$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32c6f2e6-113c-4d40-a541-26a09c985dde.roa File: 32c6f2e6-113c-4d40-a541-26a09c985dde.roa (raw, json) Hash identifier: /5nz4Dv/EAqQqQr8jfAUEZKK1t+SWwaLuUYmVXAZFbE= Subject key identifier: 9A:8C:29:58:7C:76:1B:2D:91:00:AC:A0:AB:AB:F7:F7:CC:19:C6:BA Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 6B17C08BF6B3DFB5DF45CFEE11F36EEB49EC3062 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32c6f2e6-113c-4d40-a541-26a09c985dde.roa Signing time: Mon 11 May 2026 00:00:07 +0000 ROA not before: Mon 11 May 2026 00:00:07 +0000 ROA not after: Sun 09 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:2800::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:17:c0:8b:f6:b3:df:b5:df:45:cf:ee:11:f3:6e:eb:49:ec:30:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 11 00:00:07 2026 GMT Not After : Aug 9 23:59:59 2026 GMT Subject: serialNumber=898655d5a7f9c570d76a83cb0bce84521f926e0abe5f440feaa895abed2f89ea, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:11:03:8b:48:fc:ca:6a:7e:d6:0a:ae:fc:c2: 50:4a:59:f6:36:b5:04:96:9c:b1:9b:de:24:52:27: 00:f7:f8:18:29:7e:4b:38:5b:83:78:d7:c4:ad:12: 0b:c8:e8:cd:08:e6:89:86:76:39:47:1b:76:88:d1: d8:fe:f5:f5:4e:e2:01:ff:4a:d0:99:92:b9:75:44: dd:c4:40:70:9b:31:54:f9:05:46:3c:e5:ef:f4:9a: 02:53:70:0a:f1:f3:f7:49:91:57:0d:a0:68:a5:f6: f0:66:f8:7f:03:22:db:e8:46:c9:8e:26:10:96:ba: 10:b8:80:f8:df:b1:c1:a3:80:85:20:b5:de:ea:b8: f9:5e:cd:2b:1a:32:71:0a:83:06:35:b9:1d:27:32: 22:bd:2a:4a:08:c2:13:7c:38:b0:e4:a9:1a:6e:1e: 65:03:84:cf:f7:dd:ca:00:f7:cd:73:80:a1:74:6b: 29:fe:cd:76:4f:56:f3:fb:5b:bf:56:9b:cb:53:ec: 0e:cd:42:4b:ff:33:b1:c3:78:09:7b:78:31:9c:b0: 64:23:90:bc:33:7d:dc:40:9b:59:10:20:0d:2b:31: 56:69:35:16:4f:a6:c2:58:c5:34:fe:20:ad:51:a6: 7f:af:87:ec:eb:02:e1:b6:2b:4e:10:35:3d:5d:b2: 02:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:8C:29:58:7C:76:1B:2D:91:00:AC:A0:AB:AB:F7:F7:CC:19:C6:BA X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/32c6f2e6-113c-4d40-a541-26a09c985dde.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:2800::/40 Signature Algorithm: sha256WithRSAEncryption 49:76:29:07:f2:a3:af:38:93:16:63:46:71:21:fc:a8:20:b0: 8f:6d:23:5e:5f:a4:98:d4:de:d2:cc:aa:e0:c4:e1:bc:1d:93: 15:2c:e8:a8:1a:bd:a2:8b:f5:ce:d0:98:11:2f:63:f9:95:c1: 76:3d:75:f1:05:62:ab:a5:5e:8a:d9:4b:3a:2a:c9:8f:10:35: ce:2b:3e:63:6b:c4:ce:49:4f:f2:a7:15:5b:43:10:8b:15:92: 33:bc:e3:bf:8b:1a:b2:d3:f9:8f:8a:45:10:e2:e9:61:e3:84: 3a:ac:3b:d3:11:d1:b8:e1:36:d6:8e:da:78:47:40:81:0d:23: 2c:21:e2:b5:ae:d6:92:6a:4b:f1:a5:15:29:b0:b0:f6:dd:e7: 2e:04:cb:06:5d:f1:7d:d2:03:cf:eb:1e:53:b5:35:91:2a:de: 2a:8a:08:46:4a:34:eb:e0:05:c1:31:0e:a2:ee:62:1f:56:9f: d7:6c:89:66:8c:f3:23:b7:7d:a3:e7:20:75:85:d1:c9:18:0b: 31:66:47:7d:56:71:1f:cb:70:e2:b1:3a:df:70:22:ea:76:be: b6:76:2e:66:2b:12:1c:ca:68:26:1e:43:3d:4f:2e:27:72:95: 0d:bf:ca:91:d7:94:4c:5f:7f:e8:f7:96:0e:35:ac:53:ce:0b: 25:e7:7b:ff -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUaxfAi/az37XfRc/uEfNu60nsMGIwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMTAwMDAwN1oX DTI2MDgwOTIzNTk1OVowejFJMEcGA1UEBRNAODk4NjU1ZDVhN2Y5YzU3MGQ3NmE4 M2NiMGJjZTg0NTIxZjkyNmUwYWJlNWY0NDBmZWFhODk1YWJlZDJmODllYTEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxEDi0j8ymp+1gqu/MJQSln2NrUE lpyxm94kUicA9/gYKX5LOFuDeNfErRILyOjNCOaJhnY5Rxt2iNHY/vX1TuIB/0rQ mZK5dUTdxEBwmzFU+QVGPOXv9JoCU3AK8fP3SZFXDaBopfbwZvh/AyLb6EbJjiYQ lroQuID437HBo4CFILXe6rj5Xs0rGjJxCoMGNbkdJzIivSpKCMITfDiw5Kkabh5l A4TP993KAPfNc4ChdGsp/s12T1bz+1u/VpvLU+wOzUJL/zOxw3gJe3gxnLBkI5C8 M33cQJtZECANKzFWaTUWT6bCWMU0/iCtUaZ/r4fs6wLhtitOEDU9XbIC1wIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFJqMKVh8dhstkQCsoKur9/fMGca6MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzMyYzZmMmU2LTExM2MtNGQ0MC1hNTQxLTI2YTA5Yzk4NWRkZS5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba/ygwDQYJKoZIhvcNAQELBQADggEBAEl2KQfyo684kxZjRnEh /KggsI9tI15fpJjU3tLMquDE4bwdkxUs6KgavaKL9c7QmBEvY/mVwXY9dfEFYqul XorZSzoqyY8QNc4rPmNrxM5JT/KnFVtDEIsVkjO847+LGrLT+Y+KRRDi6WHjhDqs O9MR0bjhNtaO2nhHQIENIywh4rWu1pJqS/GlFSmwsPbd5y4EywZd8X3SA8/rHlO1 NZEq3iqKCEZKNOvgBcExDqLuYh9Wn9dsiWaM8yO3faPnIHWF0ckYCzFmR31WcR/L cOKxOt9wIup2vrZ2LmYrEhzKaCYeQz1PLidylQ2/ypHXlExff+j3lg41rFPOCyXn e/8= -----END CERTIFICATE-----Generated at Tue May 12 23:35:04 2026 by rpki-client