$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e2dd8ffd-5ddf-4d66-8796-87f096579505.roa File: e2dd8ffd-5ddf-4d66-8796-87f096579505.roa (raw, json) Hash identifier: FRWDnGSJRyec8D6Ly44XhBp3rzI22WV3GEWdj/u1pm8= Subject key identifier: A4:1F:F1:94:A9:A3:80:38:3B:C8:31:11:A4:5C:0C:DE:92:31:A8:B5 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 253756014E1F44DC43264BE8CAD5295330E44BC8 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e2dd8ffd-5ddf-4d66-8796-87f096579505.roa Signing time: Wed 29 Apr 2026 00:00:05 +0000 ROA not before: Wed 29 Apr 2026 00:00:05 +0000 ROA not after: Tue 28 Jul 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da30::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 07 May 2026 00:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:37:56:01:4e:1f:44:dc:43:26:4b:e8:ca:d5:29:53:30:e4:4b:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: Apr 29 00:00:05 2026 GMT Not After : Jul 28 23:59:59 2026 GMT Subject: serialNumber=595a31d826e307df9b13b3bfa6a4d93793b4982ce5c1c677f3e3d224641a6548, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:2e:8a:86:a9:3d:b3:bb:72:af:0c:65:3c:6c: 40:72:fc:53:bd:60:6d:9d:71:14:fb:f9:a2:fd:00: 1a:f9:7c:c0:99:80:19:6a:78:8f:83:eb:90:1d:2d: 50:33:9d:ad:7f:47:a8:c9:cd:66:47:76:d6:d2:c7: c7:7d:02:03:27:74:7f:07:89:eb:dd:0a:c9:4e:14: 05:00:a3:dc:d0:fd:93:e1:3d:0c:01:83:1b:af:c1: 68:dc:40:1b:91:a3:d9:a3:0f:09:a7:0a:87:e9:4e: 53:79:86:03:74:cc:13:cd:ff:73:0f:b9:dc:ba:cb: e8:d9:5e:36:26:17:b6:46:36:49:60:22:a4:d8:b2: 8a:a2:8e:78:9e:8c:82:dc:d0:49:dd:45:ae:91:86: 22:3e:d4:73:eb:a0:9f:ac:70:24:97:7d:3f:f9:80: 4f:65:15:98:a7:8d:ea:f2:9a:76:51:09:aa:fd:bd: 7c:9c:56:15:b1:47:30:9b:e7:33:13:d8:80:25:75: b2:56:3c:8b:f7:58:15:2c:e0:f3:e7:92:ec:d2:30: d9:bf:37:4e:8d:33:34:07:90:b0:9f:8a:47:ca:00: 93:41:94:f6:2b:4a:65:5a:2b:45:ce:c8:14:b9:bc: d9:f0:1f:16:c3:c5:44:e3:35:e0:ca:37:c1:d4:5f: 3d:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:1F:F1:94:A9:A3:80:38:3B:C8:31:11:A4:5C:0C:DE:92:31:A8:B5 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e2dd8ffd-5ddf-4d66-8796-87f096579505.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da30::/32 Signature Algorithm: sha256WithRSAEncryption ad:3f:a7:f6:d3:c0:b6:70:f9:9a:b0:79:1d:78:92:ef:78:96: 6c:be:86:43:25:2c:8b:e2:6a:5e:39:58:14:4c:66:53:8c:9c: 68:9b:89:f0:1f:d1:c2:73:ce:74:60:f7:69:52:b4:3e:bc:ad: d2:0a:92:c2:a9:59:68:60:d3:da:3f:3f:a8:af:d0:88:6a:1b: bf:43:d8:7f:c2:00:c5:da:2e:5c:7f:ba:f2:da:3e:27:82:28: 50:83:61:74:16:f2:79:34:6c:1d:5f:86:68:b4:a8:07:1c:83: 9e:17:28:04:a7:61:eb:47:06:5c:d1:cc:1d:34:26:93:08:52: 8c:88:21:f2:fa:f1:bb:43:d9:3a:3d:ea:6f:0f:8f:98:86:9d: 2e:ad:0b:ca:f8:d5:21:e1:db:98:96:65:10:de:48:45:76:da: 2a:62:0d:b9:8a:89:c7:c7:27:18:d4:b7:32:28:63:e0:0f:ec: c0:f3:27:cf:f9:d8:6d:23:eb:83:6a:11:b0:f3:c1:1c:21:45: c1:84:a2:e6:44:bc:79:0d:cc:a9:b8:37:91:c0:bb:cf:94:1a: 2e:ec:ef:5f:86:6b:6c:47:f7:50:38:ff:ba:6e:c8:57:54:c6: b0:c0:e5:95:f1:6a:01:c4:5c:e1:76:cf:66:54:8a:80:b3:44: f2:f0:5b:37 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUJTdWAU4fRNxDJkvoytUpUzDkS8gwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDQyOTAwMDAwNVoX DTI2MDcyODIzNTk1OVowejFJMEcGA1UEBRNANTk1YTMxZDgyNmUzMDdkZjliMTNi M2JmYTZhNGQ5Mzc5M2I0OTgyY2U1YzFjNjc3ZjNlM2QyMjQ2NDFhNjU0ODEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvS6Khqk9s7tyrwxlPGxAcvxTvWBt nXEU+/mi/QAa+XzAmYAZaniPg+uQHS1QM52tf0eoyc1mR3bW0sfHfQIDJ3R/B4nr 3QrJThQFAKPc0P2T4T0MAYMbr8Fo3EAbkaPZow8JpwqH6U5TeYYDdMwTzf9zD7nc usvo2V42Jhe2RjZJYCKk2LKKoo54noyC3NBJ3UWukYYiPtRz66CfrHAkl30/+YBP ZRWYp43q8pp2UQmq/b18nFYVsUcwm+czE9iAJXWyVjyL91gVLODz55Ls0jDZvzdO jTM0B5Cwn4pHygCTQZT2K0plWitFzsgUubzZ8B8Ww8VE4zXgyjfB1F89uQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFKQf8ZSpo4A4O8gxEaRcDN6SMai1MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2UyZGQ4ZmZkLTVkZGYtNGQ2Ni04Nzk2LTg3ZjA5NjU3OTUwNS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAbaMDANBgkqhkiG9w0BAQsFAAOCAQEArT+n9tPAtnD5mrB5HXiS 73iWbL6GQyUsi+JqXjlYFExmU4ycaJuJ8B/RwnPOdGD3aVK0Pryt0gqSwqlZaGDT 2j8/qK/QiGobv0PYf8IAxdouXH+68to+J4IoUINhdBbyeTRsHV+GaLSoBxyDnhco BKdh60cGXNHMHTQmkwhSjIgh8vrxu0PZOj3qbw+PmIadLq0LyvjVIeHbmJZlEN5I RXbaKmINuYqJx8cnGNS3Mihj4A/swPMnz/nYbSPrg2oRsPPBHCFFwYSi5kS8eQ3M qbg3kcC7z5QaLuzvX4ZrbEf3UDj/um7IV1TGsMDllfFqAcRc4XbPZlSKgLNE8vBb Nw== -----END CERTIFICATE-----Generated at Sun May 3 14:48:02 2026 by rpki-client