$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2d82d68c-b660-4018-9fb1-a96c9fdd7793.roa File: 2d82d68c-b660-4018-9fb1-a96c9fdd7793.roa (raw, json) Hash identifier: tXh8fyyKSgy15CYESbngvsgv05d1nDEmcOqnw4XGK4s= Subject key identifier: 8A:4E:EF:16:53:0D:33:A4:B9:AD:CD:FF:1C:5D:C0:77:8E:2C:82:63 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 071B063AD346E40D00A8F6A4A002E1810BC73CA4 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2d82d68c-b660-4018-9fb1-a96c9fdd7793.roa Signing time: Tue 05 May 2026 00:00:36 +0000 ROA not before: Tue 05 May 2026 00:00:36 +0000 ROA not after: Mon 03 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf9::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 07:1b:06:3a:d3:46:e4:0d:00:a8:f6:a4:a0:02:e1:81:0b:c7:3c:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 5 00:00:36 2026 GMT Not After : Aug 3 23:59:59 2026 GMT Subject: serialNumber=4f5f18b5d6ceb802a1fd22a2199c2d5cc0ba7e245c973acbf86c1980cb5aa310, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:9d:9f:3b:61:42:db:b6:7f:12:d0:9e:74:01: 33:ea:03:d9:61:d0:3c:47:2c:9a:42:97:a9:d8:9c: 42:89:d6:0c:f9:4c:14:8c:12:7c:5c:14:93:4d:7c: c8:c1:89:90:89:44:eb:0f:46:1b:ef:0d:ef:e3:71: b0:9d:de:5d:e7:63:f2:b6:b0:62:8d:40:14:c5:16: 6b:5a:8b:95:7b:5c:c6:57:69:0f:45:6b:9c:94:d2: 81:e6:6c:9e:02:c0:14:91:18:99:31:d7:28:07:71: 81:19:f0:72:ed:ca:12:eb:80:80:52:6b:7d:71:15: 7f:cd:7d:d7:2f:99:75:a6:6a:07:f4:ab:13:eb:17: 48:d8:01:88:af:dd:1b:1b:b7:f5:2d:1e:6a:1f:0e: f3:6a:21:29:e0:c3:93:27:7b:d6:3b:01:a6:72:fc: 18:ce:e7:5c:88:ca:69:4a:79:8f:d7:8d:9a:b2:f0: 51:ff:87:83:98:10:1b:49:9e:7f:5e:19:2f:bf:76: 72:2b:64:c3:a2:c3:e8:c3:be:18:e9:41:3d:84:42: d6:84:f0:05:3f:f2:53:df:7b:15:83:65:17:a4:5e: 34:3f:86:3b:92:d6:b7:71:9d:a4:cf:59:d9:bd:c5: f9:23:9e:83:6b:b2:a6:50:b5:98:d9:0d:73:99:22: e2:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:4E:EF:16:53:0D:33:A4:B9:AD:CD:FF:1C:5D:C0:77:8E:2C:82:63 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2d82d68c-b660-4018-9fb1-a96c9fdd7793.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf9::/32 Signature Algorithm: sha256WithRSAEncryption 3c:66:2d:51:e1:fe:f0:ef:e6:16:7d:b1:79:60:16:19:c6:54: bd:b1:98:23:fe:7d:7a:da:57:88:4f:0b:6e:31:b5:40:0c:f3: c3:93:f8:8c:7c:ea:3e:d5:8b:d9:9b:f4:77:84:b9:67:7d:cf: f5:37:78:9a:5f:b3:15:f1:2c:27:49:7c:0b:fd:a9:92:82:0a: b7:fc:46:9c:a7:4c:f7:22:f6:2b:a3:35:f1:74:eb:96:21:bf: ad:99:a0:a6:bd:0f:66:03:1b:41:6b:d2:df:95:7b:9f:ad:e1: 90:60:08:7f:51:f5:15:94:6f:62:c9:db:cc:49:3d:f2:97:4d: 5a:1c:ae:43:90:ca:03:1d:37:7d:80:48:3e:5d:fb:4f:92:c4: 95:02:04:38:9c:a4:4d:0f:7f:41:5f:62:cc:ec:74:7b:16:9b: 5c:8c:b1:09:24:ad:0d:d0:1a:a9:4b:d3:e4:2a:48:8f:19:34: 0b:86:ad:12:6a:3e:fd:39:34:d6:e5:a0:b4:db:c6:b0:bb:a8: ed:33:4b:c0:15:55:9c:47:6f:72:10:88:c2:a4:d4:43:e9:a3: 05:06:21:1b:13:22:b7:3c:c9:73:8c:46:f2:8a:eb:d0:91:00: 02:aa:7a:c6:95:36:bd:4d:9a:6d:1a:0b:be:15:ab:e2:98:43: f0:b8:52:d8 -----BEGIN CERTIFICATE----- MIIFnTCCBIWgAwIBAgIUBxsGOtNG5A0AqPakoALhgQvHPKQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwNTAwMDAzNloX DTI2MDgwMzIzNTk1OVowejFJMEcGA1UEBRNANGY1ZjE4YjVkNmNlYjgwMmExZmQy MmEyMTk5YzJkNWNjMGJhN2UyNDVjOTczYWNiZjg2YzE5ODBjYjVhYTMxMDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJ2fO2FC27Z/EtCedAEz6gPZYdA8 RyyaQpep2JxCidYM+UwUjBJ8XBSTTXzIwYmQiUTrD0Yb7w3v43Gwnd5d52PytrBi jUAUxRZrWouVe1zGV2kPRWuclNKB5myeAsAUkRiZMdcoB3GBGfBy7coS64CAUmt9 cRV/zX3XL5l1pmoH9KsT6xdI2AGIr90bG7f1LR5qHw7zaiEp4MOTJ3vWOwGmcvwY zudciMppSnmP142asvBR/4eDmBAbSZ5/Xhkvv3ZyK2TDosPow74Y6UE9hELWhPAF P/JT33sVg2UXpF40P4Y7kta3cZ2kz1nZvcX5I56Da7KmULWY2Q1zmSLieQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFIpO7xZTDTOkua3N/xxdwHeOLIJjMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzJkODJkNjhjLWI2NjAtNDAxOC05ZmIxLWE5NmM5ZmRkNzc5My5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN BAIAAjAHAwUAJAba+TANBgkqhkiG9w0BAQsFAAOCAQEAPGYtUeH+8O/mFn2xeWAW GcZUvbGYI/59etpXiE8LbjG1QAzzw5P4jHzqPtWL2Zv0d4S5Z33P9Td4ml+zFfEs J0l8C/2pkoIKt/xGnKdM9yL2K6M18XTrliG/rZmgpr0PZgMbQWvS35V7n63hkGAI f1H1FZRvYsnbzEk98pdNWhyuQ5DKAx03fYBIPl37T5LElQIEOJykTQ9/QV9izOx0 exabXIyxCSStDdAaqUvT5CpIjxk0C4atEmo+/Tk01uWgtNvGsLuo7TNLwBVVnEdv chCIwqTUQ+mjBQYhGxMitzzJc4xG8orr0JEAAqp6xpU2vU2abRoLvhWr4phD8LhS 2A== -----END CERTIFICATE-----Generated at Tue May 12 23:42:29 2026 by rpki-client