$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/328cea91-878c-4f36-ad16-29b649a79487.roa File: 328cea91-878c-4f36-ad16-29b649a79487.roa (raw, json) Hash identifier: 5/qP0eq9v/O7DHYaoiHDSDufq89JFH90u/xB296Zod4= Subject key identifier: 4A:41:92:31:DF:14:6D:07:8E:62:68:3D:3F:71:05:F8:EC:28:84:09 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5C73C51C5A0217F9552AB6BEB47DE99C567F1311 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/328cea91-878c-4f36-ad16-29b649a79487.roa Signing time: Tue 12 May 2026 00:10:32 +0000 ROA not before: Tue 12 May 2026 00:10:32 +0000 ROA not after: Mon 10 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:c8c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:73:c5:1c:5a:02:17:f9:55:2a:b6:be:b4:7d:e9:9c:56:7f:13:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 12 00:10:32 2026 GMT Not After : Aug 10 23:59:59 2026 GMT Subject: serialNumber=00d90bbb5ce3b52e75a025df55ee1fa703889eba99cc15549cab4ff0f5d5e542, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:c1:68:5d:8d:88:37:26:c8:a8:e6:7c:3e:7c: d1:d0:5c:fb:44:4b:83:51:16:ee:44:44:3d:08:12: 2d:38:92:2f:b0:9d:ab:93:78:93:fd:3c:31:d3:dd: 40:f1:54:1e:1e:3a:ec:f0:d5:cc:22:bb:7b:e5:b6: fc:81:16:9e:23:e2:43:41:8e:42:4f:d7:b7:1b:9f: 25:a3:af:6d:0a:7d:c8:ea:1c:ff:fb:40:15:34:31: d1:12:31:7b:a6:05:62:e1:6e:b2:e6:e1:74:9d:45: d8:33:f6:be:26:cf:40:c4:22:c9:3b:de:f1:58:cb: 9a:8f:8d:fd:d8:de:77:06:04:b7:5e:1d:81:11:50: 03:04:06:54:e7:db:d4:7a:ce:1d:5b:c3:6b:96:5f: d4:af:8b:41:9f:4e:92:be:7e:c9:a8:f8:59:7b:84: 7c:5d:11:6f:25:16:1e:85:51:49:84:9e:e4:4d:66: 1f:77:88:67:cb:98:aa:e5:56:71:fd:f1:b4:1f:51: f9:95:7d:fd:21:24:69:b0:b9:87:b5:66:22:66:c8: cd:f4:ea:ff:44:78:0b:22:66:88:07:06:62:26:ce: 15:68:10:c2:e8:30:71:e0:eb:b5:1c:47:05:fd:47: f2:ae:5e:9b:24:1d:a7:cb:5f:4e:9d:1a:4d:c2:32: 96:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:41:92:31:DF:14:6D:07:8E:62:68:3D:3F:71:05:F8:EC:28:84:09 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/328cea91-878c-4f36-ad16-29b649a79487.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:c8c0::/48 Signature Algorithm: sha256WithRSAEncryption 52:ba:2a:77:54:13:3b:bc:34:ff:4d:65:c4:b2:b4:3d:f6:8b: c4:fa:77:27:32:95:ca:3f:1a:8f:54:25:4d:64:a0:0a:17:b9: a4:88:01:05:c8:88:80:ad:63:69:90:d3:b0:7b:2e:3e:75:ef: 95:b2:ea:15:92:65:1d:c0:88:2b:34:4b:21:68:3b:04:7c:c5: 88:c1:c0:2e:20:81:3f:d6:8b:3b:40:c4:e5:71:e7:42:42:e0: 16:a1:51:f9:86:ec:94:42:a6:12:ae:f0:9a:44:69:fc:f4:48: 89:da:ae:a7:91:a2:53:fa:28:f3:a0:1d:c5:a3:71:2a:44:da: b9:58:e2:90:44:8c:42:57:5b:7e:61:28:da:bb:71:dd:77:a7: f7:71:6a:72:0b:75:96:af:dc:4c:f8:bd:1c:81:45:b9:a2:1e: 29:23:91:47:cd:69:3e:42:c4:50:3c:2a:91:9b:94:aa:67:c4: fc:65:f3:3e:fa:6a:92:53:1e:e4:ef:10:74:d9:bc:a9:88:f8: 2e:cc:28:b5:57:f6:c4:57:43:3c:f4:8b:ab:be:b4:3e:ff:e1: dd:bb:7b:b2:a3:48:38:45:95:14:45:7d:e7:5a:46:58:bc:da: 0a:8f:34:14:62:cd:39:30:97:2e:92:45:ad:df:b1:e4:11:b2: 74:85:94:01 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUXHPFHFoCF/lVKra+tH3pnFZ/ExEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMjAwMTAzMloX DTI2MDgxMDIzNTk1OVowejFJMEcGA1UEBRNAMDBkOTBiYmI1Y2UzYjUyZTc1YTAy NWRmNTVlZTFmYTcwMzg4OWViYTk5Y2MxNTU0OWNhYjRmZjBmNWQ1ZTU0MjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsFoXY2INybIqOZ8PnzR0Fz7REuD URbuREQ9CBItOJIvsJ2rk3iT/Twx091A8VQeHjrs8NXMIrt75bb8gRaeI+JDQY5C T9e3G58lo69tCn3I6hz/+0AVNDHREjF7pgVi4W6y5uF0nUXYM/a+Js9AxCLJO97x WMuaj4392N53BgS3Xh2BEVADBAZU59vUes4dW8Nrll/Ur4tBn06Svn7JqPhZe4R8 XRFvJRYehVFJhJ7kTWYfd4hny5iq5VZx/fG0H1H5lX39ISRpsLmHtWYiZsjN9Or/ RHgLImaIBwZiJs4VaBDC6DBx4Ou1HEcF/Ufyrl6bJB2ny19OnRpNwjKWXwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFEpBkjHfFG0HjmJoPT9xBfjsKIQJMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMyOGNlYTkxLTg3OGMtNGYzNi1hZDE2LTI5YjY0OWE3OTQ4Ny5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/8jAMA0GCSqGSIb3DQEBCwUAA4IBAQBSuip3VBM7vDT/TWXE srQ99ovE+ncnMpXKPxqPVCVNZKAKF7mkiAEFyIiArWNpkNOwey4+de+VsuoVkmUd wIgrNEshaDsEfMWIwcAuIIE/1os7QMTlcedCQuAWoVH5huyUQqYSrvCaRGn89EiJ 2q6nkaJT+ijzoB3Fo3EqRNq5WOKQRIxCV1t+YSjau3Hdd6f3cWpyC3WWr9xM+L0c gUW5oh4pI5FHzWk+QsRQPCqRm5SqZ8T8ZfM++mqSUx7k7xB02bypiPguzCi1V/bE V0M89IurvrQ+/+Hdu3uyo0g4RZUURX3nWkZYvNoKjzQUYs05MJcukkWt37HkEbJ0 hZQB -----END CERTIFICATE-----Generated at Wed May 13 01:18:04 2026 by rpki-client