$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1633925d-77e5-4142-aee7-593dea039740.roa File: 1633925d-77e5-4142-aee7-593dea039740.roa (raw, json) Hash identifier: etTTMDB7gKub28KpCzaeBHNSN/8BEO84MMyoC3ZowUA= Subject key identifier: 10:0F:1D:66:C7:C4:85:57:BA:E5:00:75:FB:E2:C0:68:FA:F6:54:6C Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 08E9456313BAA8D4A2217C336D7386EA4EFF69F6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1633925d-77e5-4142-aee7-593dea039740.roa Signing time: Fri 08 May 2026 00:01:02 +0000 ROA not before: Fri 08 May 2026 00:01:02 +0000 ROA not after: Thu 06 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf6:f000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:e9:45:63:13:ba:a8:d4:a2:21:7c:33:6d:73:86:ea:4e:ff:69:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 8 00:01:02 2026 GMT Not After : Aug 6 23:59:59 2026 GMT Subject: serialNumber=717fc842d2b8376ba2563324febe561ee06cbc0eb9e0648e2773f015976fa5a0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:4d:10:53:ff:df:7c:9f:82:a4:16:a1:8b:2e: 6e:3a:dd:d4:28:3e:41:e4:c2:c0:ff:47:6c:79:5e: f5:34:60:15:a5:97:b6:83:d2:ca:52:d8:60:66:aa: 7a:fc:01:36:d8:77:6e:dc:0b:74:f4:ae:38:40:cc: cc:5a:18:fb:07:df:39:48:4d:a2:17:d8:0f:be:ff: bd:96:8f:56:f8:3a:92:49:7c:2b:7e:82:30:90:e7: 2d:7f:aa:b3:3e:d0:56:37:8d:76:12:c4:d2:f8:5b: cc:05:a6:fa:27:52:97:cf:fa:61:39:51:52:f4:b7: 51:f2:d1:8d:8d:e8:be:14:b0:f0:bf:3f:5d:e0:35: 4e:e1:e9:c2:fb:ed:24:f3:b6:95:40:d4:9b:5b:3a: 4a:b1:29:ae:b1:00:86:f4:14:cc:b2:b0:bd:34:14: b0:f0:67:b2:73:9b:1a:1a:5a:ff:33:39:a2:f8:d8: cd:f1:27:b2:78:d9:a1:66:e5:a4:b2:4c:b9:f8:dc: 4e:1c:a6:28:b1:a0:5b:3c:48:28:ed:83:01:6b:2f: 6c:0a:3c:4b:6c:e1:0b:94:ae:3b:63:57:ba:08:ea: 1a:30:4f:17:1e:8c:f8:14:4b:4a:4c:7d:93:9c:f2: 75:69:bf:a5:69:8e:80:e1:f4:82:e6:da:b2:b2:d3: ca:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:0F:1D:66:C7:C4:85:57:BA:E5:00:75:FB:E2:C0:68:FA:F6:54:6C X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1633925d-77e5-4142-aee7-593dea039740.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf6:f000::/40 Signature Algorithm: sha256WithRSAEncryption 93:cf:eb:5a:d4:48:55:e9:b1:45:36:03:2a:4b:af:fd:6b:6f: f3:f8:11:fc:b6:49:ce:f0:c8:13:94:71:95:17:7a:73:43:bb: 71:e3:1a:6e:9f:58:6f:43:1e:ce:a0:33:a1:e5:fb:8e:0a:2a: c2:fc:a4:58:48:0b:09:a8:14:85:f0:d9:c4:17:b2:5a:6b:31: 80:25:cf:e2:b5:cb:c8:c2:b1:0d:b0:5f:bf:ef:57:5b:1d:88: 7c:28:7e:7a:e0:d8:6d:03:50:2a:ba:d4:b5:5e:f2:ac:f0:14: 70:c5:7a:76:46:1f:86:25:92:83:83:40:d8:d5:93:a9:d9:fe: 78:bb:51:0c:22:07:fe:9e:0e:38:4e:e0:eb:02:a5:e6:be:07: 2c:be:ea:29:cb:76:a4:0e:89:62:d6:36:2c:1b:0e:22:22:2f: ea:79:ed:c5:8c:20:93:6e:eb:f3:c3:cb:48:58:6c:d9:b5:25: 1a:57:11:8b:ad:ed:c9:f7:f1:68:b3:25:97:76:46:c0:31:d1: 79:9a:a7:07:fe:fd:86:14:52:5f:f9:cd:04:68:8a:d6:72:7a: a2:4e:87:4c:4e:58:7b:06:79:09:9b:c1:8b:3f:c1:53:95:88: 2f:0a:10:3b:50:96:6c:62:ed:78:9e:be:35:98:70:f4:19:01: b7:4b:ab:f9 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUCOlFYxO6qNSiIXwzbXOG6k7/afYwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwODAwMDEwMloX DTI2MDgwNjIzNTk1OVowejFJMEcGA1UEBRNANzE3ZmM4NDJkMmI4Mzc2YmEyNTYz MzI0ZmViZTU2MWVlMDZjYmMwZWI5ZTA2NDhlMjc3M2YwMTU5NzZmYTVhMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtk0QU//ffJ+CpBahiy5uOt3UKD5B 5MLA/0dseV71NGAVpZe2g9LKUthgZqp6/AE22Hdu3At09K44QMzMWhj7B985SE2i F9gPvv+9lo9W+DqSSXwrfoIwkOctf6qzPtBWN412EsTS+FvMBab6J1KXz/phOVFS 9LdR8tGNjei+FLDwvz9d4DVO4enC++0k87aVQNSbWzpKsSmusQCG9BTMsrC9NBSw 8Geyc5saGlr/Mzmi+NjN8SeyeNmhZuWksky5+NxOHKYosaBbPEgo7YMBay9sCjxL bOELlK47Y1e6COoaME8XHoz4FEtKTH2TnPJ1ab+laY6A4fSC5tqystPKCQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFBAPHWbHxIVXuuUAdfviwGj69lRsMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzE2MzM5MjVkLTc3ZTUtNDE0Mi1hZWU3LTU5M2RlYTAzOTc0MC5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9vAwDQYJKoZIhvcNAQELBQADggEBAJPP61rUSFXpsUU2AypL r/1rb/P4Efy2Sc7wyBOUcZUXenNDu3HjGm6fWG9DHs6gM6Hl+44KKsL8pFhICwmo FIXw2cQXslprMYAlz+K1y8jCsQ2wX7/vV1sdiHwofnrg2G0DUCq61LVe8qzwFHDF enZGH4YlkoODQNjVk6nZ/ni7UQwiB/6eDjhO4OsCpea+Byy+6inLdqQOiWLWNiwb DiIiL+p57cWMIJNu6/PDy0hYbNm1JRpXEYut7cn38WizJZd2RsAx0Xmapwf+/YYU Ul/5zQRoitZyeqJOh0xOWHsGeQmbwYs/wVOViC8KEDtQlmxi7XievjWYcPQZAbdL q/k= -----END CERTIFICATE-----Generated at Wed May 13 00:01:18 2026 by rpki-client