e8:6c: 40:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:11:FC:32:1C:D1:40:6A:04:8C:F0:10:33:A3:FB:82:28:BB:AA:10 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ddf1fd51-2931-44db-98dc-55d53e796595.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dae8:8080::/48 Signature Algorithm: sha256WithRSAEncryption 70:fd:90:8b:d6:0d:43:10:8e:27:53:c6:65:d6:3f:73:fe:46: 7f:39:ba:de:27:55:b6:d2:b4:12:43:4d:3f:5d:2c:ba:d3:e9: 11:54:ff:b3:e1:a8:ea:ac:91:95:4b:4c:23:3b:b0:40:22:e2: d6:e7:e1:6f:dc:48:68:33:b5:ee:95:3f:1a:e5:f4:3e:84:2b: 5e:8a:01:9d:ca:19:c3:f8:83:14:e3:52:b0:c8:86:f4:71:ae: e4:3c:c0:e5:36:79:69:9a:c8:dc:f6:1f:b1:44:22:37:a3:17: c4:32:e5:32:da:45:cd:19:6f:51:0a:d3:5e:39:7e:5e:29:ee: d5:2d:ce:72:74:a3:3c:dd:54:e0:2e:66:a3:12:ac:01:2f:3f: a3:bb:e7:1b:70:e2:b2:8a:ad:ad:ca:75:f6:84:35:7a:6d:bf: c0:aa:f2:c1:18:3a:19:b9:63:7c:31:54:04:94:9f:7d:d6:a1: 66:23:1d:33:77:52:bc:04:25:6b:ff:80:d5:fb:a0:ed:c7:ea: d2:de:e7:1d:b5:b5:7e:a7:8b:05:c1:63:61:2b:0e:df:18:6f: 3e:79:16:a4:82:bd:e9:a4:91:e0:45:80:91:fc:10:2e:3c:4c: 2e:46:63:6a:22:e4:d5:35:3d:c4:f2:58:c3:01:2e:76:ac:41: 0f:1c:d8:8d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUB3gIngY4JbXzQBNAtqz1EycaHUswDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUyMjE3MDEzMFoX DTI2MDgyMDIzNTk1OVowejFJMEcGA1UEBRNAZWQ0ZGVmMjg0MTA1NzJmY2QyZDQx N2RkYTUzMzIyYmVkNTZjN2ZhOGM1OTQwNzE5NTQ5MmUwMTY0ODVmNmQ3YjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HhufHQYmEBE27Z0IvsIZrCK37YA Jch2e1hw0fa+jH5NKB3EwheLSK8/GxBhyQaIQKg1obWoi5NnUQYOzIrxfq22RFcl xa/rlnl7+kj8blTQ/avmrxyWiq02FrfxqJnlEpaYo/nei4RNuiK4BI2knaFdWXlG +d3X45Z8fgqNg8lQF7sB6iOrdN/tiAqZIFCFzvM4sCij93gY+yT+u7bB5jM7VKL4 7BlLx4cF1RehoCC/A9LJXAy78l3RISdQhnWnYmQR+IunOpeNBIFDlf/geJJuo2m8 384nxPanNTECQK2oLF+rWceyxubcz1jMYyHbVlNlcirXHDAlB3yz6GxAfQIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFDIR/DIc0UBqBIzwEDOj+4Iou6oQMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2RkZjFmZDUxLTI5MzEtNDRkYi05OGRjLTU1ZDUzZTc5NjU5NS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6ICAMA0GCSqGSIb3DQEBCwUAA4IBAQBw/ZCL1g1DEI4nU8Zl 1j9z/kZ/ObreJ1W20rQSQ00/XSy60+kRVP+z4ajqrJGVS0wjO7BAIuLW5+Fv3Eho M7XulT8a5fQ+hCteigGdyhnD+IMU41KwyIb0ca7kPMDlNnlpmsjc9h+xRCI3oxfE MuUy2kXNGW9RCtNeOX5eKe7VLc5ydKM83VTgLmajEqwBLz+ju+cbcOKyiq2tynX2 hDV6bb/AqvLBGDoZuWN8MVQElJ991qFmIx0zd1K8BCVr/4DV+6Dtx+rS3ucdtbV+ p4sFwWNhKw7fGG8+eRakgr3ppJHgRYCR/BAuPEwuRmNqIuTVNT3E8ljDAS52rEEP HNiN -----END CERTIFICATE-----Generated at Sun May 24 12:19:42 2026 by rpki-client