$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f845fb69-5b9c-4039-ab60-6f8a5044ece9.roa File: f845fb69-5b9c-4039-ab60-6f8a5044ece9.roa (raw, json) Hash identifier: h0FpXrnzliKhpheB/tm+51cT+Zi9m3Y3EkIXY9C+ntE= Subject key identifier: 63:0D:F0:9B:BB:DE:55:99:F9:E0:BF:1C:82:D7:05:93:6D:CB:B3:B3 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 123B49158A4E3FFFA6EEB3546B261DEAB49C4E2E Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f845fb69-5b9c-4039-ab60-6f8a5044ece9.roa Signing time: Fri 22 May 2026 17:03:15 +0000 ROA not before: Fri 22 May 2026 17:03:15 +0000 ROA not after: Thu 20 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:dae8:b0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 May 2026 17:17:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:3b:49:15:8a:4e:3f:ff:a6:ee:b3:54:6b:26:1d:ea:b4:9c:4e:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 22 17:03:15 2026 GMT Not After : Aug 20 23:59:59 2026 GMT Subject: serialNumber=c48dab3a4a45c560a1f4af0934f2b4cebeec1ac11794fc1c5ad417f74ca68889, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:68:3c:3d:d1:8d:39:b6:2a:dc:c0:8c:65:b4: b5:cc:ad:6c:50:c6:c6:7f:3e:54:70:e8:cc:a6:8e: bd:b5:04:67:ea:f7:0b:7d:72:22:98:7e:c3:1e:dc: 9d:19:ba:31:9a:2d:be:6e:12:94:94:ab:00:b1:eb: 88:01:a2:85:bb:37:2b:84:94:c0:ce:e2:4a:39:df: 20:49:52:e4:96:36:4a:09:b1:7d:68:55:21:65:16: 52:fa:12:45:a4:e3:3d:1c:59:e8:5f:45:75:09:a0: ef:39:76:76:98:7b:34:1f:7a:61:ae:48:05:4e:09: a6:ec:79:28:f0:77:cb:e1:94:9c:b1:60:75:0f:0e: cb:4f:ae:ca:47:50:ea:b9:c0:75:56:11:ed:61:27: c9:87:79:96:3d:a6:fc:1b:60:f1:5a:27:69:a8:df: cb:56:fd:ac:c0:cc:23:73:31:61:5b:84:6d:1e:eb: 16:08:db:d6:96:d6:af:37:35:5e:e9:31:e4:7d:07: e7:83:83:39:7d:7a:8c:52:c9:45:6b:1f:4a:8e:51: 24:57:83:bf:f2:b4:47:30:3c:07:ad:92:ef:70:e6: b8:10:25:ed:9c:25:8d:8c:fa:54:71:f1:31:c3:c4: a6:e4:bf:17:50:c7:fd:b8:2a:25:7e:f6:9c:da:4e: 36:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:0D:F0:9B:BB:DE:55:99:F9:E0:BF:1C:82:D7:05:93:6D:CB:B3:B3 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f845fb69-5b9c-4039-ab60-6f8a5044ece9.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:dae8:b0c0::/48 Signature Algorithm: sha256WithRSAEncryption 53:17:1c:2f:67:e7:d8:76:ec:96:c5:4e:bd:ba:3c:ef:92:61: 04:02:0f:94:5f:1b:d7:3d:e9:a8:f2:ad:d7:ad:81:77:84:16: 00:e6:06:89:9b:7a:7f:34:cf:08:10:23:24:77:07:ca:02:f9: 63:44:70:a0:3a:9f:e5:f3:04:a8:95:63:97:53:52:7d:af:34: 9b:fc:96:66:87:e2:a2:17:87:d7:44:1f:41:48:33:9a:60:8a: 7e:5e:c8:ab:94:35:4f:41:0b:95:26:74:38:0e:ca:15:46:1f: 9b:5f:b0:ce:f0:bf:96:bf:87:14:43:24:86:61:14:07:ce:99: 8f:5b:33:d5:93:49:ac:f8:30:1d:80:33:6d:62:45:30:62:c5: 7f:9a:88:70:10:5a:00:34:f0:77:0e:27:2d:48:32:4a:9b:85: 23:ec:01:d0:3d:91:96:1a:94:ff:c7:18:fc:c6:0b:b3:b2:57: cd:65:d7:73:20:28:8a:26:e8:2c:36:60:9f:7d:5d:37:2d:7c: 61:ec:1b:af:de:f6:16:9f:b2:95:35:57:06:45:58:4f:ca:42: 42:1e:77:67:f6:09:e7:5a:84:62:d4:32:92:77:11:6f:43:b5: 8f:1d:dc:89:93:e4:9e:84:09:47:c6:92:6d:d9:63:c2:35:20: b2:23:e0:04 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUEjtJFYpOP/+m7rNUayYd6rScTi4wDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUyMjE3MDMxNVoX DTI2MDgyMDIzNTk1OVowejFJMEcGA1UEBRNAYzQ4ZGFiM2E0YTQ1YzU2MGExZjRh ZjA5MzRmMmI0Y2ViZWVjMWFjMTE3OTRmYzFjNWFkNDE3Zjc0Y2E2ODg4OTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6mg8PdGNObYq3MCMZbS1zK1sUMbG fz5UcOjMpo69tQRn6vcLfXIimH7DHtydGboxmi2+bhKUlKsAseuIAaKFuzcrhJTA zuJKOd8gSVLkljZKCbF9aFUhZRZS+hJFpOM9HFnoX0V1CaDvOXZ2mHs0H3phrkgF Tgmm7Hko8HfL4ZScsWB1Dw7LT67KR1DqucB1VhHtYSfJh3mWPab8G2DxWidpqN/L Vv2swMwjczFhW4RtHusWCNvWltavNzVe6THkfQfng4M5fXqMUslFax9KjlEkV4O/ 8rRHMDwHrZLvcOa4ECXtnCWNjPpUcfExw8Sm5L8XUMf9uColfvac2k42swIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFGMN8Ju73lWZ+eC/HILXBZNty7OzMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2Y4NDVmYjY5LTViOWMtNDAzOS1hYjYwLTZmOGE1MDQ0ZWNlOS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba6LDAMA0GCSqGSIb3DQEBCwUAA4IBAQBTFxwvZ+fYduyWxU69 ujzvkmEEAg+UXxvXPemo8q3XrYF3hBYA5gaJm3p/NM8IECMkdwfKAvljRHCgOp/l 8wSolWOXU1J9rzSb/JZmh+KiF4fXRB9BSDOaYIp+XsirlDVPQQuVJnQ4DsoVRh+b X7DO8L+Wv4cUQySGYRQHzpmPWzPVk0ms+DAdgDNtYkUwYsV/mohwEFoANPB3Dict SDJKm4Uj7AHQPZGWGpT/xxj8xguzslfNZddzICiKJugsNmCffV03LXxh7Buv3vYW n7KVNVcGRVhPykJCHndn9gnnWoRi1DKSdxFvQ7WPHdyJk+SehAlHxpJt2WPCNSCy I+AE -----END CERTIFICATE-----Generated at Sun May 24 12:19:08 2026 by rpki-client