$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/41e0909c-5b11-419b-8046-ee979b1850a3.roa File: 41e0909c-5b11-419b-8046-ee979b1850a3.roa (raw, json) Hash identifier: NZ5K8SYI3sa23ax7ch5QzvVN/yVu+m8SA5yQnLUJtJc= Subject key identifier: 84:9C:26:6B:37:71:90:39:0A:21:48:C5:44:4A:FF:7B:3E:67:B8:70 Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 12EDF354DFB453227D2A10FAB1A9450316145D44 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/41e0909c-5b11-419b-8046-ee979b1850a3.roa Signing time: Wed 06 May 2026 00:00:38 +0000 ROA not before: Wed 06 May 2026 00:00:38 +0000 ROA not after: Tue 04 Aug 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2406:da60:8800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 16 May 2026 00:20:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:ed:f3:54:df:b4:53:22:7d:2a:10:fa:b1:a9:45:03:16:14:5d:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 6 00:00:38 2026 GMT Not After : Aug 4 23:59:59 2026 GMT Subject: serialNumber=0740830c4cd6e6c51793111894b5d5dd211240e6a95127dc9761992308411414, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:2d:6d:e8:58:a8:b6:65:fb:8d:0e:26:45:93: 57:30:9b:fe:4e:5f:93:a9:a7:e0:f9:0c:b6:68:77: 30:85:64:96:a4:67:00:c9:8a:f6:5f:ca:ee:e1:05: 47:7c:89:8a:66:27:bd:1e:d6:11:f3:e8:2f:18:b9: 1e:3e:84:c0:13:fb:af:79:ad:d8:a7:2d:d6:78:a0: 09:04:f6:d9:c6:b4:d5:c7:9a:06:d1:4c:e3:0c:af: 91:f5:1d:12:e0:c7:dd:89:b2:7a:35:46:66:83:4a: ad:cf:ec:37:ab:15:00:5f:df:1f:bc:48:2a:08:79: 50:89:53:f9:1d:2c:20:44:b0:43:49:b2:4b:61:ff: 2b:fa:3e:d1:44:ef:ef:de:8e:ff:db:0b:f1:9f:ac: b4:58:82:f5:f2:3c:a6:ec:94:67:d8:30:9c:c7:15: 69:11:8e:da:b1:a0:87:a4:69:be:1b:c5:95:db:92: fb:0e:38:c5:dd:3f:94:be:f4:e6:6d:79:13:5d:52: 3a:67:55:83:bf:9a:eb:2d:cd:a6:bb:17:1f:31:40: bd:ba:8f:51:ea:e6:d8:42:12:ff:9a:5d:8b:0e:80: 12:f5:34:e9:b0:a3:8d:2d:a4:aa:cf:85:e5:83:2d: 5a:35:ae:ad:a3:56:44:2a:27:de:3e:1a:dc:9a:f8: b9:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:9C:26:6B:37:71:90:39:0A:21:48:C5:44:4A:FF:7B:3E:67:B8:70 X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/41e0909c-5b11-419b-8046-ee979b1850a3.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:da60:8800::/40 Signature Algorithm: sha256WithRSAEncryption ab:3b:0b:74:6e:9d:3a:40:02:d9:0a:39:07:c6:d8:f5:1f:8c: 66:3c:33:fe:30:0d:8b:7e:c2:c1:4b:92:08:cf:f6:cf:94:c8: 4b:18:8b:35:19:06:c5:c3:4f:55:27:1a:11:c4:e9:05:98:db: 8a:69:d7:15:ec:ff:73:2c:39:f4:83:e6:db:e8:22:ab:de:5e: 3d:c7:ec:5e:71:e4:58:12:22:88:fd:5b:f6:38:64:7d:04:13: cf:78:b9:7a:c0:84:f3:82:da:0e:f5:a0:96:ac:21:b4:b0:df: 98:3c:2b:47:f3:fd:7c:22:2b:3c:65:ba:9c:e4:80:f0:ba:75: 94:e8:38:16:ff:80:47:82:d1:44:e6:f0:65:9f:2e:b8:0e:08: ec:dc:49:2a:01:04:87:f3:6b:e7:58:6d:3f:94:c9:bb:85:5c: 83:fe:95:21:fd:63:89:c5:1b:52:5e:0a:d3:0e:1c:e1:ca:7d: 84:23:de:b9:2b:51:af:57:48:66:1b:60:ff:97:2a:66:0f:77: ee:25:c5:4d:7c:9c:56:60:1f:e8:eb:4d:a9:52:18:47:72:15: 11:22:00:52:8b:47:39:1e:96:ea:da:41:9e:95:a3:87:09:f8: 7f:e9:c2:61:2b:6a:e8:54:1c:93:94:af:25:15:71:89:5d:3b: 73:e6:62:1d -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgIUEu3zVN+0UyJ9KhD6salFAxYUXUQwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI2MDUwNjAwMDAzOFoX DTI2MDgwNDIzNTk1OVowejFJMEcGA1UEBRNAMDc0MDgzMGM0Y2Q2ZTZjNTE3OTMx MTE4OTRiNWQ1ZGQyMTEyNDBlNmE5NTEyN2RjOTc2MTk5MjMwODQxMTQxNDEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsy1t6FiotmX7jQ4mRZNXMJv+Tl+T qafg+Qy2aHcwhWSWpGcAyYr2X8ru4QVHfImKZie9HtYR8+gvGLkePoTAE/uvea3Y py3WeKAJBPbZxrTVx5oG0UzjDK+R9R0S4MfdibJ6NUZmg0qtz+w3qxUAX98fvEgq CHlQiVP5HSwgRLBDSbJLYf8r+j7RRO/v3o7/2wvxn6y0WIL18jym7JRn2DCcxxVp EY7asaCHpGm+G8WV25L7DjjF3T+UvvTmbXkTXVI6Z1WDv5rrLc2muxcfMUC9uo9R 6ubYQhL/ml2LDoAS9TTpsKONLaSqz4Xlgy1aNa6to1ZEKifePhrcmvi5UQIDAQAB o4ICSjCCAkYwHQYDVR0OBBYEFIScJms3cZA5CiFIxURK/3s+Z7hwMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx LzQxZTA5MDljLTViMTEtNDE5Yi04MDQ2LWVlOTc5YjE4NTBhMy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO BAIAAjAIAwYAJAbaYIgwDQYJKoZIhvcNAQELBQADggEBAKs7C3RunTpAAtkKOQfG 2PUfjGY8M/4wDYt+wsFLkgjP9s+UyEsYizUZBsXDT1UnGhHE6QWY24pp1xXs/3Ms OfSD5tvoIqveXj3H7F5x5FgSIoj9W/Y4ZH0EE894uXrAhPOC2g71oJasIbSw35g8 K0fz/XwiKzxlupzkgPC6dZToOBb/gEeC0UTm8GWfLrgOCOzcSSoBBIfza+dYbT+U ybuFXIP+lSH9Y4nFG1JeCtMOHOHKfYQj3rkrUa9XSGYbYP+XKmYPd+4lxU18nFZg H+jrTalSGEdyFREiAFKLRzkeluraQZ6Vo4cJ+H/pwmErauhUHJOUryUVcYldO3Pm Yh0= -----END CERTIFICATE-----Generated at Tue May 12 23:30:03 2026 by rpki-client