$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3eecc85e-c9f3-489a-b550-f7a900d63926.roa File: 3eecc85e-c9f3-489a-b550-f7a900d63926.roa (raw, json) Hash identifier: iG8faMFqcQEWF8D01LeWYwB6hEI31S9pc3Y/vUgnzx4= Subject key identifier: FB:1D:C0:16:40:20:DA:DA:46:59:92:EB:0B:13:13:6F:F1:07:97:5F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 7AADBE083FC099A7FDA5E768D47EDB3C1EEFEFE6 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3eecc85e-c9f3-489a-b550-f7a900d63926.roa Signing time: Mon 11 May 2026 00:00:11 +0000 ROA not before: Mon 11 May 2026 00:00:11 +0000 ROA not after: Sun 09 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daf2:6000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:ad:be:08:3f:c0:99:a7:fd:a5:e7:68:d4:7e:db:3c:1e:ef:ef:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 11 00:00:11 2026 GMT Not After : Aug 9 23:59:59 2026 GMT Subject: serialNumber=d8cea82ba9a91ef91c6f75af90bd416334fb7e97701fdb47957664fdadc7cd40, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:67:b1:dc:49:d8:1a:37:0d:f5:76:97:bd:f0: 66:25:e5:5a:3d:bf:45:4c:37:6e:ee:f0:5b:c7:c8: 31:44:37:31:61:9f:9d:7b:7a:ba:8c:39:e9:44:f0: e1:5a:91:06:68:24:55:70:c3:3a:f1:1a:7e:23:fc: ef:94:c6:c8:69:81:ff:54:ad:87:64:66:a3:60:d8: 5f:8d:d6:ef:e9:36:fb:84:c3:2c:fe:c6:b3:96:4a: 82:2a:1d:e5:0f:91:3a:9a:9e:27:7a:1e:fc:3c:d3: a2:c4:e1:cf:2c:1c:89:25:cb:6f:db:91:b1:01:71: 8a:c4:a4:77:d7:54:a4:67:86:91:24:cf:46:33:4a: c0:4d:57:44:93:ff:92:ef:f0:a1:48:30:2e:cc:d7: d3:0d:89:d2:47:55:c3:96:a1:61:ae:6a:0e:25:27: 14:88:a6:42:0f:94:06:06:8f:88:f3:bd:4d:eb:43: c2:35:dd:ed:d0:c4:f1:bb:3a:97:ec:9b:ce:56:88: b5:10:c1:e9:e3:e6:11:ac:5c:10:ab:4c:75:c5:48: 36:8b:83:8a:19:42:f9:27:91:87:d7:bb:91:bd:61: e6:24:c8:f0:2b:48:54:10:d7:8d:d6:d9:2f:b6:59: ce:ac:1e:70:4f:10:2b:69:f3:ee:8d:a5:07:b9:8e: a3:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:1D:C0:16:40:20:DA:DA:46:59:92:EB:0B:13:13:6F:F1:07:97:5F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3eecc85e-c9f3-489a-b550-f7a900d63926.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daf2:6000::/40 Signature Algorithm: sha256WithRSAEncryption 70:23:98:d4:79:c1:ce:67:59:c3:ee:c5:c0:11:95:ce:a7:9f: dc:1d:94:a9:fd:1c:00:5f:b5:a7:87:2d:e1:de:5a:63:d3:5a: f7:4a:58:4d:84:a8:9e:fa:9f:d8:cc:4d:66:ad:17:85:33:d4: 9b:0a:a7:69:ac:1e:78:5f:e3:31:b3:10:4b:ca:8b:1e:d9:50: 8d:71:f8:4b:0b:9b:e0:fb:82:c8:eb:91:2f:0b:20:44:60:54: f1:62:cb:b8:9a:1f:ab:13:9d:5c:db:d7:7b:ae:c1:43:a4:f6: f9:35:ad:a8:98:cf:82:d8:18:3c:06:f5:b8:cf:65:f7:40:6c: 28:ca:03:b2:3b:7f:10:6b:67:38:e7:bc:32:58:d1:42:19:e7: 74:11:b2:d4:1d:0b:2e:b2:9c:04:12:32:ff:71:a8:b8:ec:ed: bc:47:f8:82:41:43:51:a0:0f:de:06:21:00:96:29:a8:07:dc: ad:84:ec:1c:0b:ff:00:01:b7:90:0a:e8:2f:2f:d1:2e:0a:cf: d2:e5:69:b9:ba:0c:cb:8c:58:91:3f:e4:a2:fa:04:27:9e:68: 84:3d:12:f0:ba:07:3d:39:9c:1c:ce:39:d3:e5:ef:20:b7:d5: fa:cf:b7:c5:46:0f:a1:3c:fe:ea:59:a6:48:5d:75:73:28:a5: 7e:4c:45:c3 -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUeq2+CD/Amaf9pedo1H7bPB7v7+YwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUxMTAwMDAxMVoX DTI2MDgwOTIzNTk1OVowejFJMEcGA1UEBRNAZDhjZWE4MmJhOWE5MWVmOTFjNmY3 NWFmOTBiZDQxNjMzNGZiN2U5NzcwMWZkYjQ3OTU3NjY0ZmRhZGM3Y2Q0MDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2ex3EnYGjcN9XaXvfBmJeVaPb9F TDdu7vBbx8gxRDcxYZ+de3q6jDnpRPDhWpEGaCRVcMM68Rp+I/zvlMbIaYH/VK2H ZGajYNhfjdbv6Tb7hMMs/sazlkqCKh3lD5E6mp4neh78PNOixOHPLByJJctv25Gx AXGKxKR311SkZ4aRJM9GM0rATVdEk/+S7/ChSDAuzNfTDYnSR1XDlqFhrmoOJScU iKZCD5QGBo+I871N60PCNd3t0MTxuzqX7JvOVoi1EMHp4+YRrFwQq0x1xUg2i4OK GUL5J5GH17uRvWHmJMjwK0hUENeN1tkvtlnOrB5wTxArafPujaUHuY6jzQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFPsdwBZAINraRlmS6wsTE2/xB5dfMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzNlZWNjODVlLWM5ZjMtNDg5YS1iNTUwLWY3YTkwMGQ2MzkyNi5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAba8mAwDQYJKoZIhvcNAQELBQADggEBAHAjmNR5wc5nWcPuxcAR lc6nn9wdlKn9HABftaeHLeHeWmPTWvdKWE2EqJ76n9jMTWatF4Uz1JsKp2msHnhf 4zGzEEvKix7ZUI1x+EsLm+D7gsjrkS8LIERgVPFiy7iaH6sTnVzb13uuwUOk9vk1 raiYz4LYGDwG9bjPZfdAbCjKA7I7fxBrZzjnvDJY0UIZ53QRstQdCy6ynAQSMv9x qLjs7bxH+IJBQ1GgD94GIQCWKagH3K2E7BwL/wABt5AK6C8v0S4Kz9Llabm6DMuM WJE/5KL6BCeeaIQ9EvC6Bz05nBzOOdPl7yC31frPt8VGD6E8/upZpkhddXMopX5M RcM= -----END CERTIFICATE-----Generated at Wed May 13 01:26:52 2026 by rpki-client