$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a6f01f1-bc5b-473d-a12f-7f0ffed5f4fb.roa File: 3a6f01f1-bc5b-473d-a12f-7f0ffed5f4fb.roa (raw, json) Hash identifier: 7WCL2hrIoCvf5AE9SQah7/jTfe+q94ET0pRScgtBIAA= Subject key identifier: B2:CE:22:2D:CD:CA:4E:85:54:49:1A:43:82:F4:92:36:19:B5:2B:78 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 3D501860B73DC7E1DE9351BC18486FEF3977B5F1 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a6f01f1-bc5b-473d-a12f-7f0ffed5f4fb.roa Signing time: Mon 11 May 2026 00:30:12 +0000 ROA not before: Mon 11 May 2026 00:30:12 +0000 ROA not after: Sun 09 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:c880::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:50:18:60:b7:3d:c7:e1:de:93:51:bc:18:48:6f:ef:39:77:b5:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 11 00:30:12 2026 GMT Not After : Aug 9 23:59:59 2026 GMT Subject: serialNumber=eddc839b799d6a57fc619c44f691bf9edbe0836f930bafdf32d9dbf4cee494fc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:89:f8:84:78:81:ee:52:c2:04:16:8a:a8:02: d3:90:06:77:ac:eb:55:08:36:3a:a0:a2:d5:1a:d0: 97:da:19:4c:ec:c9:d8:e9:24:0f:5a:45:f2:75:d2: f3:b5:4f:45:a9:29:08:80:d4:81:cc:27:ff:89:b1: a0:e2:98:86:ea:38:26:f8:b9:45:ed:37:08:bc:ef: c9:c9:a2:e7:68:01:8c:c5:cd:d6:c8:d0:49:14:39: cf:15:52:b3:c9:a3:f3:cc:a4:c5:fa:d7:f9:b9:91: 26:15:9d:42:90:dd:9e:80:ae:66:25:2c:65:22:e5: f0:6b:dc:88:bf:92:92:d9:df:69:4e:fb:56:d5:27: 8e:5d:04:85:fd:dd:32:ca:b7:a4:e6:b1:d2:c6:07: 66:d8:03:13:99:4a:df:4a:64:2a:2e:7c:7b:66:fb: ac:a1:c6:d7:c9:fd:9d:59:47:d5:8c:a6:26:08:41: 71:af:69:37:da:15:27:8d:5e:43:4c:d1:67:21:c2: 48:e8:fb:46:26:eb:ef:a5:82:3c:d3:9f:15:00:1e: 28:4a:1c:d5:b2:89:a4:30:42:2c:07:ad:63:b2:cb: 18:0b:a1:2c:4d:5a:93:89:a9:6f:e7:d4:d9:89:26: ea:6d:62:3d:e1:b8:71:c3:74:cf:56:13:8e:25:40: ba:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:CE:22:2D:CD:CA:4E:85:54:49:1A:43:82:F4:92:36:19:B5:2B:78 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3a6f01f1-bc5b-473d-a12f-7f0ffed5f4fb.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:c880::/48 Signature Algorithm: sha256WithRSAEncryption 2f:81:88:77:cf:31:00:c2:d6:c9:52:b3:d1:fd:94:91:37:b0: 09:06:85:ab:53:49:67:a2:eb:7e:f4:e0:35:3e:76:4d:e0:28: b8:2c:d0:ab:8f:7d:12:36:c6:62:e8:0c:c4:32:c5:3d:b8:17: fc:ec:b7:04:1a:39:e3:b4:1d:54:d9:fe:31:b6:44:70:75:45: 38:9f:8e:23:54:ca:31:2d:e5:86:0d:63:d4:36:e2:39:6a:3f: fb:f8:e5:7b:3a:bd:1d:73:3c:d8:af:3f:e6:89:fe:23:b4:c4: ec:7e:05:d1:93:e8:68:63:f3:fa:7b:1d:4a:a4:2e:92:b5:d7: 50:99:15:02:ad:4b:bb:a7:30:85:29:d6:ad:44:0d:a0:2b:00: 91:96:a6:26:4b:79:26:70:ae:44:cd:f5:d3:9c:01:df:4b:dc: b6:3c:03:16:ad:c0:c9:08:d5:c2:a9:00:da:a4:ad:bd:93:17: 17:d3:be:b7:0a:f9:b7:4a:30:8b:a0:5d:4e:2c:65:45:ae:67: a0:7b:17:bd:55:80:de:e0:d6:cb:4d:18:f8:2d:71:1b:64:77: 81:24:d9:ec:88:37:c3:c9:0e:d5:6e:b3:50:86:3e:a1:7b:28: b7:ca:ae:24:37:ff:ab:35:14:3c:ef:5c:e8:d4:c6:15:c5:3b: ca:be:ec:0d -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUPVAYYLc9x+Hek1G8GEhv7zl3tfEwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMTAwMzAxMloX DTI2MDgwOTIzNTk1OVowejFJMEcGA1UEBRNAZWRkYzgzOWI3OTlkNmE1N2ZjNjE5 YzQ0ZjY5MWJmOWVkYmUwODM2ZjkzMGJhZmRmMzJkOWRiZjRjZWU0OTRmYzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqon4hHiB7lLCBBaKqALTkAZ3rOtV CDY6oKLVGtCX2hlM7MnY6SQPWkXyddLztU9FqSkIgNSBzCf/ibGg4piG6jgm+LlF 7TcIvO/JyaLnaAGMxc3WyNBJFDnPFVKzyaPzzKTF+tf5uZEmFZ1CkN2egK5mJSxl IuXwa9yIv5KS2d9pTvtW1SeOXQSF/d0yyrek5rHSxgdm2AMTmUrfSmQqLnx7Zvus ocbXyf2dWUfVjKYmCEFxr2k32hUnjV5DTNFnIcJI6PtGJuvvpYI8058VAB4oShzV somkMEIsB61jsssYC6EsTVqTialv59TZiSbqbWI94bhxw3TPVhOOJUC65wIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFLLOIi3Nyk6FVEkaQ4L0kjYZtSt4MB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNhNmYwMWYxLWJjNWItNDczZC1hMTJmLTdmMGZmZWQ1ZjRmYi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba8siAMA0GCSqGSIb3DQEBCwUAA4IBAQAvgYh3zzEAwtbJUrPR /ZSRN7AJBoWrU0lnout+9OA1PnZN4Ci4LNCrj30SNsZi6AzEMsU9uBf87LcEGjnj tB1U2f4xtkRwdUU4n44jVMoxLeWGDWPUNuI5aj/7+OV7Or0dczzYrz/mif4jtMTs fgXRk+hoY/P6ex1KpC6StddQmRUCrUu7pzCFKdatRA2gKwCRlqYmS3kmcK5EzfXT nAHfS9y2PAMWrcDJCNXCqQDapK29kxcX0763Cvm3SjCLoF1OLGVFrmegexe9VYDe 4NbLTRj4LXEbZHeBJNnsiDfDyQ7VbrNQhj6heyi3yq4kN/+rNRQ871zo1MYVxTvK vuwN -----END CERTIFICATE-----Generated at Tue May 12 23:27:12 2026 by rpki-client