$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d4e72c4-66d0-430a-a6bc-d3e2916a848c.roa File: 3d4e72c4-66d0-430a-a6bc-d3e2916a848c.roa (raw, json) Hash identifier: Ngf4Iz46rTotRhm7g6ZSdjq85GWDIregO5b7mlIz+hs= Subject key identifier: 5F:AE:F3:D5:1C:7A:55:70:7F:E1:74:14:44:24:88:FB:3A:D6:8F:4E Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 154C262D72A117DD1B753031D2CB6D64CE66DE08 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d4e72c4-66d0-430a-a6bc-d3e2916a848c.roa Signing time: Fri 08 May 2026 00:00:16 +0000 ROA not before: Fri 08 May 2026 00:00:16 +0000 ROA not after: Thu 06 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf4:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 15:4c:26:2d:72:a1:17:dd:1b:75:30:31:d2:cb:6d:64:ce:66:de:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 8 00:00:16 2026 GMT Not After : Aug 6 23:59:59 2026 GMT Subject: serialNumber=c2d8e86f9cbe49ec037068675e1ca7ee47ecff74a30e20388152f03c381bbb9c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:3b:ab:53:4b:b0:25:b3:20:ae:07:b6:8b:b8: af:17:05:54:c6:c9:77:a6:b1:49:fc:9c:89:23:2f: 27:9e:57:fc:60:87:77:f9:5f:a0:31:a1:98:42:5f: 4d:d8:a3:e7:5b:31:b5:7b:45:a8:0f:00:ed:d9:b0: 0d:7b:0c:f6:cf:67:31:97:17:1b:a9:2a:34:57:c7: 12:db:59:be:c7:6f:5b:41:4c:d5:d5:da:07:f2:0a: dd:c9:ef:2b:54:6a:ad:99:65:d9:3e:d3:46:69:86: ae:03:18:55:e8:31:c5:a6:e7:fe:bf:37:b9:e9:44: bc:01:af:82:d3:ef:82:1e:fd:66:35:ce:17:54:14: 57:15:9d:69:ed:8f:13:40:b3:d5:75:07:3d:60:d9: 4d:78:28:38:84:61:1e:89:d9:c3:36:57:1c:b7:d6: 41:49:0e:91:93:19:2c:4d:93:2f:6d:c1:46:23:0c: 62:ff:72:49:6e:7e:c3:28:cf:30:b2:62:d9:61:cb: 57:dc:04:5f:84:fc:f6:57:46:59:16:aa:0b:b2:0b: 65:30:d2:16:3c:e2:61:40:67:91:62:32:ac:88:8e: 95:ce:cf:1b:34:b5:0c:24:e8:ef:69:32:43:e4:0e: 9b:3c:1a:73:36:e0:21:0b:4e:97:14:a6:6d:da:bc: f9:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:AE:F3:D5:1C:7A:55:70:7F:E1:74:14:44:24:88:FB:3A:D6:8F:4E X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d4e72c4-66d0-430a-a6bc-d3e2916a848c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf4:4000::/40 Signature Algorithm: sha256WithRSAEncryption 9c:6a:b5:67:02:63:a3:53:bd:42:92:25:19:1e:d2:7b:1b:1e: c0:78:e0:6b:24:16:d0:fa:68:73:3d:01:7f:39:3c:5d:6e:13: 50:b6:5c:5c:cc:57:39:7d:67:d2:ed:80:5d:0e:fe:f7:67:f9: 4d:22:8d:10:85:43:5e:07:ca:3a:0c:25:2c:14:c8:d1:cf:b3: e4:23:1f:4d:e4:73:de:46:95:e7:5e:7a:d8:ee:c0:e2:95:62: b0:78:e9:1b:aa:20:b5:b6:ad:3d:06:a6:2b:78:76:1a:61:5e: 81:a0:5f:77:2c:27:4f:01:b1:51:aa:cb:87:13:1f:4f:65:3f: f1:cf:e9:77:4c:67:29:9c:7a:51:e4:b6:94:4d:ea:d0:dd:ba: 2a:4b:57:a1:20:44:00:fb:fc:e7:2c:68:b1:12:9c:02:8d:52: 70:70:63:fd:20:30:e6:85:d9:ed:33:95:ca:47:18:c1:76:54: be:9e:84:d1:65:31:96:0e:fc:4e:46:24:4b:5f:e3:ab:6a:de: 88:5c:de:e6:ad:14:b6:c4:47:e2:5d:4c:b5:19:4b:ca:4b:1c: 09:f6:bf:63:7b:d1:af:9a:ac:39:29:0d:92:ab:ed:8e:9d:5b: 46:95:1c:fe:ab:40:83:b0:bf:4b:46:fe:87:f0:52:9f:80:cd: b5:15:37:ff -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUFUwmLXKhF90bdTAx0sttZM5m3ggwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwODAwMDAxNloX DTI2MDgwNjIzNTk1OVowejFJMEcGA1UEBRNAYzJkOGU4NmY5Y2JlNDllYzAzNzA2 ODY3NWUxY2E3ZWU0N2VjZmY3NGEzMGUyMDM4ODE1MmYwM2MzODFiYmI5YzEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDurU0uwJbMgrge2i7ivFwVUxsl3 prFJ/JyJIy8nnlf8YId3+V+gMaGYQl9N2KPnWzG1e0WoDwDt2bANewz2z2cxlxcb qSo0V8cS21m+x29bQUzV1doH8grdye8rVGqtmWXZPtNGaYauAxhV6DHFpuf+vze5 6US8Aa+C0++CHv1mNc4XVBRXFZ1p7Y8TQLPVdQc9YNlNeCg4hGEeidnDNlcct9ZB SQ6RkxksTZMvbcFGIwxi/3JJbn7DKM8wsmLZYctX3ARfhPz2V0ZZFqoLsgtlMNIW POJhQGeRYjKsiI6Vzs8bNLUMJOjvaTJD5A6bPBpzNuAhC06XFKZt2rz5SwIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFF+u89UcelVwf+F0FEQkiPs61o9OMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNkNGU3MmM0LTY2ZDAtNDMwYS1hNmJjLWQzZTI5MTZhODQ4Yy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba9EAwDQYJKoZIhvcNAQELBQADggEBAJxqtWcCY6NTvUKSJRke 0nsbHsB44GskFtD6aHM9AX85PF1uE1C2XFzMVzl9Z9LtgF0O/vdn+U0ijRCFQ14H yjoMJSwUyNHPs+QjH03kc95GledeetjuwOKVYrB46RuqILW2rT0Gpit4dhphXoGg X3csJ08BsVGqy4cTH09lP/HP6XdMZymcelHktpRN6tDduipLV6EgRAD7/OcsaLES nAKNUnBwY/0gMOaF2e0zlcpHGMF2VL6ehNFlMZYO/E5GJEtf46tq3ohc3uatFLbE R+JdTLUZS8pLHAn2v2N70a+arDkpDZKr7Y6dW0aVHP6rQIOwv0tG/ofwUp+AzbUV N/8= -----END CERTIFICATE-----Generated at Tue May 12 23:31:13 2026 by rpki-client