$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa File: c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa (raw, json) Hash identifier: boMsB6m0tXlf5cEYATl81Y1PhDlDlwgP1NKoYJsEPT0= Subject key identifier: 90:BA:D1:55:6B:BA:20:C5:97:4C:37:AD:C9:D0:3F:98:64:9F:C7:A4 Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Certificate serial: 20ED0AF0506D53F95952FF7600656479C12CFCA5 Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa Signing time: Sat 16 May 2026 00:00:31 +0000 ROA not before: Sat 16 May 2026 00:00:31 +0000 ROA not after: Fri 14 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2400:6700::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/manifest.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 25 May 2026 00:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:ed:0a:f0:50:6d:53:f9:59:52:ff:76:00:65:64:79:c1:2c:fc:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509EC0000, serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC Validity Not Before: May 16 00:00:31 2026 GMT Not After : Aug 14 23:59:59 2026 GMT Subject: serialNumber=2dc7c39fd5c740798e2c0de5810f42c1bce0775c1ac4ed6695cb2dba2d4df1ff, CN=58810403-9ba0-403a-809b-c78252ab7f5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:c1:d4:48:d1:10:1c:f4:3e:c2:4a:0d:56:25: 24:e5:63:78:95:a1:60:3a:39:09:d3:1c:6f:12:f6: 33:fd:68:a2:9f:89:4d:ad:d8:23:ee:2d:dc:c0:b4: 05:78:e6:1e:fe:d3:8f:cb:b6:e7:ef:19:7b:f3:6c: 25:24:fa:1f:b8:c8:f4:c6:dd:0a:6c:53:af:36:86: 0c:81:e1:72:25:26:3c:4f:79:fb:de:7a:66:ea:c4: 1c:97:79:60:17:1c:d7:97:17:50:5a:fc:1b:e6:05: 22:c5:fb:2e:fc:35:ba:b1:db:fd:d8:29:1f:f7:ce: c8:59:b8:e5:6c:e4:c1:8f:72:59:3b:2b:bb:dd:aa: 84:b0:4d:07:f4:63:9c:a1:5c:18:57:7b:7a:cd:7c: c9:c6:32:42:44:7b:7f:3b:1d:b3:a6:75:dd:0c:c0: ba:5d:4b:38:fd:4a:59:cc:e2:62:e6:b8:9a:57:11: 34:33:e0:79:e1:30:6b:a1:bc:f2:f4:9e:8d:ee:e1: bf:ac:75:79:21:2e:c0:b7:36:b0:d9:69:c3:1e:6f: 7f:01:7c:a4:9e:56:fb:9d:6c:fb:1a:60:24:97:0d: 43:c5:ef:ae:1e:68:86:30:84:a5:24:f4:8b:60:3b: 33:d1:2b:dd:66:4e:d2:63:a7:61:f6:72:fa:28:00: b8:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:BA:D1:55:6B:BA:20:C5:97:4C:37:AD:C9:D0:3F:98:64:9F:C7:A4 X509v3 Authority Key Identifier: keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/c1564659-f3aa-4021-a7a5-8f4b1c2c4963.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2400:6700::/48 Signature Algorithm: sha256WithRSAEncryption a4:84:a7:1e:ac:74:20:55:58:f2:19:22:df:1e:7b:60:57:6b: e3:22:f4:ad:a7:3f:5a:5a:c5:11:10:56:52:18:8c:f0:4b:ac: 69:95:f1:fc:11:1b:c8:a0:bd:68:4e:4c:f2:77:12:67:a1:1a: 64:26:1f:1d:84:64:c9:7c:8b:78:89:f3:17:b0:a1:73:39:31: c9:f1:6e:f7:08:94:74:6a:08:fa:1c:a7:9a:39:40:fe:bf:fc: 4d:8a:09:a2:9a:a0:47:e9:d5:99:fb:39:26:18:3a:46:4a:73: fc:fe:6d:46:d6:ac:0c:21:ff:78:bb:2d:3d:a6:2e:2d:ea:51: bd:01:8d:46:1e:ca:df:e6:56:3e:bc:e4:b9:57:4f:5c:b6:88: 9a:5b:0b:f3:c7:79:0a:7b:bc:d0:27:3a:20:71:b9:8f:aa:23: 6e:e8:77:3b:c7:01:d2:4d:3d:8b:65:e8:80:48:ea:09:4e:8e: 0d:ca:cb:12:17:25:f3:c7:9b:9e:3c:ef:5e:26:f7:02:46:22: 28:39:22:f9:81:58:d7:20:93:9d:bd:b0:cd:5a:e7:0e:16:55: 8a:3a:ce:5f:f7:d5:b2:8d:6a:a4:cb:2e:f8:58:05:d0:06:d0: b6:e7:16:ae:2d:c8:d2:18:10:80:35:d1:82:6b:75:da:7c:43: 9a:25:ef:cc -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUIO0K8FBtU/lZUv92AGVkecEs/KUwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI2MDUxNjAwMDAzMVoX DTI2MDgxNDIzNTk1OVowejFJMEcGA1UEBRNAMmRjN2MzOWZkNWM3NDA3OThlMmMw ZGU1ODEwZjQyYzFiY2UwNzc1YzFhYzRlZDY2OTVjYjJkYmEyZDRkZjFmZjEtMCsG A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3MHUSNEQHPQ+wkoNViUk5WN4laFg OjkJ0xxvEvYz/Wiin4lNrdgj7i3cwLQFeOYe/tOPy7bn7xl782wlJPofuMj0xt0K bFOvNoYMgeFyJSY8T3n73npm6sQcl3lgFxzXlxdQWvwb5gUixfsu/DW6sdv92Ckf 987IWbjlbOTBj3JZOyu73aqEsE0H9GOcoVwYV3t6zXzJxjJCRHt/Ox2zpnXdDMC6 XUs4/UpZzOJi5riaVxE0M+B54TBrobzy9J6N7uG/rHV5IS7Atzaw2WnDHm9/AXyk nlb7nWz7GmAklw1Dxe+uHmiGMISlJPSLYDsz0SvdZk7SY6dh9nL6KAC4UwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFJC60VVruiDFl0w3rcnQP5hkn8ekMB8GA1UdIwQY MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5 L2MxNTY0NjU5LWYzYWEtNDAyMS1hN2E1LThmNGIxYzJjNDk2My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4 ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJABnAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCkhKcerHQgVVjyGSLf HntgV2vjIvStpz9aWsUREFZSGIzwS6xplfH8ERvIoL1oTkzydxJnoRpkJh8dhGTJ fIt4ifMXsKFzOTHJ8W73CJR0agj6HKeaOUD+v/xNigmimqBH6dWZ+zkmGDpGSnP8 /m1G1qwMIf94uy09pi4t6lG9AY1GHsrf5lY+vOS5V09ctoiaWwvzx3kKe7zQJzog cbmPqiNu6Hc7xwHSTT2LZeiASOoJTo4NyssSFyXzx5uePO9eJvcCRiIoOSL5gVjX IJOdvbDNWucOFlWKOs5f99WyjWqkyy74WAXQBtC25xauLcjSGBCANdGCa3XafEOa Je/M -----END CERTIFICATE-----Generated at Thu May 21 11:14:16 2026 by rpki-client