$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa File: 2720640e-9111-44dd-a0b8-a005f04956a0.roa (raw, json) Hash identifier: RJVkCDsrMa5Dn2DLEROSRhJXD5W2Gzdukwsq//igmN4= Subject key identifier: C1:FC:F4:87:A6:1C:55:9A:EF:9E:DF:5C:68:03:FF:6F:07:CE:3E:1C Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Certificate serial: 47B52464B74206C68748068D50A06217D9E9B875 Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa Signing time: Fri 15 May 2026 00:10:10 +0000 ROA not before: Fri 15 May 2026 00:10:10 +0000 ROA not after: Thu 13 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 240f:80a0:8000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 03 Jun 2026 00:03:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:b5:24:64:b7:42:06:c6:87:48:06:8d:50:a0:62:17:d9:e9:b8:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883 Validity Not Before: May 15 00:10:10 2026 GMT Not After : Aug 13 23:59:59 2026 GMT Subject: serialNumber=4173ffea1c36cdeefccb8cdac0e46ada03d66df39f2bf648e5af824ac4ed140d, CN=4257e925-715f-47a2-893e-0e3f97ec7e22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:60:4c:e0:4f:bc:c7:90:b3:18:17:c7:f8:34: 77:6e:4d:91:51:df:30:f1:74:8d:96:1f:e0:40:e3: c7:c3:d6:d8:a0:4b:d5:a5:e1:20:21:3e:c8:8b:5e: 48:6d:9a:4a:8f:f1:51:e6:9c:c5:70:7d:31:e0:cb: 40:97:b8:d4:40:93:9f:74:36:e1:f2:0a:5c:31:5c: 5a:36:a1:59:73:31:24:be:4f:05:39:4d:5d:5d:d5: 98:de:ad:d6:ce:2f:b5:5a:2b:d9:0d:bf:29:83:07: c4:da:1d:77:69:80:73:45:fe:b2:f7:3b:ea:f5:bb: 04:b3:6b:24:ff:72:8a:22:6d:13:c2:30:68:f6:ef: a0:ef:2f:b3:2c:49:20:21:9f:40:26:b5:22:3c:83: 40:59:0f:4e:0f:c4:97:a5:2e:54:55:0d:35:7d:f6: 79:cd:54:2e:2d:bb:1b:f7:3d:17:71:29:fb:de:ea: 9a:68:57:15:61:04:38:93:e1:79:29:81:fe:42:a9: 55:0e:38:1e:fb:b4:a5:ae:37:26:5d:09:2a:7c:8d: a1:75:60:14:34:f1:fb:b1:fc:8d:9c:bf:33:86:b1: 72:08:21:1d:8e:bc:ab:69:5d:07:e5:29:4e:32:37: 8c:42:a2:54:c7:1e:c1:4e:7b:04:9f:88:5c:4e:82: 9d:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:FC:F4:87:A6:1C:55:9A:EF:9E:DF:5C:68:03:FF:6F:07:CE:3E:1C X509v3 Authority Key Identifier: keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/2720640e-9111-44dd-a0b8-a005f04956a0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 240f:80a0:8000::/40 Signature Algorithm: sha256WithRSAEncryption 74:08:96:9d:e6:ed:45:a0:5d:2a:08:17:f0:2d:cb:35:93:94: ca:bb:db:82:36:0b:de:61:aa:d8:92:3f:70:f2:86:85:0a:81: 7a:6b:79:70:1c:2b:67:35:e1:d2:1d:3d:49:7f:a4:8f:a8:b8: 1e:18:f6:7c:e3:e2:eb:00:4c:e5:b9:d1:f1:87:01:a0:3a:c6: b1:7f:25:8f:1f:80:3a:30:1d:bf:d5:d7:72:95:5f:cc:6b:22: 3c:45:ba:fc:77:b8:57:2a:be:a9:21:0e:2b:24:26:a6:e2:85: da:f4:7f:ef:41:cd:99:fe:0d:7f:d5:4d:73:d1:09:f3:45:62: 69:82:ea:53:b7:10:f0:1c:9c:20:97:1c:65:84:05:30:f3:44: ce:56:14:4f:dd:db:fc:e2:54:1d:1f:e9:e8:e2:ca:f1:43:17: 59:3a:25:90:10:25:9e:d7:88:57:ef:ae:7f:e7:6d:0b:cf:12: 0a:7c:7c:93:03:56:36:25:69:db:3f:70:ee:81:f7:92:cf:d6: be:78:ea:41:f3:43:3c:cd:aa:ae:3f:06:8b:39:b5:a9:4c:d7: ac:a8:03:aa:60:d1:c3:7d:76:02:d0:1b:08:dd:29:d5:6d:ca: 0b:25:7f:1f:e5:f0:4b:d2:1e:0c:6b:f2:74:9b:e0:b3:d2:fd: 2e:0c:d2:01 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUR7UkZLdCBsaHSAaNUKBiF9npuHUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI2MDUxNTAwMTAxMFoX DTI2MDgxMzIzNTk1OVowejFJMEcGA1UEBRNANDE3M2ZmZWExYzM2Y2RlZWZjY2I4 Y2RhYzBlNDZhZGEwM2Q2NmRmMzlmMmJmNjQ4ZTVhZjgyNGFjNGVkMTQwZDEtMCsG A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmBM4E+8x5CzGBfH+DR3bk2RUd8w 8XSNlh/gQOPHw9bYoEvVpeEgIT7Ii15IbZpKj/FR5pzFcH0x4MtAl7jUQJOfdDbh 8gpcMVxaNqFZczEkvk8FOU1dXdWY3q3Wzi+1WivZDb8pgwfE2h13aYBzRf6y9zvq 9bsEs2sk/3KKIm0TwjBo9u+g7y+zLEkgIZ9AJrUiPINAWQ9OD8SXpS5UVQ01ffZ5 zVQuLbsb9z0XcSn73uqaaFcVYQQ4k+F5KYH+QqlVDjge+7SlrjcmXQkqfI2hdWAU NPH7sfyNnL8zhrFyCCEdjryraV0H5SlOMjeMQqJUxx7BTnsEn4hcToKdBwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFMH89IemHFWa757fXGgD/28Hzj4cMB8GA1UdIwQY MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2 LzI3MjA2NDBlLTkxMTEtNDRkZC1hMGI4LWEwMDVmMDQ5NTZhMC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJA+AoIAwDQYJKoZIhvcNAQELBQADggEBAHQIlp3m7UWgXSoIF/At yzWTlMq724I2C95hqtiSP3DyhoUKgXpreXAcK2c14dIdPUl/pI+ouB4Y9nzj4usA TOW50fGHAaA6xrF/JY8fgDowHb/V13KVX8xrIjxFuvx3uFcqvqkhDiskJqbihdr0 f+9BzZn+DX/VTXPRCfNFYmmC6lO3EPAcnCCXHGWEBTDzRM5WFE/d2/ziVB0f6eji yvFDF1k6JZAQJZ7XiFfvrn/nbQvPEgp8fJMDVjYlads/cO6B95LP1r546kHzQzzN qq4/Bos5talM16yoA6pg0cN9dgLQGwjdKdVtygslfx/l8EvSHgxr8nSb4LPS/S4M 0gE= -----END CERTIFICATE-----Generated at Sat May 30 14:09:48 2026 by rpki-client